Report - lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

Report Overview

Submitted URL
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home
IP
63.250.43.1
ASN
#22612 NAMECHEAP-NET
Submitted
2022-10-27 02:48:21
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Apple

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.5 kB	565 kB	63.250.43.1
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.200.107.47
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	95 kB	216.58.207.195
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	746 B	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.4 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	43 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home	Credit Agricole S.A.
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home	Credit Agricole S.A.
2022-10-26	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/	Credit Agricole S.A.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js	Phishing
2022-10-27	medium	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/fontawesome.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js	167 kB	2023-03-07	2024-05-10
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:29 Last Seen2024-05-10 10:22:06 Times Seen3489 Hash be6af23e2a716c006da75d0291784254 9c923313eabc56d715a7c07bf855feb26a72f671 8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js	88 kB	2023-03-07	2024-05-10
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2024-05-10 21:15:05 Times Seen8578 Hash 2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js	6.6 kB	2023-03-07	2024-05-08
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:35 Last Seen2024-05-08 18:16:59 Times Seen729 Hash abb9a501a5640cf0f8563ea64120248a 11848f5498d35bb4d746f64d537d85de0d4a4876 bfa489820b4cff47140a8f1741f50f8bf752df013ac13388357ccef04600c8ab Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js	23 kB	2023-03-07	2024-05-03
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:35 Last Seen2024-05-03 06:34:50 Times Seen580 Hash 1e1c2204ab5160549d843ea9c1180d8f be45d449d7431890f5666baf4fc159e6e8c8bbaa 0279b4163ca0d6df05c1f50b63f192da41f82a0c48b6872e8671dec485df6dd7 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js	18 kB	2023-03-07	2024-05-10
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-05-10 21:16:19 Times Seen3656 Hash 219d169a80568884a3d6baab3e5e7def 61d00104de8c972c820cd9b527d8e2edb30e5c4a cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js	2.2 kB	2023-03-07	2024-05-10
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-05-10 09:47:22 Times Seen945 Hash 898f19a99389c21b45afaa5cbc50ebbe 6dd2957947201f36f3a50cad3bda18874d2508d7 f050012b033cb391112b37757113c73ff09884815ff73ce45592ee309ce87b3f Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js	59 kB	2023-03-07	2024-05-10
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:40 Last Seen2024-05-10 10:22:06 Times Seen1861 Hash 0f9ea8d6bb66dbed6e0966f9da35b7fd 8095a33f75ca53aa5409b8bf00ea30372755092d 306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4 Loading...

	lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js	4.4 kB	2023-03-07	2024-05-03
Pretty URL lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:40 Last Seen2024-05-03 06:34:50 Times Seen1030 Hash def4a999cf8f389438ebe315c275cb73 90b28790feddac38637591835420fe87a6071ce8 3fbc9360e36438e4cdcda3f25cb6dad97b6fe96cbba9455ad4bb75183e5fc2dc Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9774
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 02:48:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5769
Cache-Control: max-age=116341
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:10 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:07:11 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5769
Cache-Control: max-age=116341
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:10 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:07:11 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

63.250.43.1

301 Moved Permanently

0 B

URL HTTP/1.1
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home
IP
63.250.43.1:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Credit Agricole S.A.
fortinet	Phishing

HTTP Headers

GET /20221025/home HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4160
Expires: Thu, 27 Oct 2022 03:57:30 GMT
Date: Thu, 27 Oct 2022 02:48:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZYiVH1j4NvFmQFz9AlzMsVUQSh4fki9JPNBUrQ4z9el8m1AVWqc+HfbNc+ubWHe3dsTFbnEK73A=
x-amz-request-id: 1AX32ZA4K59BXPQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 02:39:26 GMT
age: 524
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 02:48:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f94ee7108c5d7f3162dad329568aac0e
59aa8ee1f8da0c45629fabf42c8046349801d6fb
2fa145334f81e7e08b0ad7bac7bd3b81ec21a6be9671f722200fddf16f67bdbf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:48:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 23:39:23 GMT
Expires: Mon, 31 Oct 2022 23:39:22 GMT
Etag: "59aa8ee1f8da0c45629fabf42c8046349801d6fb"
Cache-Control: max-age=420071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76081c7b2aebb523-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3658
Cache-Control: max-age=109173
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:11 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:07:44 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home

63.250.43.2

301 Moved Permanently

162 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
openphish	Credit Agricole S.A.
fortinet	Phishing

HTTP Headers

GET /20221025/home HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 27 Oct 2022 02:48:11 GMT
content-type: text/html
content-length: 162
location: http://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/

63.250.43.2

200 OK

3.6 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (15746), with CRLF line terminators
Size
3.6 kB (3590 bytes)
Hash
d20b9d24eb255774b6ed467ca366c93b
edb38792692477cd4c5889737b8ad7785ef9edfc
c9e4778604f87d2b79b31caca2a1cd8e986ae098074e01f3e207690405b5ec1e

Detections

Analyzer	Verdict	Alert
openphish	Credit Agricole S.A.
fortinet	Phishing

HTTP Headers

GET /20221025/home/ HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:04:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 42248
x-cache: HIT
accept-ranges: bytes
content-length: 3590
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.200.107.47

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.107.47:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FWoCwHI+tU0Su+6RQosMRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gqgVBG5qeXpOpppZ7pE5Sf93phU=

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js

63.250.43.2

200 OK

58 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/angular.min.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (566)
Size
58 kB (58485 bytes)
Hash
7fea74563a0d2d9bb508a51c6e322b22
0a62a90f9a99d185e1bce49dabea132e0edb468a
8e65040e11a39214c1bb095831fc24b0e6799a732627f7d682c48442eeff2bfd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/angular.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:12 GMT
etag: "63574bd8-28cdb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 58485
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js

63.250.43.2

200 OK

31 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.min.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
31 kB (30719 bytes)
Hash
036ea929140cc272177d72861479bc9d
d44e3b6a79ee1049628ac55ac258cce758074d68
a2b493a2b7f79b8c544dd10224faccf27480b58bb57e93499ceb54ed28494388

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:21 GMT
etag: "63574be1-15851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 30719
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js

63.250.43.2

200 OK

2.1 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.CardValidator.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2104 bytes)
Hash
d558576e06a82da499d5973c48d598a7
2884301c84175b327c8718a1d7c48aa4c32c73cb
bc63b227823bfb3946f21efeb221ccade3eab3cf8ef35f3d75e2e6758919a64e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.CardValidator.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:17 GMT
etag: "63574bdd-19b0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 2104
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js

63.250.43.2

200 OK

7.4 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.validate.min.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (22900), with CRLF line terminators
Size
7.4 kB (7436 bytes)
Hash
d7bc6e8cdb2dd5b9c2c1d3bccb98136c
7e94399918a2d2f69e34cea53d5f541fa46c8627
c94b49ad8d2aeda51b11782148bdec662d16e237632c0231520b98e935696cf3

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Apple
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.validate.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:24 GMT
etag: "63574be4-5a01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 7436
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js

63.250.43.2

200 OK

4.9 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/jquery.mask.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.9 kB (4948 bytes)
Hash
72561daefcabe07fcd6e4a000ce2b1f9
29f4b8a00c67c6d29e8beb9cbe1fcc040bfc4bf5
3a19e4fd29ca6cd5ba35dd0f38915107a432a326280051d32ca2b16af7d668b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/jquery.mask.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:19 GMT
etag: "63574bdf-47fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 4948
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js

63.250.43.2

200 OK

834 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/style.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
834 B (834 bytes)
Hash
b3b513a42ba66924bd794f00ab1e8756
4990006b11c02a9fb9ab4c4d1fba2ab75d550bac
5d654ce1762a87c9ea2b1d3dc9300a649d9669a357f5cff1641d30155906405f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/style.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:37:26 GMT
etag: "63574be6-8bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 834
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/bootstrap.min.css

63.250.43.2

200 OK

21 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/bootstrap.min.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65324)
Size
21 kB (21050 bytes)
Hash
6416cbec949fa843a85c7ac285bb9245
94173c891940336570801e9c8ce3f85427d41c70
631d8a942c958f1b03cab6822d5f25b7221a24bbb2d60ec49bdf40295e1483ef

HTTP Headers

GET /20221025/home/style/css/bootstrap.min.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:38 GMT
etag: "63574bb6-22688"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 21050
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/helpers.css

63.250.43.2

200 OK

4.6 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/helpers.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40872), with CRLF line terminators
Size
4.6 kB (4564 bytes)
Hash
8b745745375002eb031926eceab1e7cf
4cfac7b7ad4ea22ebe19fb082ca6c22b36495188
94e99ac02711fbd09d156911c1737c54634ca647e81939a0729bcd860dea09d8

HTTP Headers

GET /20221025/home/style/css/helpers.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:39 GMT
etag: "63574bb7-9faa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 4564
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/fonts.css

63.250.43.2

200 OK

278 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/fonts.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
278 B (278 bytes)
Hash
06459c2424f7d5ff44aa178c85dd841d
0db3d229a2c5a07b883d67bc64ba5b3922dc97a6
c471df84afcedc1634f70869703a7ce9571ad39b950a0380a2e2af7bf73c2647

HTTP Headers

GET /20221025/home/style/css/fonts.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:37 GMT
etag: "63574bb5-570"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 278
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/main.css

63.250.43.2

200 OK

2.3 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/css/main.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10363), with CRLF line terminators
Size
2.3 kB (2347 bytes)
Hash
c1c58e51a8162ef58988adbbbd1a0e6e
e6b1dd813ba904a3175b84304a04c7d2f5cec311
3fdbef6476a9d9c0f7ab6f1bf4cb8efe3e193723a95fa7638dff597222fccd6b

HTTP Headers

GET /20221025/home/style/css/main.css HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:02:58 GMT
last-modified: Tue, 25 Oct 2022 02:36:39 GMT
etag: "63574bb7-287d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42313
x-cache: HIT
accept-ranges: bytes
content-length: 2347
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js

63.250.43.2

200 OK

7.2 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/popper.min.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20164), with CRLF line terminators
Size
7.2 kB (7243 bytes)
Hash
826c95f8ce58f52645faade7d3484af5
b8899da5a2f443322884adbd2233fbbdefbe1099
75c715d9dd66e7093d3e2b1e50d52570cae39df9b13c2f6cf31b3386e290b5ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/popper.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:25 GMT
etag: "63574be5-4f74"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42095
x-cache: HIT
accept-ranges: bytes
content-length: 7243
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/CADIF_logo_horizontal_rvb_v4.png

63.250.43.2

200 OK

19 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/CADIF_logo_horizontal_rvb_v4.png
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18782 bytes)
Hash
71cb5c78702e00ffb116f88d9280896a
d32b9b4f245643b1e4477f923b12a4d17d50cc3d
f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b

HTTP Headers

GET /20221025/home/style/CADIF_logo_horizontal_rvb_v4.png HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:07:26 GMT
last-modified: Tue, 25 Oct 2022 02:36:01 GMT
etag: "63574b91-495e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: image/png
content-length: 18782
x-cacheable: YES
age: 42044
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js

63.250.43.2

200 OK

963 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/main.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Size
963 B (963 bytes)
Hash
d339a145df005deb6cce0837853fa5db
463e384739266e5e979405dee242bcfe0f8098a5
8639be7630b3bcb63a8a922d308de088a483f9ca2a7d7035835bca7dc2ec924d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/main.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:25 GMT
etag: "63574be5-111f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42095
x-cache: HIT
accept-ranges: bytes
content-length: 963
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js

63.250.43.2

200 OK

472 B

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/bootstrap.min.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
472 B (472 bytes)
Hash
f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/bootstrap.min.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:14 GMT
etag: "63574bda-e6b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42095
x-cache: HIT
accept-ranges: bytes
content-length: 15336
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 594321
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.195

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 18:59:14 GMT
expires: Tue, 24 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 200938
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7259
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:48:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7259
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:48:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7259
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:48:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6493 bytes)
Hash
3185609c8bfba0bf8d54812276331c42
4a14cc85d23798bd3476516b49a3c3ff7bcd0d98
e57871dad12531fccf75d0bc4930c18c3c95c706b2bfd89e620b1e097b40a08e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cba4a5a-0803-4870-b5e5-cbf33536e53e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6493
x-amzn-requestid: f5ca8ddd-d103-43e2-b3b7-ece16e1312a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ainrUE-pIAMF9rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63575315-5f7287ea785008c44b0ff490;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:08:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dX0n6VtMbBkS-oDk44faC1KFmBlh51Vh27fb8CsWuiAbazazrDrbKw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 03:41:38 GMT
age: 83194
etag: "4a14cc85d23798bd3476516b49a3c3ff7bcd0d98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7542 bytes)
Hash
bd4d7051e9d8525d8ed7d5249b24068d
cbad9147991b1a1b27088f90fe7078d1056a9633
4701cc21f58c8ac8b8ad78a34973b3ade538255868afbf59be40e7f1365bcc20

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7542
x-amzn-requestid: 95e8df21-80b6-400a-bcd5-41efdab9cc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwLH0lIAMFT2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a800-3300914f11c46b9902b30fe4;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Yfx_KpfPPFKISGbuSM0g1eg1VVnevA0t39NFemmMxeTSiiimsMlDkA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:57:10 GMT
age: 17462
etag: "cbad9147991b1a1b27088f90fe7078d1056a9633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6806 bytes)
Hash
8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 17723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4670 bytes)
Hash
1d71555b55dd7d34a53b9e8252902da1
551ceee96287d4d5fa8c8f286baebd382c8aff67
ff2040a25f467fc41873bdb2c7ed9f28ab508e8096b54152607bd0b40580567f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4670
x-amzn-requestid: bd7ccf26-ed98-4252-82df-a8f17108fc2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvtEoYoAMFrCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fd-51c97f553b02f4750e78023a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:53 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AANmFqkisteLJO0nLhaNgo6NTfYSkLPEGf5zewefdRtPZbEziAPz3Q==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:08:06 GMT
etag: "551ceee96287d4d5fa8c8f286baebd382c8aff67"
content-type: image/jpeg
age: 16806
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6619 bytes)
Hash
05e2d92ca05c08e9598d4128d55b1cba
109364ef1db445ba6c5e8c1178ab56fcce80d346
078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 245cd792-64fd-4490-b8f8-5b354fd9b0b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ak4zTELFoAMFyzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63583b48-33a9dfe97f63f43050b4ecdd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 19:38:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bCL523JRD-JUSoK1Hdsk2hLdEp1NXxckJshwO96kQesEZAxdT7YKfg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 10:21:57 GMT
age: 59175
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4709 bytes)
Hash
c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:52 GMT
age: 17840
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/fontawesome.js

63.250.43.2

200 OK

387 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/js/fontawesome.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65347), with CRLF line terminators
Size
387 kB (387147 bytes)
Hash
39cdd99630caf56e49a9d3aacca54383
37ef54d71e4c6ddac63310c3885cb749f2de0779
ba86ed9a9e26cc1dae4da678046477563d10903f646b2dfbdf16be25c7db5701

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /20221025/home/style/js/fontawesome.js HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:06:36 GMT
last-modified: Tue, 25 Oct 2022 02:37:22 GMT
etag: "63574be2-10314e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 42095
x-cache: HIT
accept-ranges: bytes
content-length: 387147
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/favicon.png

63.250.43.2

200 OK

1.8 kB

URL HTTP/2
lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/style/favicon.png
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1793 bytes)
Hash
ed9c56116b458dfeef180879add56940
f661f922f0bfdf0d2d470aea158eb77d49b5bb26
0c6849d4541c1b5d297b7e48dc2c13d43c357610effd13e1a90929b6638205e0

HTTP Headers

GET /20221025/home/style/favicon.png HTTP/1.1
Host: lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/20221025/home/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 15:19:44 GMT
last-modified: Tue, 25 Oct 2022 02:36:03 GMT
etag: "63574b93-701"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: image/png
content-length: 1793
x-cacheable: YES
age: 41308
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lemagazineculturel-clapnews-bea7d0.ingress-bonde.ewp.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 02:48:12 GMT
date: Thu, 27 Oct 2022 02:48:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations