Report - www.connect-secureportail.com/

Report Overview

Submitted URL
www.connect-secureportail.com/
IP
23.81.180.215
ASN
#7203 LEASEWEB-USA-SFO-12
Submitted
2023-01-28 13:23:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.connect-secureportail.com	unknown	2022-10-26T13:56:20Z	2023-03-10T09:49:35Z	7.0 kB	383 kB	23.81.180.215
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	49 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.0 kB	2.1 kB	216.58.211.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	870 B	1.3 kB	142.250.74.106
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.185.236.64

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange
2023-01-26	medium	www.connect-secureportail.com/	Orange

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	www.connect-secureportail.com/	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/jquery.magnific-popup.min.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/mixitup.min.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/masonry.pkgd.min.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/jquery-3.3.1.min.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/bootstrap.min.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/jquery.slicknav.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/owl.carousel.min.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/js/main.js	Phishing
2023-01-28	medium	www.connect-secureportail.com/fontawesome-free-6.2.0-web/webfonts/fa-solid-900.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	www.connect-secureportail.com/js/jquery.slicknav.js	21 kB	2023-03-07	2024-05-09
Pretty URL www.connect-secureportail.com/js/jquery.slicknav.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:08 Last Seen2024-05-09 13:13:21 Times Seen296 Hash b732be48f27a427fcf1ef49faea8960b c2d7323e9b9df888c79cfabd7eb7892095143592 2c66dcc5003ba9cfe9b7697fe1fca1b38033ecbe712a8d4f21300624567036e7 Loading...

	www.connect-secureportail.com/js/owl.carousel.min.js	44 kB	2023-03-07	2024-05-10
Pretty URL www.connect-secureportail.com/js/owl.carousel.min.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-10 20:08:56 Times Seen20433 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	www.connect-secureportail.com/js/main.js	4.2 kB	2023-03-10	2023-03-13
Pretty URL www.connect-secureportail.com/js/main.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:36:37 Last Seen2023-03-13 09:47:16 Times Seen1 Hash 9477b330f3b6ab38a93ed5e8ca1dc348 2f8dc0f1a5b98135b732cea7a587d42bf4cbae29 04ff37ed59c0af93b5c0a12d4ccb50b1b6f2dc41d0515ebe11aec218626dc9cf Loading...

	www.connect-secureportail.com/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-05-10
Pretty URL www.connect-secureportail.com/js/jquery.magnific-popup.min.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-10 20:08:55 Times Seen19993 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	www.connect-secureportail.com/js/mixitup.min.js	89 kB	2023-03-07	2024-05-08
Pretty URL www.connect-secureportail.com/js/mixitup.min.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-08 11:48:36 Times Seen397 Hash be4d6f4195222addaf474b45325e8dbc d9520b1a05ccc172c424161f693faca2b7ceac54 16750fd8712bf8b9ec03897561f94dde9ad564848bc0ab36141ed7f7f7dd3c11 Loading...

	www.connect-secureportail.com/js/masonry.pkgd.min.js	24 kB	2023-03-07	2024-05-10
Pretty URL www.connect-secureportail.com/js/masonry.pkgd.min.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-10 10:29:45 Times Seen1502 Hash 520e46df77727aaf3d5e799ef241be02 d20252cf76c3be8af37a8415d13ad368c762b4d8 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2 Loading...

	www.connect-secureportail.com/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-10
Pretty URL www.connect-secureportail.com/js/jquery-3.3.1.min.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 20:15:05 Times Seen110456 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.connect-secureportail.com/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-10
Pretty URL www.connect-secureportail.com/js/bootstrap.min.js IP 23.81.180.215 ASN #7203 LEASEWEB-USA-SFO-12 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:44:24 Last Seen2024-05-10 16:30:58 Times Seen328 Hash 904e10b25430ab5f3d98ab49bb3f3a87 3687f5dd6c9048d0a9dd045a94ee5176aa1e9a8d 49fb39e0146a302368039bc6f4ab625229f1e9c99b20092305b8cae0dfab9198 Loading...

HTTP Transactions (45)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Sat, 28 Jan 2023 17:33:45 GMT
Date: Sat, 28 Jan 2023 13:22:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15151
Expires: Sat, 28 Jan 2023 17:35:30 GMT
Date: Sat, 28 Jan 2023 13:22:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 12:43:05 GMT
content-type: application/json
age: 2394
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9132
Expires: Sat, 28 Jan 2023 15:55:11 GMT
Date: Sat, 28 Jan 2023 13:22:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 55Q5qLkqP2GPrfpX+dyiJ2xgWKMoLn6+pC1hNjyB7aAC7uHaMaRpjo5IRgzWu46VWD+KAqi7m3A=
x-amz-request-id: ABZ85NBC2HT675FZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 12:49:53 GMT
age: 1986
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 13:22:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 12:49:03 GMT
age: 2036
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13454
Expires: Sat, 28 Jan 2023 17:07:13 GMT
Date: Sat, 28 Jan 2023 13:22:59 GMT
Connection: keep-alive

push.services.mozilla.com/

54.185.236.64

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.185.236.64:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gIo/wkv7Kt3GBR/i9H4VeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jVWEDtHpGHAEwftywNAss9crnkk=

www.connect-secureportail.com/

23.81.180.215

200 OK

2.9 kB

URL HTTP/1.1
www.connect-secureportail.com/
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.9 kB (2858 bytes)
Hash
85aac84ce6f1ac6027c37d14e4fa4faa
f9934655512bfb35e68cee393a2d2c678c50917e
101277e79a9d62fa907d4521e280b57cff3076f8d1d687abf4f1d50651d2dd97

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Thu, 20 Oct 2022 22:58:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2858
date: Sat, 28 Jan 2023 13:23:00 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.connect-secureportail.com/css/font-awesome.min.css

23.81.180.215

200 OK

7.0 kB

URL HTTP/1.1
www.connect-secureportail.com/css/font-awesome.min.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (30837)
Size
7.0 kB (6989 bytes)
Hash
73fafde2ed0b8af35533aef217310350
07ffb382423d12967d70ae85b36a6bbf16327678
8448460374395f6645aa937ab83a5b7eebd7b35cdc8f8e875fa4cb7a92a63eab

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6989
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 13:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.connect-secureportail.com/css/elegant-icons.css

23.81.180.215

200 OK

4.5 kB

URL HTTP/1.1
www.connect-secureportail.com/css/elegant-icons.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (6610)
Size
4.5 kB (4519 bytes)
Hash
79f83c75e981871c48c0abe528a8aae4
b315ddf08021eb24e88e7563ade4852eccf8149f
a4c4edd2ce84d8159189cd6ff3caa860075b731c5e2bf78d677db6f071c89c19

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/elegant-icons.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4519
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/css/owl.carousel.min.css

23.81.180.215

200 OK

1.1 kB

URL HTTP/1.1
www.connect-secureportail.com/css/owl.carousel.min.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (3184)
Size
1.1 kB (1061 bytes)
Hash
12bebe76c41e45a15b3a7db52c9b10b0
b5398a0391ad7540c82915e58a01d15169f62a36
317492d492a6d3fb1ccb726e6213b6ad046a170ab98eaf8de9bd6bbdf9456dc2

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/owl.carousel.min.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1061
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/css/magnific-popup.css

23.81.180.215

200 OK

1.8 kB

URL HTTP/1.1
www.connect-secureportail.com/css/magnific-popup.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text
Size
1.8 kB (1810 bytes)
Hash
60a928207ea1f9087e38b0d6a3afece7
fafe3590b6e2f592366f11d958ff3fb1989cc320
e5879e3c7870166c5a03051cf5d067eab9ca17df1de7d2ed2ab4d530f101a2ef

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1810
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/css/slicknav.min.css

23.81.180.215

200 OK

813 B

URL HTTP/1.1
www.connect-secureportail.com/css/slicknav.min.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (2414)
Size
813 B (813 bytes)
Hash
191c381e9c53d33e230c34a08a09a778
c7a755b16067c5f1ba088df224f1e63c99d5ce65
0b83f7169229f62ce1b7a4016e0b356da5448481aa12447f4c81668e0e434597

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/slicknav.min.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 813
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/css/bootstrap.min.css

23.81.180.215

200 OK

24 kB

URL HTTP/1.1
www.connect-secureportail.com/css/bootstrap.min.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (65324)
Size
24 kB (23841 bytes)
Hash
ccaaa149fb90fbcc1970496f0541fa21
54fd7015bb6c3b73a8c043360f7428934494b42d
15440de70ed225d02c5ea84baedb48ebf60b306e87b436fc688f84c564c50eec

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 23841
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/css/style.css

23.81.180.215

200 OK

5.9 kB

URL HTTP/1.1
www.connect-secureportail.com/css/style.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
assembler source, ASCII text
Size
5.9 kB (5886 bytes)
Hash
0e296a8fbe3d44a7d03a11b0b8b2cba9
e72c8b3196a255d37467ae015ea042bf77a39c00
9e44634813364f3d359f4f58aa42721249d60740385381c6e4b8a5161653b20a

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /css/style.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Thu, 20 Oct 2022 12:06:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 5886
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5666
Expires: Sat, 28 Jan 2023 14:57:27 GMT
Date: Sat, 28 Jan 2023 13:23:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5666
Expires: Sat, 28 Jan 2023 14:57:27 GMT
Date: Sat, 28 Jan 2023 13:23:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5666
Expires: Sat, 28 Jan 2023 14:57:27 GMT
Date: Sat, 28 Jan 2023 13:23:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5666
Expires: Sat, 28 Jan 2023 14:57:27 GMT
Date: Sat, 28 Jan 2023 13:23:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7028 bytes)
Hash
57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LUa_R8g8Rlv7JJA0_okht-vGe-xBSyZ5TPJTFakAHlncQPZKEdULQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 56043
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 55575
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7538 bytes)
Hash
131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 54518
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7819 bytes)
Hash
6a40be482a56db1e4d48ba4a8cf515ba
da9c7255d5840c025526c6c24354750d9ba3a4ef
fa0bfe56b97ce5cf450e4799db2fe6d5645553b71d1e2bd928df0278a81a33c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7819
x-amzn-requestid: b9c17e9a-8da5-4736-a8bc-ea430feaef8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_diGfbIAMFX2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f0-695dd291002d9cc425df0edc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gf-xQLbrbbXCRM8Q720PrSNSrvoelOoNlqbKwfiZHNIKCD_59TARLQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:03:06 GMT
etag: "da9c7255d5840c025526c6c24354750d9ba3a4ef"
content-type: image/jpeg
age: 55195
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3237aa3-30cf-4312-861c-8d923987ed4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8569 bytes)
Hash
335cb821617fe98e993190c93c616f86
130b6f6d592f3ab052015656653a1b3ac259599d
ee90912b731ff31e52ccd404bf45ec6b6d3802247a29f9397eed153ab709df96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3237aa3-30cf-4312-861c-8d923987ed4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8569
x-amzn-requestid: d97c9436-5e2d-42a2-ad40-84c7776cdac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_rVFA_oAMF-2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44648-03ff23d6072683a067472191;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:46:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FuvSHsmeURS0TVrB-5IPYpmsovQh5OWzvsmlT2nzkDGfO2Q8gwP3Xw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:15:45 GMT
age: 54436
etag: "130b6f6d592f3ab052015656653a1b3ac259599d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 52608
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.connect-secureportail.com/js/jquery.magnific-popup.min.js

23.81.180.215

200 OK

7.4 kB

URL HTTP/1.1
www.connect-secureportail.com/js/jquery.magnific-popup.min.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (20087)
Size
7.4 kB (7376 bytes)
Hash
8dc057c90f5eb276eac463a3057d21e6
28b92fa281978a7f1692506cf7b66dc21dcdf3ea
badb1e7b7e5c3c573a41d483546ac773c677d6937dbb44ba975fc8c518fe3881

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7376
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/mixitup.min.js

23.81.180.215

200 OK

22 kB

URL HTTP/1.1
www.connect-secureportail.com/js/mixitup.min.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (32042)
Size
22 kB (21749 bytes)
Hash
ba43748fce54bef0567548059604f7a4
cbaa15a0073667a90897c4ad7c7cba72ab434665
31070f59b8066eb3cae2d1635b1d60b9892718d909516f3eb30d54f764aab96f

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/mixitup.min.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 21749
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/masonry.pkgd.min.js

23.81.180.215

200 OK

7.4 kB

URL HTTP/1.1
www.connect-secureportail.com/js/masonry.pkgd.min.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (23966)
Size
7.4 kB (7351 bytes)
Hash
7449c471ad572b0afb5c0faf4e7de424
863b382dccee1ac8d1e612dd47915b264f6caee7
4a47ea647ebd9f269ce82806fe7bb0db8cf78930501fd370cb2fb73f680374de

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/masonry.pkgd.min.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7351
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/jquery-3.3.1.min.js

23.81.180.215

200 OK

30 kB

URL HTTP/1.1
www.connect-secureportail.com/js/jquery-3.3.1.min.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (65451)
Size
30 kB (30358 bytes)
Hash
628e53571a558477be736601f745f86c
55832b31010c287ee8d9d3d0199f9f59aad0d569
a15da7be302fcc9f295102e18316cf9b810447c4e2b50ca1056d7e50c77b1804

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.3.1.min.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 30358
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/fontawesome-free-6.2.0-web/css/all.min.css

23.81.180.215

200 OK

22 kB

URL HTTP/1.1
www.connect-secureportail.com/fontawesome-free-6.2.0-web/css/all.min.css
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (65317)
Size
22 kB (22174 bytes)
Hash
73febf7002abb81d249c1d33c34fe76e
003a2ace1379a7077a53b62653ab6ddb5913a36e
811b5be1c94bcfba1b0a1a9b62c00d6c35057887b24a3a027c59f45d716b67e2

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /fontawesome-free-6.2.0-web/css/all.min.css HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: text/css
last-modified: Tue, 30 Aug 2022 15:47:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 22174
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/bootstrap.min.js

23.81.180.215

200 OK

15 kB

URL HTTP/1.1
www.connect-secureportail.com/js/bootstrap.min.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (59893)
Size
15 kB (14854 bytes)
Hash
2e1b61a9679373366327a202a09881f6
5dafbbd954a764d53fd85ccef9e85d807e1c546e
64105fcd49539503274d1209a3bde3fba5f833b53c70459398f9515b6d61cf3c

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 14854
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/jquery.slicknav.js

23.81.180.215

200 OK

4.6 kB

URL HTTP/1.1
www.connect-secureportail.com/js/jquery.slicknav.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text
Size
4.6 kB (4552 bytes)
Hash
7e0d0ef9ea1a1b061d8a6cb52633fb0f
0fe9a717731453d6a4eca611678a013a9d3e510d
988c5b0915838a6645e8b92e5444c3c71efced28ef9d309f05281736ee3c13cf

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/jquery.slicknav.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4552
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/owl.carousel.min.js

23.81.180.215

200 OK

11 kB

URL HTTP/1.1
www.connect-secureportail.com/js/owl.carousel.min.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text, with very long lines (31997)
Size
11 kB (11426 bytes)
Hash
5376ca4df27164948517a5d0b2ab4614
09b14fd7833a2cd17cc2a45bcbc2801393f0626d
377447609f26e6ecf0ea437f7fbdb51019c2011832049b5269eb6c04135d2e2a

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/owl.carousel.min.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 11426
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/js/main.js

23.81.180.215

200 OK

1.1 kB

URL HTTP/1.1
www.connect-secureportail.com/js/main.js
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
ASCII text
Size
1.1 kB (1107 bytes)
Hash
b824e40552357938b30b11d4057bb01d
4151e38db3e8bcdea4a1333e76f3dcd5af3e78db
41b5a14f8c78e1de16ffe42b958e7e2e6181d04388bafc75cd7d34d8bc7aac21

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /js/main.js HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: application/javascript
last-modified: Wed, 02 Sep 2020 06:27:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1107
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed

www.connect-secureportail.com/capture1.png

23.81.180.215

200 OK

11 kB

URL HTTP/1.1
www.connect-secureportail.com/capture1.png
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
PNG image data, 1348 x 123, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10911 bytes)
Hash
6d81d727584cd82226208768fcdca481
65bcfd7256d5c423bfeab8ba32b6c2be70de732b
a7a3f826fc3ed5499f54784a054584eb12967786cce82d92f5aba787e2d251da

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /capture1.png HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: image/png
last-modified: Thu, 20 Oct 2022 12:36:58 GMT
accept-ranges: bytes
content-length: 10911
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed
vary: User-Agent

www.connect-secureportail.com/capture4.png

23.81.180.215

200 OK

530 B

URL HTTP/1.1
www.connect-secureportail.com/capture4.png
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
PNG image data, 40 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
b6ef5c7a0fd7a4fdd9b57a8a1c7c6a80
b7836a096bf2561f384591a96035a76aa98fd922
b1a78aeb8f3191263370029b5eb50405db168e501ebb5d38be0d45b43a35d0ad

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /capture4.png HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: image/png
last-modified: Thu, 20 Oct 2022 13:17:44 GMT
accept-ranges: bytes
content-length: 530
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed
vary: User-Agent

www.connect-secureportail.com/logo-Orange.jpg

23.81.180.215

200 OK

44 kB

URL HTTP/1.1
www.connect-secureportail.com/logo-Orange.jpg
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1659x1659, components 3\012- data
Size
44 kB (44353 bytes)
Hash
44a69ff3247339df1bbe75c9cf6c02a9
f2aa50d19d74eb823e429298c11e46bee14fd22b
283d82cc1d2d84dc0f98bab5d81819ac86a2a98f387421a511381f9120763885

Detections

Analyzer	Verdict	Alert
openphish	Orange

HTTP Headers

GET /logo-Orange.jpg HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.connect-secureportail.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: image/jpeg
last-modified: Thu, 20 Oct 2022 09:51:18 GMT
accept-ranges: bytes
content-length: 44353
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed
vary: User-Agent

www.connect-secureportail.com/fontawesome-free-6.2.0-web/webfonts/fa-solid-900.woff2

23.81.180.215

200 OK

150 kB

URL HTTP/1.1
www.connect-secureportail.com/fontawesome-free-6.2.0-web/webfonts/fa-solid-900.woff2
IP
23.81.180.215:0
ASN
#7203 LEASEWEB-USA-SFO-12

File type
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256\012- data
Size
150 kB (150472 bytes)
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Detections

Analyzer	Verdict	Alert
openphish	Orange
fortinet	Phishing

HTTP Headers

GET /fontawesome-free-6.2.0-web/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.connect-secureportail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.connect-secureportail.com/fontawesome-free-6.2.0-web/css/all.min.css

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 13:23:01 GMT
content-type: font/woff2
last-modified: Tue, 30 Aug 2022 15:47:10 GMT
accept-ranges: bytes
content-length: 150472
date: Sat, 28 Jan 2023 13:23:01 GMT
server: LiteSpeed
vary: User-Agent

fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Josefin+Sans:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Josefin+Sans:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.connect-secureportail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:23:01 GMT
date: Sat, 28 Jan 2023 13:23:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Play:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.connect-secureportail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 13:23:01 GMT
date: Sat, 28 Jan 2023 13:23:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML