Report - ci.ci/MqUb

Report Overview

Submitted URL
ci.ci/MqUb
IP
34.197.22.43
ASN
#14618 AMAZON-AES
Submitted
2024-03-28 16:11:32
Access
public
Website Title
Mail orange
Final URL
mail-orang2004.hubside.fr/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ci.ci	unknown	2016-08-16	2015-11-14	2023-11-18	464 B	324 B	34.197.22.43
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-03-28	430 B	70 kB	142.250.74.168
mail-orang2004.hubside.fr	unknown	unknown	No data	No data	7.5 kB	8.1 MB	35.189.241.124
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-28	4.5 kB	328 kB	142.250.74.3
cdn.hubside.com	unknown	2014-05-28	2022-07-18	2024-03-18	615 B	3.2 kB	104.18.29.32
o913452.ingest.sentry.io	unknown	2012-04-07	2022-06-01	2024-03-18	642 B	520 B	34.120.195.249
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-28	479 B	14 kB	142.250.74.138
app.ci.ci	unknown	2016-08-16	2023-02-09	2023-11-18	470 B	354 kB	34.197.22.43

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	ci.ci/MqUb	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange
2024-03-28	medium	mail-orang2004.hubside.fr/	Orange

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	mail-orang2004.hubside.fr/_next/static/chunks/pages/_app-0286396ee8b45b79.js	5.5 MB	2024-03-22	2024-04-02
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/pages/_app-0286396ee8b45b79.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 19:17:40 Last Seen2024-04-02 06:43:41 Times Seen10 Hash a783862ab4918d5306d5273cb2921a43 dcd3942089440694defcebbf5bd1f872a61857f3 b1e59ae79c2695ab84f876e93d87c3e4cbf2945cfe33e9fc4397b48f8ec71e22 Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/864-3bdeba325a3f1ed4.js	17 kB	2023-03-13	2024-04-25
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/864-3bdeba325a3f1ed4.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:46:45 Last Seen2024-04-25 08:07:56 Times Seen135 Hash a1a22af9923feec5086fa50131b7c0ea aa317a561481e09fafcc92cffaf4a23e711c0cb1 167950ff72a0bb580b0a6a1a0179fbbfbbad56c2c852770fb236661275470cfe Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/642-dbfbb044662c9e10.js	946 kB	2024-03-22	2024-04-25
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/642-dbfbb044662c9e10.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 19:17:41 Last Seen2024-04-25 08:07:57 Times Seen44 Hash fd974137e2f66828b631af1af5ca8249 cb16f4be72417930837876d7bb2094e770388c55 8a288b511b49974591b8de9c40091d48f8ea090bd285480f6768a264a94593f8 Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/pages/index-d624ffc5a5b0f033.js	471 B	2024-01-10	2024-04-25
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/pages/index-d624ffc5a5b0f033.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-10 06:37:18 Last Seen2024-04-25 08:07:56 Times Seen69 Hash 759c5897fce277e6e6d946e8fb1b30cb 72fb30c2560481f05e5dda7899440db07fe9dcd9 e8aa714ab136187868e36bd4545db1df3211cb820ef85ce1f60f4fab99097582 Loading...

	mail-orang2004.hubside.fr/	580 B	2023-12-15	2024-04-25
Pretty URL mail-orang2004.hubside.fr/ IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-15 15:40:08 Last Seen2024-04-25 17:57:09 Times Seen74 Hash e67552d082d337992f9864c5c03d01a2 ce4d491da543e09d9212e205a5578cf71fece76a f4eb0c624748e836444d1c96cdf2569f73b2d05db3588f8b40744762ed585551 Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/82c1ac34-ec18fc853eb9ae03.js	216 kB	2023-03-13	2024-04-25
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/82c1ac34-ec18fc853eb9ae03.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:46:46 Last Seen2024-04-25 08:07:57 Times Seen139 Hash 14a07077698b70741b8358bdef534a99 446000485d06d8997faa93cd97e81c10cd833354 2f0ab2a8fb3c78da1ad0c429425f186a13858d51c24eec54ea4e15e7977b7435 Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/webpack-d48ff1ec19ca11e4.js	6.2 kB	2024-03-22	2024-04-02
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/webpack-d48ff1ec19ca11e4.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 19:17:40 Last Seen2024-04-02 06:43:41 Times Seen10 Hash 5989b1227d9b9a5130b7d77ab61e9f8f c067f8f3be8a450f29c77bb6223bc73bdd9f1e93 d8a2b3596d790fbebe515432fb51f77d2cecbaaf486ba6cb1f2d52ce369f8795 Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/framework-94d76cce0af99ba2.js	130 kB	2023-03-13	2024-04-25
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/framework-94d76cce0af99ba2.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:46:45 Last Seen2024-04-25 17:57:09 Times Seen154 Hash ab9e3a00b5f450f9a7ac14cdd550d1da dd4388975e2532ac4557ea4504542ce62840e629 128fe80ae9e3021e37ca0ffda6da43baf8dc0b1a0deae5e59da4e177750181f6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MNRN7F7	194 kB	2024-03-28	2024-03-28
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MNRN7F7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 17:11:40 Last Seen2024-03-28 17:11:40 Times Seen2 Hash b17dd998dd687aa76b501fdab8052d1f 1b9c642e577dce3c732cfd01a8da37db01714350 778fc09cd3fed854c61df4de14910699cfdce4d5c391e52f4a3b07252000980c Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/482-738ca6a25e61abbe.js	16 kB	2023-12-21	2024-04-02
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/482-738ca6a25e61abbe.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-21 16:28:09 Last Seen2024-04-02 06:43:41 Times Seen94 Hash 3f742626153b11522fc225f5ea0e3d83 84b3b1f0b722c2b91f3f5e4a52218496de150043 b4e71e132fe1f332f6177a419a37ea38ea02e8ff2399d0589fac563c116d7e8d Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/653-9877636a81f47aae.js	971 kB	2024-03-22	2024-04-02
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/653-9877636a81f47aae.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 19:17:40 Last Seen2024-04-02 06:43:41 Times Seen15 Hash 2e9aea9e60910b053120fd3e05429119 0c4c8d21b1ecc830a49013181b1c449689c446e3 deb3adb2ace6f308d1aae699670b2643f5399bd18d15fddb0bdd1498a3c95fb4 Loading...

	mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_buildManifest.js	995 B	2024-03-22	2024-04-02
Pretty URL mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_buildManifest.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 19:17:41 Last Seen2024-04-02 06:43:41 Times Seen10 Hash fc10da80c0ef7d9c5cff2fdc106c5851 a3f3bb63662126fc9e95942edccdca836e7799e2 23f62f891c6db3b983c8765192b29afa94b82477299b45290547ed2542b49484 Loading...

	mail-orang2004.hubside.fr/	356 B	2023-12-15	2024-04-25
Pretty URL mail-orang2004.hubside.fr/ IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-15 15:40:09 Last Seen2024-04-25 17:57:09 Times Seen74 Hash b0ae6a801234161ce0fffff61c690c25 a8d98c8ee300cc867ac5e0e2a7765b1cb0fae0f7 9016690ad73d1035409addbe6ac1191ff5ceeced98e330ee00d8db659f7a25a8 Loading...

	mail-orang2004.hubside.fr/_next/static/chunks/main-e27d0bd580792084.js	108 kB	2023-03-13	2024-04-25
Pretty URL mail-orang2004.hubside.fr/_next/static/chunks/main-e27d0bd580792084.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:46:46 Last Seen2024-04-25 17:57:09 Times Seen146 Hash 5d43a984e1e6d34e5ea314ade8e04a02 15ae24709190e113dfd750dc580694e7b42343e2 68886a3eb247af575836b73f934451ee08d158ff747fa86bb86f72d4a01ad8f2 Loading...

	mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_ssgManifest.js	77 B	2023-03-07	2024-04-27
Pretty URL mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_ssgManifest.js IP 35.189.241.124 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-27 17:46:29 Times Seen85420 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

		Size	First Seen	Last Seen
	#1 Eval - e8961527ee3fe5343e2557b2d07fa466	25 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:27:45 Last Seen2024-04-25 17:57:09 Times Seen1343 Hash e8961527ee3fe5343e2557b2d07fa466 77949bb9e9f198b29a96a7443536a04cabe969cd 78c8bdc18839c26595506bc6df8831aa6cfc44eff13f25786502329ad5088af3 Loading...

	#2 Eval - 413b7dc1caac04ab95e8a1b230b9b3ad	25 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-04-27 15:50:10 Times Seen5519 Hash 413b7dc1caac04ab95e8a1b230b9b3ad 2657fe2eb543ebc0b54eaa7d3aba3a75fb638630 b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878 Loading...

HTTP Transactions (30)

URL IP Response Size

ci.ci/MqUb

34.197.22.43

301 Moved Permanently

0 B

URL User Request GET HTTP/2
ci.ci/MqUb
IP
34.197.22.43:443
ASN
#14618 AMAZON-AES

Certificate
IssuerLet's Encrypt
Subjectci.ci
FingerprintDB:DE:8A:01:00:17:EB:94:21:81:86:30:B1:1C:6E:12:F3:8D:B9:B7
ValiditySun, 04 Feb 2024 13:02:27 GMT - Sat, 04 May 2024 13:02:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /MqUb HTTP/1.1
Host: ci.ci
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 28 Mar 2024 16:11:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
location: https://app.ci.ci/MqUb
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-MNRN7F7

142.250.74.168

200 OK

70 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MNRN7F7
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT

File type
JavaScript source, ASCII text, with very long lines (2940)
Size
70 kB (69584 bytes)
Hash
b17dd998dd687aa76b501fdab8052d1f
1b9c642e577dce3c732cfd01a8da37db01714350
778fc09cd3fed854c61df4de14910699cfdce4d5c391e52f4a3b07252000980c

HTTP Headers

GET /gtm.js?id=GTM-MNRN7F7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 16:11:05 GMT
expires: Thu, 28 Mar 2024 16:11:05 GMT
cache-control: private, max-age=900
last-modified: Thu, 28 Mar 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/css/96ac5433674958c0.css

35.189.241.124

200 OK

38 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/css/96ac5433674958c0.css
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
gzip compressed data, from Unix
Size
38 kB (37966 bytes)
Hash
175e90d3fa6d039aa24c0a6dcd99a31f
d94c086f2cbe7c39dbf527301e05bfc319d27b54
4354e79bfcb194f6167a89e20e6771eda4f0b03c7bfdcf93d5765b19a85e8160

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/css/96ac5433674958c0.css HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"4679b-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/82c1ac34-ec18fc853eb9ae03.js

35.189.241.124

200 OK

79 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/82c1ac34-ec18fc853eb9ae03.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
gzip compressed data, from Unix
Size
79 kB (79178 bytes)
Hash
c16d3f78c99227612602ef912eeaf36a
34fb165e7a3ac3a84817f95eee570e48f300d32e
2ae63eaab1eb1f34fc10c088ad8d753a800e91368e40af977d72f4ba951ad16f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/82c1ac34-ec18fc853eb9ae03.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"349e8-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

142.250.74.3

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11028, version 1.0
Size
11 kB (11028 bytes)
Hash
1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:31:57 GMT
expires: Fri, 28 Mar 2025 02:31:57 GMT
cache-control: public, max-age=31536000
age: 49148
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

142.250.74.3

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33148, version 1.0
Size
33 kB (33148 bytes)
Hash
e88b1871ed8eef59b7df05a91a6f2157
feebf868e5bc28362677fd6e92ac3d41c5c9715e
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:32:53 GMT
expires: Fri, 28 Mar 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 49092
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

142.250.74.3

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32796, version 1.0
Size
33 kB (32796 bytes)
Hash
b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:45:18 GMT
expires: Fri, 28 Mar 2025 02:45:18 GMT
cache-control: public, max-age=31536000
age: 48347
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/main-e27d0bd580792084.js

35.189.241.124

200 OK

31 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/main-e27d0bd580792084.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
gzip compressed data, from Unix
Size
31 kB (31409 bytes)
Hash
51214c7d342111125f42ec6a18c1467d
95b7e327c817737a749ecee0f77cc56fb76be08c
7615ff7c19b6ba14a902ae3470b64ef148ed64ec5b0eb387c13a627a57434d3f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/main-e27d0bd580792084.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"1a590-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/653-9877636a81f47aae.js

35.189.241.124

200 OK

219 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/653-9877636a81f47aae.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
gzip compressed data, from Unix
Size
219 kB (218860 bytes)
Hash
57d71c99572390ff5759bf30178fc499
f9ce1bf6eb72ba98ccad59a92ad96ab2aa1f8cde
2e46a526ffd88c99dfcaafb3dc4934d42b46a4891331950dbdbe3ce67c45f909

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/653-9877636a81f47aae.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"ed0ad-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

142.250.74.3

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33148, version 1.0
Size
33 kB (33148 bytes)
Hash
e88b1871ed8eef59b7df05a91a6f2157
feebf868e5bc28362677fd6e92ac3d41c5c9715e
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:32:53 GMT
expires: Fri, 28 Mar 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 49093
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

142.250.74.3

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33148, version 1.0
Size
33 kB (33148 bytes)
Hash
e88b1871ed8eef59b7df05a91a6f2157
feebf868e5bc28362677fd6e92ac3d41c5c9715e
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:32:53 GMT
expires: Fri, 28 Mar 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 49093
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

142.250.74.3

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33148, version 1.0
Size
33 kB (33148 bytes)
Hash
e88b1871ed8eef59b7df05a91a6f2157
feebf868e5bc28362677fd6e92ac3d41c5c9715e
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:32:53 GMT
expires: Fri, 28 Mar 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 49093
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

142.250.74.3

200 OK

129 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128616, version 1.0
Size
129 kB (128616 bytes)
Hash
a4160421d2605545f69a4cd6cd642902
aaae93b146d97737fabe87a6bc741113e6899ad3
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

HTTP Headers

GET /s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Mar 2024 02:48:36 GMT
expires: Sat, 22 Mar 2025 02:48:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:09 GMT
content-type: font/woff2
age: 566550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQUwaEQbjA&skey=62c1cbfccc78b4b2&v=v40

142.250.74.3

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQUwaEQbjA&skey=62c1cbfccc78b4b2&v=v40
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format, TrueType, length 16776, version 1.1
Size
17 kB (16776 bytes)
Hash
4391747bb97f694d6786a3334d84ec8e
241dc314fcb32627c14415c35bb9cbbe70fcf2b2
fd3a4a1f6912e8a8b270efba5f1765e581b8b3d2b90a24a7cdaaa453ebfa19fe

HTTP Headers

GET /l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQUwaEQbjA&skey=62c1cbfccc78b4b2&v=v40 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
content-length: 16776
content-disposition: attachment; filename="font.woff"; filename*=UTF-8''font.woff
cross-origin-resource-policy: cross-origin
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Mar 2024 02:42:49 GMT
expires: Thu, 28 Mar 2024 02:42:49 GMT
cache-control: private, max-age=86400
age: 48497
last-modified: Thu, 14 Dec 2023 21:36:22 GMT
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_ssgManifest.js

35.189.241.124

200 OK

1.2 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_ssgManifest.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
gzip compressed data, from Unix
Size
1.2 kB (1177 bytes)
Hash
2986b19849eece353f48d7e8aeaa9500
ff13798c23b5997197a1b1d28929fad5cf542433
beef8108eb93c6eaae6d17b449fc09a7eaab32aeacd0b625b67dd21328ec36ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/ok_Rf1JDhoFD2zQwmicdS/_ssgManifest.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"4d-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

cdn.hubside.com/media-s/Isky3aA2fty4vvo66jeS94eMCNBFrv_h/0x0:250x250/0x0:0x0/filters:fill(transparent):orient(360)/85fa3a05-2bb1-4674-aea7-107ddf950a92%2Fmedia%2F2%2F1%2Fc%2F21c0bae5-6bb4-4305-86e2-806ed4c08064

104.18.29.32

200 OK

2.8 kB

URL GET HTTP/2
cdn.hubside.com/media-s/Isky3aA2fty4vvo66jeS94eMCNBFrv_h/0x0:250x250/0x0:0x0/filters:fill(transparent):orient(360)/85fa3a05-2bb1-4674-aea7-107ddf950a92%2Fmedia%2F2%2F1%2Fc%2F21c0bae5-6bb4-4305-86e2-806ed4c08064
IP
104.18.29.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB4:25:1E:38:70:A3:23:D5:52:19:22:98:59:9B:6D:A8:11:32:C0:97
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.8 kB (2820 bytes)
Hash
27e0b8deea91bd6b6c452168317339ac
3cfeb19ccf798c67912912b1071bb1284576acf9
8323542878d27c6ec3f5bc57e7e9c2e6637084e455cea657ca1069b832e49580

HTTP Headers

GET /media-s/Isky3aA2fty4vvo66jeS94eMCNBFrv_h/0x0:250x250/0x0:0x0/filters:fill(transparent):orient(360)/85fa3a05-2bb1-4674-aea7-107ddf950a92%2Fmedia%2F2%2F1%2Fc%2F21c0bae5-6bb4-4305-86e2-806ed4c08064 HTTP/1.1
Host: cdn.hubside.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:06 GMT
content-type: image/webp
content-length: 2820
cache-control: private, no-cache, no-store, must-revalidate
content-disposition: inline
expires: Thu, 28 Mar 2024 16:11:06 GMT
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86b8e4e5fc4d5687-OSL
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/static/plugins/images/default/favicon.png

35.189.241.124

200 OK

1.1 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/static/plugins/images/default/favicon.png
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
1.1 kB (1116 bytes)
Hash
9dccb496facb44031c493b839c1373e4
bed1967aad175144bb8e274c3dd607c4a5cf80f8
3ff9138a8be9d3f1fad421ded3632d4b8e0ad70a350d85829772ff5e7b541270

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /static/plugins/images/default/favicon.png HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:06 GMT
content-type: image/png
content-length: 1116
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"45c-18e50ce4070"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

o913452.ingest.sentry.io/api/5851486/envelope/?sentry_key=f952818b3e364d1caaf13ec30edce0b5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.20.1

34.120.195.249

200 OK

2 B

URL POST HTTP/2
o913452.ingest.sentry.io/api/5851486/envelope/?sentry_key=f952818b3e364d1caaf13ec30edce0b5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.20.1
IP
34.120.195.249:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerDigiCert Inc
Subjectingest.sentry.io
Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/5851486/envelope/?sentry_key=f952818b3e364d1caaf13ec30edce0b5&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.20.1 HTTP/1.1
Host: o913452.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-orang2004.hubside.fr/
Content-Type: text/plain;charset=UTF-8
Content-Length: 411
Origin: https://mail-orang2004.hubside.fr
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 16:11:06 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/framework-94d76cce0af99ba2.js

35.189.241.124

200 OK

130 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/framework-94d76cce0af99ba2.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
130 kB (130056 bytes)
Hash
ab9e3a00b5f450f9a7ac14cdd550d1da
dd4388975e2532ac4557ea4504542ce62840e629
128fe80ae9e3021e37ca0ffda6da43baf8dc0b1a0deae5e59da4e177750181f6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/framework-94d76cce0af99ba2.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"1fc08-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Muli:400,400i,700,700i

142.250.74.138

200 OK

13 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,400i,700,700i|Muli:400,400i,700,700i
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
ASCII text
Size
13 kB (13074 bytes)
Hash
10b9a74a3777b2b69618b458f632091b
bd48a0ecbadb283815006e2e19deb7615c41e4d6
a705d8dcb16ddc563150246a77c2b62b89dd4e0270530102f144c4be4246259f

HTTP Headers

GET /css?family=Roboto:400,400i,700,700i|Muli:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 16:11:05 GMT
date: Thu, 28 Mar 2024 16:11:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.ci.ci/MqUb

34.197.22.43

302 Found

353 kB

URL User Request GET HTTP/2
app.ci.ci/MqUb
IP
34.197.22.43:443
ASN
#14618 AMAZON-AES

Certificate
IssuerLet's Encrypt
Subjectapp.ci.ci
FingerprintF1:C0:F3:0B:8B:DA:D5:63:14:FB:42:ED:53:49:A5:3E:F6:34:C3:E2
ValidityMon, 05 Feb 2024 17:02:10 GMT - Sun, 05 May 2024 17:02:09 GMT

File type

Size
353 kB (353364 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MqUb HTTP/1.1
Host: app.ci.ci
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 28 Mar 2024 16:11:04 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkM3VnhManVIQnZLMHpwUFhtTzA5Nmc9PSIsInZhbHVlIjoiNmdvaEJqenM5T0xuN2hHZ2RFaE42TVE2ZjZPUjFzMXJDLzc3UlJuVVdqNk9mWUZoVUJyR1BoU0JYZUswakpyWktEY3pxR0ZsSDFaZ0w3dVJzUUpoaW9yRlg2UUtYek1VaDJsWUpwUEN6a1VVTHQxZzlOMmZZbXNMSUwxWnVSNDMiLCJtYWMiOiJkODYwZTZlODkyMDJmODhhZWY4MWVhYWZhZTk3Y2MzN2U1M2YxYzJlZjlkMjYxNzk2Njg0M2ZhNTMyOWY5ZDRiIiwidGFnIjoiIn0%3D; expires=Thu, 28-Mar-2024 18:11:04 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik9UUTN3clJFc29vVUFBQ2dINzRGdFE9PSIsInZhbHVlIjoiS0NiQ3NId21RVUtWdXVheGY2ZEtCbE1vTkZ5VFFoeTUrOENtVTJvOGVFcGtCVnl6TnR6K2Y5d1ZUblVLZ2lNYnJkdFFjd0JIeDEzS3FKWEpkUm1TTVB2bWw3c1RmOWRwcmZLekJod05jWG8vOTVPVmNtK1pSTGk2dDFmMFprZ1oiLCJtYWMiOiI5MWNhOGU0YTgyYTkyYzU2NzVjNmNhNzlkOTk0YjkxN2JkOWNmMzljZDljNjVmY2M1NmY2NGU0ODQwOTc4ODU3IiwidGFnIjoiIn0%3D; expires=Thu, 28-Mar-2024 18:11:04 GMT; Max-Age=7200; path=/; httponly; samesite=lax
location: https://mail-orang2004.hubside.fr/
x-powered-by: PHP/8.0.30, PleskLin
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/864-3bdeba325a3f1ed4.js

35.189.241.124

200 OK

17 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/864-3bdeba325a3f1ed4.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
JavaScript source, ASCII text, with very long lines (16955)
Size
17 kB (17004 bytes)
Hash
a1a22af9923feec5086fa50131b7c0ea
aa317a561481e09fafcc92cffaf4a23e711c0cb1
167950ff72a0bb580b0a6a1a0179fbbfbbad56c2c852770fb236661275470cfe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/864-3bdeba325a3f1ed4.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"426c-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/css/65b3f5aceff66cc5.css

35.189.241.124

200 OK

682 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/css/65b3f5aceff66cc5.css
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type

Size
682 kB (682439 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/css/65b3f5aceff66cc5.css HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"a69c7-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/482-738ca6a25e61abbe.js

35.189.241.124

200 OK

16 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/482-738ca6a25e61abbe.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
JavaScript source, ASCII text, with very long lines (15462)
Size
16 kB (15511 bytes)
Hash
3f742626153b11522fc225f5ea0e3d83
84b3b1f0b722c2b91f3f5e4a52218496de150043
b4e71e132fe1f332f6177a419a37ea38ea02e8ff2399d0589fac563c116d7e8d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/482-738ca6a25e61abbe.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"3c97-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_buildManifest.js

35.189.241.124

200 OK

995 B

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/ok_Rf1JDhoFD2zQwmicdS/_buildManifest.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
ASCII text, with very long lines (1051), with no line terminators
Size
995 B (995 bytes)
Hash
08109d09589ec05bbd140a9580741e08
2bd4566e9a20fe04cbbd725f233e65a6ef2a4b30
805d95664f36f76938cd1f6d9adc8ea3f36779fb0b4f1864021c4baae9fc8bb9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/ok_Rf1JDhoFD2zQwmicdS/_buildManifest.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"3e3-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/pages/index-d624ffc5a5b0f033.js

35.189.241.124

200 OK

471 B

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/pages/index-d624ffc5a5b0f033.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
JavaScript source, ASCII text, with very long lines (476), with no line terminators
Size
471 B (471 bytes)
Hash
5d122a1a33c1afe37d033400f0bc974a
f3cce2ff8f68098639efb85875206dd1f7e21caa
042f6df93fe140efa326d9a96c81fdaf52c70ff0308c81adba0906a63b174915

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/pages/index-d624ffc5a5b0f033.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"1d7-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/pages/_app-0286396ee8b45b79.js

35.189.241.124

200 OK

5.5 MB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/pages/_app-0286396ee8b45b79.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type

Size
5.5 MB (5532381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/pages/_app-0286396ee8b45b79.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"546add-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/642-dbfbb044662c9e10.js

35.189.241.124

200 OK

946 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/642-dbfbb044662c9e10.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
946 kB (946273 bytes)
Hash
fd974137e2f66828b631af1af5ca8249
cb16f4be72417930837876d7bb2094e770388c55
8a288b511b49974591b8de9c40091d48f8ea090bd285480f6768a264a94593f8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/642-dbfbb044662c9e10.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"e7061-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/

35.189.241.124

200 OK

353 kB

URL User Request GET HTTP/2
mail-orang2004.hubside.fr/
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type

Size
353 kB (353364 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET / HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:04 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
etag: "56454-4381iWVNG5MPXATTnd0tp4/XTVY"
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

mail-orang2004.hubside.fr/_next/static/chunks/webpack-d48ff1ec19ca11e4.js

35.189.241.124

200 OK

6.2 kB

URL GET HTTP/2
mail-orang2004.hubside.fr/_next/static/chunks/webpack-d48ff1ec19ca11e4.js
IP
35.189.241.124:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://mail-orang2004.hubside.fr/
Certificate
IssuerLet's Encrypt
Subjecthubside.fr
Fingerprint5A:19:4E:AD:2C:56:C3:A7:03:28:02:CD:C2:7A:BC:77:9C:D0:37:9B
ValiditySat, 16 Mar 2024 18:50:27 GMT - Fri, 14 Jun 2024 18:50:26 GMT

File type
JavaScript source, ASCII text, with very long lines (6367), with no line terminators
Size
6.2 kB (6186 bytes)
Hash
c31c44fd883bc4591699f55f948a3238
0d43ab4524cc04515963f9a2ec9248a9ded66a79
753fbc4aa4f23681b88bd98cb7492875771bd0fa46c1698f19bdc63671f74810

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Orange

HTTP Headers

GET /_next/static/chunks/webpack-d48ff1ec19ca11e4.js HTTP/1.1
Host: mail-orang2004.hubside.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail-orang2004.hubside.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:11:05 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Mon, 18 Mar 2024 09:04:38 GMT
etag: W/"182a-18e50ce4070"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML