Report - mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983

Report Overview

Submitted URL
mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983
IP
3.143.47.169
ASN
#16509 AMAZON-02
Submitted
2022-09-14 14:57:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
mail4itnews.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.1 kB	2.1 MB	3.23.206.136
polyfill.io	102644	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	643 B	151.101.129.26
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	46 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.240.140.78
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	29 kB	104.17.25.14
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	921 B	30 kB	23.36.76.186
mail4senderit.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.5 kB	3.143.47.169
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	865 B	143.204.42.156
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	1.1 kB	23.36.76.186
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	30 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-14	medium	mail4itnews.com/16107_jLFI1gAtSb	Phishing
2022-09-14	medium	mail4itnews.com/16107_jLFI1gAtSb/	Phishing
2022-09-14	medium	mail4itnews.com/lib/uri/uri.js	Phishing
2022-09-14	medium	mail4itnews.com/lpScripts/assetsBehavior.js?v=1	Phishing
2022-09-14	medium	mail4itnews.com/lib/uri/uri.js	Phishing
2022-09-14	medium	mail4itnews.com/lpScripts/assetsBehavior.js?v=1	Phishing
2022-09-14	medium	mail4itnews.com/16107_jLFI1gAtSb//Solve-The-Six-Biggest-Data-Storage-Challenges-Ebook.pdf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
mail4itnews.com/16107_jLFI1gAtSb//Solve-The-Six-Biggest-Data-Storage-Challenges-Ebook.pdf
IP
3.23.206.136
ASN
#16509 AMAZON-02

File type
PDF document, version 1.7, 0 pages\012- data
Size
1.3 MB (1274376 bytes)
Hash
2150a5ff9cd734ce49897e66005aaac4
680083db756f5357f31d0e9cde46c51c34392222
799c56071de3c87dd106eaf05111c570912c621f7bb72993ea595fabf69e4808

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (7)

	URL	Size	First Seen	Last Seen
	pdf.js/build/pdf.js	322 kB	2023-03-07	2023-04-05
Pretty URL pdf.js/build/pdf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-04-05 02:12:01 Times Seen1311 Hash 42ee10ee09176e186c5846bab608c4a8 03d49a21c62fc1e134d08cd62593dac460e9981b 7049dcd5d0dc1e88a111356c01ccf1098990dbece884a0d8f3b5f3cafd9f0e81 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-20 00:23:40 Times Seen138396 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7	72 B	2023-03-07	2024-04-16
Pretty URL polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 IP 151.101.129.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-16 19:18:03 Times Seen289 Hash 7bf5fb2fd30cea050be6a48b90343984 e3d8fc7eec3e4338218b844d40a1ae86cc8581c6 aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Loading...

	mail4itnews.com/16107_jLFI1gAtSb/	1.7 kB	2023-03-07	2023-03-07
Pretty URL mail4itnews.com/16107_jLFI1gAtSb/ IP 3.23.206.136 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:21 Last Seen2023-03-07 16:28:10 Times Seen1 Hash 262239ebc29589eaf436e217177a2d2a 33e8ba34d642f8be232f4a45902cf9d47e4c6e5d 92e84f5df18e7d318bb118384fabe36d9c5f56539b89495ad9e4e76b5038e197 Loading...

	mail4itnews.com/16107_jLFI1gAtSb/	658 B	2023-03-07	2023-03-25
Pretty URL mail4itnews.com/16107_jLFI1gAtSb/ IP 3.23.206.136 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:42 Last Seen2023-03-25 23:43:01 Times Seen2 Hash 3a8c452c123b3c477948ad7f788550cf a97946a1481f3318e70b8d3c00c5b8cd7344a4f6 e16454612331d32d98399e7bcd1c52f9814edd1a821e7f34772f42415aedf903 Loading...

	mail4itnews.com/16107_jLFI1gAtSb/	317 B	2023-03-07	2023-03-07
Pretty URL mail4itnews.com/16107_jLFI1gAtSb/ IP 3.23.206.136 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:25:21 Last Seen2023-03-07 16:25:21 Times Seen1 Hash 06ec4c2d7481c4730214a679eafa0079 49bbb0a1db120ddd99813ddd1df1cb0ffed24bcf 641ef9f4117bb0cab97b7285b19b72584f4c6b1b2e91b45e151803672a6e8f0a Loading...

	pdf.js/web/viewer.js	374 kB	2023-03-07	2023-04-05
Pretty URL pdf.js/web/viewer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-04-05 02:12:01 Times Seen1357 Hash 7f28003dcd68438eee3f0fb20757243c 7f119fdc77292f13ea6d6a72d0e16373e1d7bb23 f9a11592ab64edfa8c23f7f97c7ab331c689185292fdb490d039b89c70fb01b0 Loading...

HTTP Transactions (54)

URL IP Response Size

mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983

3.143.47.169

302 Found

360 B

URL HTTP/1.1
mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983
IP
3.143.47.169:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
360 B (360 bytes)
Hash
ac07a398a938366de5b78de26badb194
85dc696b4bcab7d83c916569dc2c21f746968395
92bd8ebd6d5c68f9c27caa5e9b0ec2e844916b6e8e1c5b1890b9048406c617c2

HTTP Headers

GET /api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983 HTTP/1.1
Host: mail4senderit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 14 Sep 2022 14:57:44 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 360
Connection: keep-alive
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
Location: https://mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14462
Expires: Wed, 14 Sep 2022 18:58:46 GMT
Date: Wed, 14 Sep 2022 14:57:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 14:09:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _HOf03OkGFVaT73BElP3CrB6s6BEx_ea6LVcNQwW45qFlg_xk4Kl-g==
Age: 2891

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3rOPcCf0oARhqyxg3Il2Td_7spCOdJEJmNJ_06lwBOzPKRYDupWY9A==
age: 37349
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 14:57:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 14:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 14:07:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: piDG_IS54lGbdu0sjnorfQJd_KKriKK1IKfhALODBoyb-tBJdARjUQ==
Age: 3262

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3b342492941d531b8dd75ecd8cd2b8ea
ed718b43a12e377e39d04255d9106f8db2ac74e2
4043f445c9c50005e8891b3dbbf316380d2c019f3fd774ef5df98e5e91a4eed6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 14 Sep 2022 14:57:44 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wCxoos76MHyWjQLbQJnz3Epu9d2P-omMLH_o5BhacGi5nJchogRlLA==

mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983

18.216.45.34

302 Found

124 B

URL HTTP/2
mail4senderit.com/api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983
IP
18.216.45.34:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
124 B (124 bytes)
Hash
9333e460de155f4f0c78b759067984e8
3cd455bdd91de3f7a0fbb03c464fa6ce129edef4
f469019b3f54111f38c6eaf95573ed822e12b7da5a8f5a36f8459cb3eba9b08c

HTTP Headers

GET /api/tracking/click?email=joel.giovannini@slurpmail.net&campaign=16107&followUp=16107_ZZ4Z-8bU7q&tag=0914&event=4Xn8VstNCg&sid=8983 HTTP/1.1
Host: mail4senderit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 14 Sep 2022 14:57:44 GMT
content-type: text/html; charset=utf-8
content-length: 124
location: https://mail4itnews.com/16107_jLFI1gAtSb
server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
x-ratelimit-limit: 100000
x-ratelimit-remaining: 95875
x-ratelimit-reset: 1663169775
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
vary: Accept
via: 1.1 mail4techsectoromega.com (Apache/2.4.48)
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:44 GMT
Last-Modified: Wed, 14 Sep 2022 14:29:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bad73fa643a2f36c591aac0b758ef4df
8d786d8f41091e13a586281bf3708fcca3ada9ca
1c516af70427c7ea3c6baea104396daf02e2e557ac1680c9cdce350a84dee4b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C516AF70427C7EA3C6BAEA104396DAF02E2E557AC1680C9CDCE350A84DEE4B3"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 14 Sep 2022 20:57:45 GMT
Date: Wed, 14 Sep 2022 14:57:45 GMT
Connection: keep-alive

push.services.mozilla.com/

44.240.140.78

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.140.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q8j2h/YwA+8V7PVDfzkidA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a64wT1ilP/Ei9UOFEuVyy3anCjE=

mail4itnews.com/16107_jLFI1gAtSb

3.23.206.136

301 Moved Permanently

199 B

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
199 B (199 bytes)
Hash
13f87ec868fc46abfec988a85274f80b
2c7a007049d20b48db894e7e438fe74fcf7e6a3d
293cdf191ddf5367699f59b1a3da2e3814f9d8f9e9b49fd978c0c09ee41161b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /16107_jLFI1gAtSb HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Content-Length: 199
Content-Security-Policy: default-src 'none'
Location: /16107_jLFI1gAtSb/
Vary: Accept-Encoding
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

mail4itnews.com/16107_jLFI1gAtSb/

3.23.206.136

200 OK

3.7 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1119)
Size
3.7 kB (3656 bytes)
Hash
c8985bf060956d4f7de61bc7565a5595
91f598bc5e7aec091637e9999dbcbb446d4bee5a
e373e0737bc88e94fa338c29f2bcc1cf74ce8b688e6ac20236595add0e18b551

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /16107_jLFI1gAtSb/ HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"2cb7-1833c44977d"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 14:57:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8611169
expires: Mon, 04 Sep 2023 14:57:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npZwF8txb8570l5DZ3fBKX02KxZoEySSomPG22nYw98KrcUczeXfSrNShTksk0wcvEhANA%2BMWY7vpN01LNyXBS0YjmBC8Mtoac%2Bf%2FFYNmADcx9EtNesR5icuaJS7kUtAomWQTmLn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a9fa1369001c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7

151.101.129.26

200 OK

74 B

URL HTTP/2
polyfill.io/v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7
IP
151.101.129.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
74 B (74 bytes)
Hash
bdb6d8e9b581dfbdb87566776ede0cbd
d18cdeacd5c146b34919955e97e51b7db50d0d9b
fe35c33df2fa5edeac1dbbe512a6e92c5b1e7fb5c204df818e23ea07b5121add

HTTP Headers

GET /v3/polyfill.min.js?version=3.52.1&features=URL%2CURLSearchParams%2Ces5%2Ces6%2Ces7 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mail4itnews.com
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Wed, 07 Sep 2022 11:53:11 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/96.0.0
date: Wed, 14 Sep 2022 14:57:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1626, PASS, fastly;desc="Edge time";dur=18
content-length: 74
X-Firefox-Spdy: h2

mail4itnews.com/16107_jLFI1gAtSb/css/contents.css

3.23.206.136

200 OK

1.2 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/contents.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.2 kB (1220 bytes)
Hash
c891c12c2f6a743438425e08234fb859
66971c151a9d18bd60b5b50c99fe865a1263c752
3502f880214cb01a755cbc4eb60c064164caf9c0ea205f7a2523a5fce7c11242

HTTP Headers

GET /16107_jLFI1gAtSb/css/contents.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"b46-1833c44967d"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/lib/uri/uri.js

3.23.206.136

404 Not Found

575 B

URL HTTP/1.1
mail4itnews.com/lib/uri/uri.js
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
575 B (575 bytes)
Hash
2baaf477a30d55dab715e0e82f6489c8
b78361eddf55124d6f9ba6e4fdb8a5be74865473
29ea92e3b0248aa2db4d95acd351f2553703b11cf76f91d4339d7c8088659ce4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Aug 2020 08:49:55 GMT
ETag: W/"422-1743442507b"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/16107_jLFI1gAtSb/css/fontsImport.css

3.23.206.136

200 OK

7.6 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/fontsImport.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (508)
Size
7.6 kB (7556 bytes)
Hash
8a60a81fc037d4c74f5511073faf76d4
34211876f0fb650a14ea4b128d1903bcf9a0255c
4b8f6b678f0d68c81f05e864627e7ea467465249b8940dd9fecd99a7a407bc9c

HTTP Headers

GET /16107_jLFI1gAtSb/css/fontsImport.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"180c4-1833c4496c1"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/16107_jLFI1gAtSb/css/formBuilder.css

3.23.206.136

200 OK

1.5 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/formBuilder.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.5 kB (1502 bytes)
Hash
13425f42ae738b3c2d7e422baaf328a7
e1d51a8371eb69f2e69f0ea4d2a427d91143269e
be29cc4092413b134548a1b0148a1aee22a7718eb6dd1fb59f3bce5910ac80bb

HTTP Headers

GET /16107_jLFI1gAtSb/css/formBuilder.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"1451-1833c449681"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/16107_jLFI1gAtSb/css/styles.css

3.23.206.136

200 OK

644 B

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/styles.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2158)
Size
644 B (644 bytes)
Hash
2d23d083bf6617cd7c67da10bd9c7d03
ed16cc65fbdf1f85205c97e5c57cdac43adcbf81
d92bbb19f44f0c2082b2d3f784f5d65df6161a4c90d4ea7a13f18264aa1f6079

HTTP Headers

GET /16107_jLFI1gAtSb/css/styles.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"86f-1833c44967d"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/16107_jLFI1gAtSb/css/rja6brx.css

3.23.206.136

200 OK

6.6 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/rja6brx.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (1044)
Size
6.6 kB (6593 bytes)
Hash
baa572920ce82079383fb91845308894
13477f5a417190c974b8b0976fc072e2a8b6361c
b842263e7a2d7f13120ea2644732d9c3709aaa2e8472b81b2eedc40b4f5ccf75

HTTP Headers

GET /16107_jLFI1gAtSb/css/rja6brx.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"1b731-1833c449631"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/16107_jLFI1gAtSb/css/rxt8cqj.css

3.23.206.136

200 OK

11 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/rxt8cqj.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (1757)
Size
11 kB (10895 bytes)
Hash
59c83aca4a7bec40a8fbb9a1c39a2923
b09c6a6d5a714d45fea26dea245a17812d4d656a
c3eeb563096123b4ce12b19c802b24411721befc270ae9d3b4a396054b971f0f

HTTP Headers

GET /16107_jLFI1gAtSb/css/rxt8cqj.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"3125b-1833c449675"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mail4itnews.com/16107_jLFI1gAtSb/css/bootstrap.min.css

3.23.206.136

200 OK

24 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/css/bootstrap.min.css
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65324)
Size
24 kB (23681 bytes)
Hash
e30e7f2f66ec6493f4c7003ae37958d2
e311d4454f9d8ee99df8edee362f609d03ae14e5
d000fa6b15f5fdd523a297067afc935b3f7c0ac69ba155c210c10540eb97da38

HTTP Headers

GET /16107_jLFI1gAtSb/css/bootstrap.min.css HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"26f1b-1833c449681"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mail4itnews.com/lpScripts/assetsBehavior.js?v=1

3.23.206.136

404 Not Found

575 B

URL HTTP/1.1
mail4itnews.com/lpScripts/assetsBehavior.js?v=1
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
575 B (575 bytes)
Hash
2baaf477a30d55dab715e0e82f6489c8
b78361eddf55124d6f9ba6e4fdb8a5be74865473
29ea92e3b0248aa2db4d95acd351f2553703b11cf76f91d4339d7c8088659ce4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 14:57:45 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Aug 2020 08:49:55 GMT
ETag: W/"422-1743442507b"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

p.typekit.net/p.css?s=1&k=rxt8cqj&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9679.9680.23474.23479.8610.8611.8612.8613.8614.8615.8616.8617.8618.8619.23466.23467.23468.23469.9785.9786.9787.9788.9789.9790.9791.9792.9793.9794.10879.10880.10881.10882.10883.10884.10885.10886.10887.10888.15586.15587.15528.15529.15530.17251.17252.17253.15779.15780.15781.15782.37490.37491.37494.37495.37496.37497.42300.42301.42302.42303.23103.23104.23105.23112.23129.23130.23131.23132.23133.23134.23135.23136.23137.23138.23139.23140.23141.23142.24537.24538.24539.24540.24541.24542.24543.24544.24545.24546.24547.24548.24549.24550.24551.24552.25163.26034.26052.26053.26054.26055.26056.26057.26058.26059.26060.26061.26062.26063.26064.26065.26067.26068.26069.28763.28764.28765.28766.28767.28768.28769.28770.28771.28772.28773.28774.28775.28776.28777.28778.28779.28780.28965.28966.28971.28977.28982.28986.28991.28992.28993.28967.28968.28972.28973.28974.28978.28979.28983.28987.28988.30190.30191.30194.30195.30196.30198.30199.30201.30203.30204.30205.30206.32874.32875.36595.36596.36597.36598.36599.36600.36601.36602.36603.36604.36605.36606.36607.36608.36609.36610.36617.36618.36623.36624.36633.36634.36639.36640.39200.39201.39202.39203.39295.39296.39297.39298.39299.39300.39301.39302.39303.39304.39305.39306.39307.39308.39309.39310.39347.39348.39349.39488.39489.39490.39491.39492.39493.39494.39495.39496.39497.39498.39499.39500.39501.39502.39503.42577.42578.42579.42580.42581.42582.42583.42584.42585.42586.42587.42588.42589.42590.42591.42592.43387.43388.43389.43390.43391.43392.43393.43394.45412.45413.45414.45415.45416.45417.45418.45419.45420.45421&a=6085546&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=rxt8cqj&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9679.9680.23474.23479.8610.8611.8612.8613.8614.8615.8616.8617.8618.8619.23466.23467.23468.23469.9785.9786.9787.9788.9789.9790.9791.9792.9793.9794.10879.10880.10881.10882.10883.10884.10885.10886.10887.10888.15586.15587.15528.15529.15530.17251.17252.17253.15779.15780.15781.15782.37490.37491.37494.37495.37496.37497.42300.42301.42302.42303.23103.23104.23105.23112.23129.23130.23131.23132.23133.23134.23135.23136.23137.23138.23139.23140.23141.23142.24537.24538.24539.24540.24541.24542.24543.24544.24545.24546.24547.24548.24549.24550.24551.24552.25163.26034.26052.26053.26054.26055.26056.26057.26058.26059.26060.26061.26062.26063.26064.26065.26067.26068.26069.28763.28764.28765.28766.28767.28768.28769.28770.28771.28772.28773.28774.28775.28776.28777.28778.28779.28780.28965.28966.28971.28977.28982.28986.28991.28992.28993.28967.28968.28972.28973.28974.28978.28979.28983.28987.28988.30190.30191.30194.30195.30196.30198.30199.30201.30203.30204.30205.30206.32874.32875.36595.36596.36597.36598.36599.36600.36601.36602.36603.36604.36605.36606.36607.36608.36609.36610.36617.36618.36623.36624.36633.36634.36639.36640.39200.39201.39202.39203.39295.39296.39297.39298.39299.39300.39301.39302.39303.39304.39305.39306.39307.39308.39309.39310.39347.39348.39349.39488.39489.39490.39491.39492.39493.39494.39495.39496.39497.39498.39499.39500.39501.39502.39503.42577.42578.42579.42580.42581.42582.42583.42584.42585.42586.42587.42588.42589.42590.42591.42592.43387.43388.43389.43390.43391.43392.43393.43394.45412.45413.45414.45415.45416.45417.45418.45419.45420.45421&a=6085546&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=rxt8cqj&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9679.9680.23474.23479.8610.8611.8612.8613.8614.8615.8616.8617.8618.8619.23466.23467.23468.23469.9785.9786.9787.9788.9789.9790.9791.9792.9793.9794.10879.10880.10881.10882.10883.10884.10885.10886.10887.10888.15586.15587.15528.15529.15530.17251.17252.17253.15779.15780.15781.15782.37490.37491.37494.37495.37496.37497.42300.42301.42302.42303.23103.23104.23105.23112.23129.23130.23131.23132.23133.23134.23135.23136.23137.23138.23139.23140.23141.23142.24537.24538.24539.24540.24541.24542.24543.24544.24545.24546.24547.24548.24549.24550.24551.24552.25163.26034.26052.26053.26054.26055.26056.26057.26058.26059.26060.26061.26062.26063.26064.26065.26067.26068.26069.28763.28764.28765.28766.28767.28768.28769.28770.28771.28772.28773.28774.28775.28776.28777.28778.28779.28780.28965.28966.28971.28977.28982.28986.28991.28992.28993.28967.28968.28972.28973.28974.28978.28979.28983.28987.28988.30190.30191.30194.30195.30196.30198.30199.30201.30203.30204.30205.30206.32874.32875.36595.36596.36597.36598.36599.36600.36601.36602.36603.36604.36605.36606.36607.36608.36609.36610.36617.36618.36623.36624.36633.36634.36639.36640.39200.39201.39202.39203.39295.39296.39297.39298.39299.39300.39301.39302.39303.39304.39305.39306.39307.39308.39309.39310.39347.39348.39349.39488.39489.39490.39491.39492.39493.39494.39495.39496.39497.39498.39499.39500.39501.39502.39503.42577.42578.42579.42580.42581.42582.42583.42584.42585.42586.42587.42588.42589.42590.42591.42592.43387.43388.43389.43390.43391.43392.43393.43394.45412.45413.45414.45415.45416.45417.45418.45419.45420.45421&a=6085546&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 14 Sep 2022 14:57:45 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=rja6brx&ht=tk&f=2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.9940.9941.9942.9943.39000.39001.39002.39003.39004.39005.10879.10880.10881.10882.10883.10884.10885.10886.10887.10888.15586.15587.15357.15358.15359.15360.15361.15362.15363.15364.15779.15780.15781.15782.37490.37491.37494.37495.37496.37497.42300.42301.42302.42303.17398.17399.17400.17401.17402.17403.17404.17405.17406.17407.22616.22617.22618.22619.22620.23726.23740.23741.23742.23743.23744.23745.23746.23747.23748.23749.23750.23751.23752.24349.24350.24351.24352.24353.24354.24355.24356.43307.43308.43309.43310.43311.43312.43313.43314.28973.28974.28987.28988.32874.32875.37155.37156.37157.37158.37159.37160.37161.37162.37163.37164.37165.37166.39295.39296.39297.39298.39311.39312.39313.39314.39327.39328.39329.39332.39334.39335.39336.39337.39494.39495.39496.39498.39500.39501.39504.39505.39508.39509.48161.48162.48163.48164.48165.48166.48167.48168.48169.48170.48171.48172.48173.48174.48175.48176&a=50266507&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=rja6brx&ht=tk&f=2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.9940.9941.9942.9943.39000.39001.39002.39003.39004.39005.10879.10880.10881.10882.10883.10884.10885.10886.10887.10888.15586.15587.15357.15358.15359.15360.15361.15362.15363.15364.15779.15780.15781.15782.37490.37491.37494.37495.37496.37497.42300.42301.42302.42303.17398.17399.17400.17401.17402.17403.17404.17405.17406.17407.22616.22617.22618.22619.22620.23726.23740.23741.23742.23743.23744.23745.23746.23747.23748.23749.23750.23751.23752.24349.24350.24351.24352.24353.24354.24355.24356.43307.43308.43309.43310.43311.43312.43313.43314.28973.28974.28987.28988.32874.32875.37155.37156.37157.37158.37159.37160.37161.37162.37163.37164.37165.37166.39295.39296.39297.39298.39311.39312.39313.39314.39327.39328.39329.39332.39334.39335.39336.39337.39494.39495.39496.39498.39500.39501.39504.39505.39508.39509.48161.48162.48163.48164.48165.48166.48167.48168.48169.48170.48171.48172.48173.48174.48175.48176&a=50266507&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=rja6brx&ht=tk&f=2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.9940.9941.9942.9943.39000.39001.39002.39003.39004.39005.10879.10880.10881.10882.10883.10884.10885.10886.10887.10888.15586.15587.15357.15358.15359.15360.15361.15362.15363.15364.15779.15780.15781.15782.37490.37491.37494.37495.37496.37497.42300.42301.42302.42303.17398.17399.17400.17401.17402.17403.17404.17405.17406.17407.22616.22617.22618.22619.22620.23726.23740.23741.23742.23743.23744.23745.23746.23747.23748.23749.23750.23751.23752.24349.24350.24351.24352.24353.24354.24355.24356.43307.43308.43309.43310.43311.43312.43313.43314.28973.28974.28987.28988.32874.32875.37155.37156.37157.37158.37159.37160.37161.37162.37163.37164.37165.37166.39295.39296.39297.39298.39311.39312.39313.39314.39327.39328.39329.39332.39334.39335.39336.39337.39494.39495.39496.39498.39500.39501.39504.39505.39508.39509.48161.48162.48163.48164.48165.48166.48167.48168.48169.48170.48171.48172.48173.48174.48175.48176&a=50266507&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 14 Sep 2022 14:57:45 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 14:57:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.typekit.net/mgr2odi.css

23.36.76.186

200 OK

4.1 kB

URL HTTP/2
use.typekit.net/mgr2odi.css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (520)
Size
4.1 kB (4083 bytes)
Hash
609b64c6359e37c88bbd245ba638b89f
dd850df3bcab5430f55c233b626cd8f446de3ba2
bfee3862850ad498e1f660bd51f135340cd36894b836ea0e4ae04dbdb9abc72b

HTTP Headers

GET /mgr2odi.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 4083
date: Wed, 14 Sep 2022 14:57:46 GMT
X-Firefox-Spdy: h2

p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css

23.36.76.186

200 OK

5 B

URL HTTP/2
p.typekit.net/p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
5 B (5 bytes)
Hash
83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

HTTP Headers

GET /p.css?s=1&k=mgr2odi&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137.143.144.147.148.156.157.161.162.2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.9938.9939.39002.39004.12046.12047.12048.12049.12050.12051.12053.12054.12055.12056.17398.17399.17400.17401.22618.22619.14032.14033.14034.14035.26425.26426.35617.35620.26435.35615.26438.26439.35630.35633.26448.35628.26893.26894.26897.26898.26909.26910.26913.26914.29382.29383&a=14392602&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Wed, 14 Sep 2022 14:57:46 GMT
X-Firefox-Spdy: h2

mail4itnews.com/16107_jLFI1gAtSb/images/logo-black.png

3.23.206.136

200 OK

30 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/images/logo-black.png
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1170 x 338, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (29724 bytes)
Hash
22b659320e692bb55ab6401f4f14e205
4b704956e12b56df9fd7f7d6f824f77926322451
523d1836663568e5baf317ea24f6f89eca241e386f283b41b62b84314a9aac9f

HTTP Headers

GET /16107_jLFI1gAtSb/images/logo-black.png HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:46 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"741c-1833c449679"
Content-Type: image/png
Content-Length: 29724
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

mail4itnews.com/lib/uri/uri.js

3.23.206.136

404 Not Found

575 B

URL HTTP/1.1
mail4itnews.com/lib/uri/uri.js
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
575 B (575 bytes)
Hash
2baaf477a30d55dab715e0e82f6489c8
b78361eddf55124d6f9ba6e4fdb8a5be74865473
29ea92e3b0248aa2db4d95acd351f2553703b11cf76f91d4339d7c8088659ce4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lib/uri/uri.js HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 14:57:46 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Aug 2020 08:49:55 GMT
ETag: W/"422-1743442507b"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

use.typekit.net/af/2807c7/00000000000000007735bb48/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.36.76.186

200 OK

25 kB

URL HTTP/2
use.typekit.net/af/2807c7/00000000000000007735bb48/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
23.36.76.186:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 24820, version 1.0\012- data
Size
25 kB (24820 bytes)
Hash
a681b489cdf7d02864e8af38aca53ca6
1ef3fa8e27d346ac880f3bb44928a35ef8d09ffc
e9c868845bfe5b3bf488c1c436477de885248c4634cc36d08d11240fc9653290

HTTP Headers

GET /af/2807c7/00000000000000007735bb48/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail4itnews.com
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24820
etag: "345c80c63820ac9235d1faecff05a70c32942437"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 14 Sep 2022 14:57:46 GMT
X-Firefox-Spdy: h2

mail4itnews.com/lpScripts/assetsBehavior.js?v=1

3.23.206.136

404 Not Found

575 B

URL HTTP/1.1
mail4itnews.com/lpScripts/assetsBehavior.js?v=1
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
575 B (575 bytes)
Hash
2baaf477a30d55dab715e0e82f6489c8
b78361eddf55124d6f9ba6e4fdb8a5be74865473
29ea92e3b0248aa2db4d95acd351f2553703b11cf76f91d4339d7c8088659ce4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lpScripts/assetsBehavior.js?v=1 HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 14:57:46 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Aug 2020 08:49:55 GMT
ETag: W/"422-1743442507b"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

1.5 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1502 bytes)
Hash
1e28721864f77d8811810fef3c749df9
b2b3e329df61721e43335488ead60926309a33e3
a94746f9c017021e5e17922d524aca4237f0e5de5451c8d5cdb048fe840a2f04

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Muli

142.250.74.10

200 OK

903 B

URL HTTP/2
fonts.googleapis.com/css?family=Muli
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
903 B (903 bytes)
Hash
f16197589f2094f98d6688c33b7ebe00
4ec1d09a6bd4a3d02183b547647560437dfb6238
c189ba3af3cbc80224bcd723f8914e49df538c13ca03c3d492ac0b14778f0418

HTTP Headers

GET /css?family=Muli HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16346
Expires: Wed, 14 Sep 2022 19:30:12 GMT
Date: Wed, 14 Sep 2022 14:57:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10366 bytes)
Hash
8c1314c7778ea0d32e8c69dae0c38b6d
c4772b9b182f9f905fead84f3761fe296073ca65
5fc8dc23f9b4d150b834aa69b358edd9f9f5f449607df07d579df66098d8aac6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10366
x-amzn-requestid: e4d41ba8-41c5-4350-bacb-850136434eaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEw28GD7IAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63182e92-4098031d1475d45f4899654b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 05:39:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BcQa5iNJlJ_rm50BT4O-rIEayxXyD0Jb5dUq_sUccIWfv12HfBec0g==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:22:39 GMT
age: 59707
etag: "c4772b9b182f9f905fead84f3761fe296073ca65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.10

200 OK

15 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15014 bytes)
Hash
56e1da35b5ff615cb3b4c8cbd2e46e18
f39ea2dca36df30d46282803c9987c9af0c7a651
3a08a0f79c8fc2df66e24bf5424e9c3adeb67fd5a52a26727751b7b7c1b4e21a

HTTP Headers

GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5988 bytes)
Hash
f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 61123
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15547 bytes)
Hash
56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 61892
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10138 bytes)
Hash
0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 42494
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

142.250.74.10

200 OK

6.6 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
6.6 kB (6642 bytes)
Hash
3a63eb661737e47ac3e4fc29745d5907
7738165501365fba245e5440e0b2bb38104c5824
7324f4917a69b58e7df7e1c465844920463dc3040f2cbf78434070cff7f10412

HTTP Headers

GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mail4itnews.com/favicon.ico

3.23.206.136

404 Not Found

575 B

URL HTTP/1.1
mail4itnews.com/favicon.ico
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
575 B (575 bytes)
Hash
2baaf477a30d55dab715e0e82f6489c8
b78361eddf55124d6f9ba6e4fdb8a5be74865473
29ea92e3b0248aa2db4d95acd351f2553703b11cf76f91d4339d7c8088659ce4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 14 Sep 2022 14:57:46 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Aug 2020 08:49:55 GMT
ETag: W/"422-1743442507b"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked

mail4itnews.com/16107_jLFI1gAtSb/images/From-DaaS-to-Cloud-Desktops-Brian-Madden-Looks-at-What-s-Changed_background.jpg

3.23.206.136

200 OK

740 kB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb/images/From-DaaS-to-Cloud-Desktops-Brian-Madden-Looks-at-What-s-Changed_background.jpg
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, description=Silver gray background, orientation=upper-left, xresolution=194, yresolution=202, resolutionunit=2, software=Adobe Photoshop CS4 Macintosh, datetime=2012:01:26 12:48:01], baseline, precision 8, 1999x1293, components 3\012- data
Size
740 kB (740179 bytes)
Hash
cb98263d1a15770b77f3fea07fdf1d65
9e048b9b45e1f49062d7fb3adef83f181cd570cf
808bd0e52ace8ebacc0cd537badfb7789db7182a562330e0fa2bef60491c2ee2

HTTP Headers

GET /16107_jLFI1gAtSb/images/From-DaaS-to-Cloud-Desktops-Brian-Madden-Looks-at-What-s-Changed_background.jpg HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:46 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"b4b53-1833c44960d"
Content-Type: image/jpeg
Content-Length: 740179
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

mail4itnews.com/16107_jLFI1gAtSb//Solve-The-Six-Biggest-Data-Storage-Challenges-Ebook.pdf

3.23.206.136

200 OK

1.3 MB

URL HTTP/1.1
mail4itnews.com/16107_jLFI1gAtSb//Solve-The-Six-Biggest-Data-Storage-Challenges-Ebook.pdf
IP
3.23.206.136:0
ASN
#16509 AMAZON-02

File type
PDF document, version 1.7, 0 pages\012- data
Size
1.3 MB (1274376 bytes)
Hash
2150a5ff9cd734ce49897e66005aaac4
680083db756f5357f31d0e9cde46c51c34392222
799c56071de3c87dd106eaf05111c570912c621f7bb72993ea595fabf69e4808

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /16107_jLFI1gAtSb//Solve-The-Six-Biggest-Data-Storage-Challenges-Ebook.pdf HTTP/1.1
Host: mail4itnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/16107_jLFI1gAtSb/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 14:57:49 GMT
Server: Apache/2.4.48 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-DNS-Prefetch-Control: off
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 14 Sep 2022 13:51:11 GMT
ETag: W/"137208-1833c449771"
Content-Type: application/pdf
Content-Length: 1274376
Via: 1.1 mail4itnews.com (Apache/2.4.48)
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Source+Sans+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail4itnews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 14:57:45 GMT
date: Wed, 14 Sep 2022 14:57:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML