Report - cartevitale.assumalade.fr/

Report Overview

Submitted URL
cartevitale.assumalade.fr/
IP
45.131.187.253
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Submitted
2022-09-06 10:40:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
222

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.208.34.131
bam.eu01.nr-data.net	9782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	901 B	877 B	185.221.85.4
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cartevitale.assumalade.fr	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	875 kB	45.131.187.253
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance
2022-09-05	medium	cartevitale.assumalade.fr/	French Health Insurance

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/images/logo.svg	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/contact.svg	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_logo_ss.svg	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/ameli-menu/footer/rubrique_assure/2?rbd837	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/ameli-menu/menu_mobile/rubrique_assure/3?rbd837	Phishing
2022-09-06	medium	cartevitale.assumalade.fr/ameli-actualite/rubrique_assure/0/block_en_bref?1651679786	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed
2022-09-06	medium	assumalade.fr	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js	194 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen101 Hash ca6eaf923db0fada1640a12ac651540a 193f057ac7c33320ddb65fd992abca07e6034456 a11774aa67a87e1e30c2467f19ff83ec6c13bd815485b12a7ed5bba1038b7409 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:17:55 Times Seen37088265 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js	194 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen72 Hash 7b75151624cf8d1f022d58514ce61f22 27111aaa4d9fb6a23659d8efb3cbdad61c2b18aa 3f148ab86f4664aaec3ef32c3529cd4b9968957fd74856a79bab264e70d37f53 Loading...

	cartevitale.assumalade.fr/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12	961 B	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12 IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen74 Hash 779c599b746b19858bbb530581e2433f 5f9ef133d3d20060186d505ba63d1ede1e43fdc7 da61616ca4e51d55638c3c3ff0b94e77d27ad62d415f49fd84a3c5a9a17255c3 Loading...

	cartevitale.assumalade.fr/	67 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/ IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen52 Hash 76a19a88ada7830fe02a9cee511b78b9 f63c5faff3a19812b61dae28d3ae43ae4cf842d7 394d8990659fe0762643e03e06698dd5fd64e4274ff7135938ccdc50e9b8a5f8 Loading...

	cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js	108 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen59 Hash 45aae2bf019dcfda62eac50ef782e5a2 6910bc2bc1166af2993df34bd717dfd0abd6388e 04bafe11986495786a314879ae430c191f7c04bbccd74a849be51f36809fc687 Loading...

	cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js	64 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen20 Hash 51d670152f1d2de6bb845b3153d95c21 c7340f1ea520b6be0d578a51a5c056c58d995349 c9aaf20ce39ca94ff54fe27b14e84dca081fc9b0f82ac4c4d7b8d3319f526205 Loading...

	cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12	1.0 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12 IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen77 Hash 6743f65284c1c03273872c2965940bda d6a603c3c5438606eaba9f2ac5fdee84c7f87874 31317a75136cf0812fcc98ada50fa0785accb01bcf9bddefd203e5dac3be15a9 Loading...

	cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837	3.0 kB	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837 IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen72 Hash 6ba690f7539b32933372078c5e4d1725 e0562f4c73aad39ef034b113794d040025b7a50f 56878a1f7cbacbdc705a420d5267be305c056df280650916168b37695db90a62 Loading...

	cartevitale.assumalade.fr/	413 B	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/ IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen55 Hash 5de747dc080cfb3f9ba70704254d593e fdf12e3729e639b7609d8ba26e8dd2706873697f e03a0db99d78a252d489f9e7cab6c52a23624498bcae455a7909393c00b331f9 Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken IP 185.221.85.4 ASN #206998 New Relic International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	cartevitale.assumalade.fr/	300 B	2023-03-07	2024-01-26
Pretty URL cartevitale.assumalade.fr/ IP 45.131.187.253 ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen52 Hash 6822400e5dd29f66e28ce88cba97f8f6 138e63ea9d948875df682f83409d14a92279b994 2ae256335f8fd4ded9a62200f233086d785ff443e626f657cb9c69bd370e3fdd Loading...

HTTP Transactions (64)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 10:04:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FDRuiKkcGz5kMA-EwTNZNGJZq658DeY7mms_GTJhow6EbX1Z9z8fyQ==
Age: 2189

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T52GUcQn_yJ6W2SRiUYPJe_6CrIXpnp8Terx4kdvtr_EeuJRss_ewQ==
age: 33929
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Tue, 06 Sep 2022 11:47:12 GMT
Date: Tue, 06 Sep 2022 10:40:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
15bc4af9e6da2180db7a7d3f66fa7734
a85532d6e4d58952b2f3ff104b07895ee5bff88b
2586579648fdfcf9c8f3d81fe181548f748e5280c593af543171c91421597ffc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2586579648FDFCF9C8F3D81FE181548F748E5280C593AF543171C91421597FFC"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Tue, 06 Sep 2022 14:00:40 GMT
Date: Tue, 06 Sep 2022 10:40:46 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:40:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12

45.131.187.253

200 OK

440 B

URL HTTP/2
cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
ASCII text, with very long lines (661)
Size
440 B (440 bytes)
Hash
95ec5b5ce9cd27cbbff5dcffba0933fa
cb8437b504f4f94626bbce6973eab0bc34e1f6a1
7864fbd29749e47da978ce17fdb878790c6f1f03ca5885f8a74e1ad397ea8f3c

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
content-length: 440
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "3f7-5e7b0a48ca1c9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/logo.svg

45.131.187.253

200 OK

23 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/logo.svg
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (22990), with no line terminators
Size
23 kB (22990 bytes)
Hash
309614868fce75b09d16465178bcb950
c206e69f3a7c3353d33dbc2a64ed2340b9648b7b
6fc88d127374d7fafc14c486675681cefacce89b7961fc1558b104368ad32db2

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/logo.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 22990
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-59ce"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12

45.131.187.253

200 OK

425 B

URL HTTP/2
cartevitale.assumalade.fr/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
ASCII text, with very long lines (824)
Size
425 B (425 bytes)
Hash
bf86a3be803e5abd427f81f13ad59ffd
aa5d82402f4cb9e26137ef3976a8dfacc923ac40
08059f351f1370e0af1a2ca813e8fcc375a30d7c362434d165ddaef35df51e0c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
content-length: 425
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "3c1-5e7b0a48c9229-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_1.png

45.131.187.253

200 OK

723 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_1.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
723 B (723 bytes)
Hash
1c3a691059e846736caef3d17a360519
453511e36db678b3a77124af4f697d82987393b1
97409f23aff1c1428275dff14a547f64c18b64ebb3cc3fbe0cf36f3117886d3e

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_1.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 723
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2d3-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/mon-espace-sante.png

45.131.187.253

200 OK

608 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/mon-espace-sante.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
608 B (608 bytes)
Hash
8d39dfb4bdca7b65637fd3c860eda365
8a9f35c911a1d622d4dff40e90de7b7033fcf884
1d3d56b79295a4880f83fd3d2910d45a3b61e8090d1b55a4b8592f5b5531255b

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/telecommande/mon-espace-sante.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 608
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "260-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/contact.svg

45.131.187.253

200 OK

12 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/contact.svg
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
12 kB (12545 bytes)
Hash
85598c2d6e7ae18de80069db917d18a9
58aaf961633d0089cfd6ee5685865d303ae5dfd1
3c9b952c5f3f5fa966d9af774dc504462a198f4b75a4f9168100b08a22f1d8f6

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/telecommande/contact.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 12545
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-3101"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_3.png

45.131.187.253

200 OK

448 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_3.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
448 B (448 bytes)
Hash
858fe6e525a47c18c8dfd7f39e2a0ae5
fe34b1daa7f2c554cd3c08769acf674c945fe4d5
f134ef5eac4e75c5b04232a908e5820a7af17ccdf3336c730f3dbe6dc732620e

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_3.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 448
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "1c0-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_5.png

45.131.187.253

200 OK

722 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_5.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
722 B (722 bytes)
Hash
219b6f9332d4271f3baa57f1518b9e88
2e9d66c614b05fe9459c263919ad7dce256eb1c5
08807b6dbb61fc5e066ca4f8e7a88c0932dc34d2cd12b0517c89f9ff33a9aec2

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_5.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 722
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2d2-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_6.png

45.131.187.253

200 OK

706 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_6.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
706 B (706 bytes)
Hash
1802b81060e10dfbf321bf26cc5d0d25
39f7b1ceeffdae901e2cc2d8ca66404306bb30f5
1fa419dac7b93b687d68c8304e846dbed9fe6bd91f25597a117fbab2d30e0cdb

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_6.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 706
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2c2-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sante-recosante.png

45.131.187.253

200 OK

11 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sante-recosante.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 439 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11203 bytes)
Hash
bcb257b6a124eb053c1cb1546b019cb5
26797075a23d425da3bc2a4a87c627c69ee910e6
020689c940f494cf0d063de0a04404b4b44d8d49194b650e93894679448748f4

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-sante-recosante.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 11203
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-2bc3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/franceRecosante.png

45.131.187.253

200 OK

33 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/franceRecosante.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 242 x 208, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32985 bytes)
Hash
63baa27fac9bd0ab121f4cc106f31747
b52907607a917838a85f49a44cbd94c1af70187d
d7bccd64dd7979627192319d9d2cfa7db03066ee99fb8752d0c2a7d0239fb096

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/franceRecosante.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 32985
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-80d9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire.png

45.131.187.253

200 OK

2.8 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 41 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2761 bytes)
Hash
303904aaf853a1aea4f1c257a83b2b5f
f5d05f8e5fa1c9a775b204d4c9dfc0e8e7d89457
33df36ed55cbd63831d64a18083dd1297a821cba56c7d8b8aa22d064f47e34c7

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-annuaire.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 2761
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-ac9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sophia.png

45.131.187.253

200 OK

3.0 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sophia.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 60 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3023 bytes)
Hash
34c813ea8f458b7c4c3ef50529594c5c
16e28bb48015d359c506da759a06f344d968b293
4a8b8fdcde9cf27edd4f70795a3b1c3ced8e56950c24b74b84a416df693c8a1d

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-sophia.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 3023
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-bcf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire-image.png

45.131.187.253

200 OK

3.5 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire-image.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 58 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3499 bytes)
Hash
175282c10a79d665d68a5c3d09d99ed2
6f216cf0c8aac7c38a759b79dd248763432a6ad8
b9d5de52ff68278b6f0a13eb99bfdd4af84c9e2995ddb2a8504a1a4daba659bb

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-annuaire-image.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 3499
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-dab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg

45.131.187.253

200 OK

26 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (26035)
Size
26 kB (26246 bytes)
Hash
381e33091e0774d59064b3b0cfd446a3
db6869462f5c72f11cfd427d01d72f11916e3478
97ae2ef28651fc17a197830e8bc6918bc9add749b2000d30ef4b5ebb21760d63

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 26246
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-6686"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_lien_forum.png

45.131.187.253

200 OK

1.1 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_lien_forum.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 55 x 55, 8-bit gray+alpha, non-interlaced\012- data
Size
1.1 kB (1131 bytes)
Hash
9a524b412d0f399fa5575377765244a4
9973d9120adda8bfd264651914392a2270dec7ac
b70014ea02c995d069754f1263f2e362d8dc77788692090ded32afabdfe2fb9c

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/footer/footer_lien_forum.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 1131
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-46b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_logo_ss.svg

45.131.187.253

200 OK

402 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_logo_ss.svg
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8572)
Size
402 kB (402368 bytes)
Hash
f259af7e9e79d8aa7a8d8d188e1fd21f
c46455fbaee37802c25f5ccb0a205ce173cb8f8d
d1ead117c96b507d90c32b2f7b83a88ae9140d65be6cf0d5be14715dcb30447a

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/footer/footer_logo_ss.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 402368
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-623c0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css

45.131.187.253

200 OK

298 B

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
ASCII text, with very long lines (547), with no line terminators
Size
298 B (298 bytes)
Hash
841c80d9487a9ad068d33f29cd5519ca
17610d8b311556378a31d6b636672c86b3388cde
8d6e329ee15f2c2943e3f6959b18843a06adabdc5084e7a4b26663042b294e49

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: text/css
content-length: 298
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "223-5e7b0a48d8c2e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 10:38:18 GMT
Expires: Tue, 06 Sep 2022 11:34:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o-qBv1C0d3EpnUxbS3-0KliTqrS0DIzNjOc1tCXos2tD_seGkqmqUA==
Age: 149

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 10:40:47 GMT
Last-Modified: Tue, 06 Sep 2022 09:29:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

cartevitale.assumalade.fr/themes/custom/ameli/images/uk.png

45.131.187.253

200 OK

275 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/uk.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 32 x 16, 8-bit colormap, non-interlaced\012- data
Size
275 B (275 bytes)
Hash
84b72a42524b5670390adf73aaa074f5
c04077b4389a764b467860134d2e99410d0052d6
218f95b4c48d6cad016a6bf8e94101bab9651670f623997b0ee1bfdacec4d44b

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/uk.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 275
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "113-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff

45.131.187.253

200 OK

70 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format, TrueType, length 69880, version 1.0\012- data
Size
70 kB (69880 bytes)
Hash
023db09b1888a089c4729f183feb6e72
bc7017dfe5f08ae0a3456cdf5a17f0807263543a
6353b6bc05de7c03bbc2fd25408a160053748a5ad079ab2eae0239eb4ff9c97f

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 69880
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-110f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr=

45.131.187.253

200 OK

9.2 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr=
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ameli-icons\012- data
Size
9.2 kB (9208 bytes)
Hash
37f90c0863044fb103eb8950fb6a3b5e
442f72e0dcb0dbe91341458a84c4e3ca0a1ce459
fbd106268bd42f8ca5168e74367312baa18f4a3a38176d3c75e13fe20d9513b8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr= HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/ttf
content-length: 9208
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-23f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff

45.131.187.253

200 OK

31 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format, TrueType, length 30716, version 1.0\012- data
Size
31 kB (30716 bytes)
Hash
7c8f834f4e70cb19b33082147bbf5088
3634a4709a8fe3968c972c879b0ad514218ae572
6c9c446322395751b8962ba1c108c2d828893c614dc99a9da85c264816ca188a

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 30716
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-77fc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff

45.131.187.253

200 OK

31 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format, TrueType, length 31396, version 1.0\012- data
Size
31 kB (31396 bytes)
Hash
912a578723e2b64ab98fba9662707550
dca6ae60c99a61a96f69a6fe170b6dc9f92690af
20449902bed689ac02f6efc038b1862c05ecc260843e89551c5389bd1af24081

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 31396
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-7aa4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff

45.131.187.253

200 OK

25 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format, TrueType, length 25072, version 1.0\012- data
Size
25 kB (25072 bytes)
Hash
25fb08ceaba4191aed4e2555219c4810
e74dd870dc4262c1980bfd57a84935069d08f15f
d84d71e171c2c269ad160798c6301daf2009bf17783d700490973f85854f9b55

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 25072
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-61f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff

45.131.187.253

200 OK

32 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format, TrueType, length 31660, version 1.0\012- data
Size
32 kB (31660 bytes)
Hash
222fff8003f2f7599d3bb745469b06a3
1b0c8c388774dc427c9add86aa9e14ff87bdb7b4
03882a72d20985f3f8e84918f1a2b594e528e380903f952a2c06487f569d26ff

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 31660
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-7bac"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/images/icone-alert-white.png

45.131.187.253

200 OK

25 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/images/icone-alert-white.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format, TrueType, length 24808, version 1.0\012- data
Size
25 kB (24808 bytes)
Hash
8b18d65d6824460ad37616723e493bcd
da4032f9e0a9753489a58f81bf02930ed6952e04
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/images/icone-alert-white.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 712
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2c8-5e7b0a48ee3f6"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2

45.131.187.253

200 OK

10 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format (Version 2), TrueType, length 10328, version 1.6554\012- data
Size
10 kB (10328 bytes)
Hash
d8411d8bb1d6060de4fee4f3a20973cc
bda09aa58d916d532c9981c6e1c32215ab027742
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff2
content-length: 10328
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-2858"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2

45.131.187.253

200 OK

10 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format (Version 2), TrueType, length 10352, version 1.6554\012- data
Size
10 kB (10352 bytes)
Hash
4124088fdd8c315a6d096b65b6cbf428
0477e48f455cbfe729f90389d3fd8aaca6cc483b
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff2
content-length: 10352
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-2870"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js

45.131.187.253

200 OK

40 kB

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Unicode text, UTF-8 text, with very long lines (13594)
Size
40 kB (39858 bytes)
Hash
041082910aaa3e147d0ba36efda6de0d
fd21d1e9acaa8b1d268469f5cb6740155d1073c7
5a122a70b5db00d393ee47d5c5a4106710c1a325f27241e2760d7f2d14123483

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-1ce6c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/thumbnails/image/twitter_logo_white.png

45.131.187.253

200 OK

5.3 kB

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/thumbnails/image/twitter_logo_white.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5326 bytes)
Hash
cedcf74f0fea3299f59bb3c11ee5f303
1626dca6211236041dec59796f05042167c44f55
058a2aaae51543f61ebaa8bb12b0172982ec7b17217f58394588ac105e4083f5

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/thumbnails/image/twitter_logo_white.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/png
content-length: 5326
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-14ce"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png

45.131.187.253

200 OK

2.3 kB

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2322 bytes)
Hash
b8b6d31c81619407a95fd7b2c045b0a0
d2ab18854e0fa55fc30800af0bea5cae42255336
ab2d2a264e10dadd27653a6f41c87759af2c9064c110b467693f55e655f90e42

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/png
content-length: 2322
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-912"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/thumbnails/image/fb-f-logo_white_50.png

45.131.187.253

200 OK

1.3 kB

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/thumbnails/image/fb-f-logo_white_50.png
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1317 bytes)
Hash
ea167e1b8f3edba0206fe07e5a0e89a3
13d7c4dbc043f22fc7a178dae111192a59c3ff7e
504b4de8f04d4c0c0c52a1fa8f1a745cf955fc4eda7fbf3cf28750675845ede6

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/thumbnails/image/fb-f-logo_white_50.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/png
content-length: 1317
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-525"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2

45.131.187.253

200 OK

28 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
Web Open Font Format (Version 2), TrueType, length 28188, version 3.0\012- data
Size
28 kB (28188 bytes)
Hash
f5dd1b6aee7e582132f0707d6a392697
92ca02ed47b0e9296b0b36094926ac6d2ef8761f
35fa96ecaf1dec9b60fa590e153e173f3cc060e04c7108612f54ac46251cb935

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: font/woff2
content-length: 28188
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-6e1c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/favicon.ico

45.131.187.253

200 OK

4.3 kB

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/favicon.ico
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
64939ecaeec8810b850c53dfcc7a121c
197f072d1459ee0f93604536ed61afaf22a758bc
9eb7011b23171aec853d7ea040a50c61cde14fff5763b899ba937fea956626ff

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/favicon.ico HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/vnd.microsoft.icon
content-length: 4286
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-10be"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.208.34.131

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.34.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NxwkdmeDQRYDwHiP9Ah8Ng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9AO2LoDQX0mCpT0RXr8BDdkP1fU=

cartevitale.assumalade.fr/ameli-menu/menu/rubrique_assure/3?rbd837

45.131.187.253

404 Not Found

15 kB

URL HTTP/2
cartevitale.assumalade.fr/ameli-menu/menu/rubrique_assure/3?rbd837
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
15 kB (14581 bytes)
Hash
8809101f01bee40718295a6c8c7dc393
448ffa3057e5388eb6df438ce45c5a3d90c23f73
d15a65d6622ae3059cc2da477b718229b59880c153b02012de8136e851d7c83e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ameli-menu/menu/rubrique_assure/3?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken

185.221.85.4

200 OK

72 B

URL HTTP/1.1
bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken
IP
185.221.85.4:0
ASN
#206998 New Relic International Limited

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 10:40:49 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 746696b24864993c-ARN
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BL6uJ0xNgQPopInCPvh58yhckh4s45YuDJ0cpQuZsCNWYcckQoRp5%2FAk1G9r0nO86qT4G3skCbUAbeV01Yo6%2B1pIvheMGiyIzDpF%2BTfZyMIr6D3uppGiRuDMAwS%2BGiEKwuX%2Bory"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 10:40:49 GMT
Connection: keep-alive

cartevitale.assumalade.fr/libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509

45.131.187.253

404 Not Found

693 B

URL HTTP/2
cartevitale.assumalade.fr/libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
693 B (693 bytes)
Hash
dcc22dc18ca83867b83f11bb65dcc770
6300d3d83570c7956d9efb93e27696852be3f87f
6563d23f439dc157c997139334ee023214dbcd857ba7e17a35c6c27ff490bf5a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 10:40:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 10:40:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11003 bytes)
Hash
8a5ed2a9c430f2f02da773c400d096e0
618252c5082ccfeeb8bc92aecba4485c48ac4206
948158a29f15f5f5ab45f541b665269d43bfc1e3b444ee4ecb9ba715d5b616d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11003
x-amzn-requestid: 29b9c3bc-4b10-44ed-9bc0-111a672c1d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqpJpGjxoAMFzSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630dbbd7-1547b64d2fc3052e510f6218;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:27:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EXc9RRYhl4EmZGyr2V-YVVoNRU4VC-K1lQcsEzY_PdnYl8qNg3vEAw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 09:36:47 GMT
age: 3842
etag: "618252c5082ccfeeb8bc92aecba4485c48ac4206"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12683 bytes)
Hash
ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 21837
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8134 bytes)
Hash
5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 10764
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7855 bytes)
Hash
8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
age: 44578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10694 bytes)
Hash
19b452d6541a6028e7d3f90529477077
1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:23 GMT
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
content-type: image/jpeg
age: 45506
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9300 bytes)
Hash
0d404793e430ea237e75be9cb1e2bce4
059b34d1809abedd223f7beec75e7831673878be
f180b1cdeb9a794ba3211348673783508d021aeaed419d782374be1a92a4c8dc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9300
x-amzn-requestid: dc833608-6b16-4baa-af21-d3885043556c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWshHVxIAMFlGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1710086818614ab247bcaf58;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sPkksSz3FIV3WcWpoY8E8UYKmUTE8LJ2lr5WO2JVNCGIuAvpPwYMYg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:01:20 GMT
age: 45569
etag: "059b34d1809abedd223f7beec75e7831673878be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-78a33"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-2f53f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: text/html
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-2d68f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-2f50f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /themes/custom/ameli/js/menuce6f.js?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-ba5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-f8b1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js

45.131.187.253

200 OK

0 B

URL HTTP/2
cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /libraries/tarteaucitron/tarteaucitrona4f0.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-1a586"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/ameli-menu/footer/rubrique_assure/2?rbd837

45.131.187.253

404 Not Found

0 B

URL HTTP/2
cartevitale.assumalade.fr/ameli-menu/footer/rubrique_assure/2?rbd837
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ameli-menu/footer/rubrique_assure/2?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/ameli-menu/menu_mobile/rubrique_assure/3?rbd837

45.131.187.253

404 Not Found

0 B

URL HTTP/2
cartevitale.assumalade.fr/ameli-menu/menu_mobile/rubrique_assure/3?rbd837
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ameli-menu/menu_mobile/rubrique_assure/3?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

cartevitale.assumalade.fr/ameli-actualite/rubrique_assure/0/block_en_bref?1651679786

45.131.187.253

404 Not Found

0 B

URL HTTP/2
cartevitale.assumalade.fr/ameli-actualite/rubrique_assure/0/block_en_bref?1651679786
IP
45.131.187.253:0
ASN
#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /ameli-actualite/rubrique_assure/0/block_en_bref?1651679786 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP