Report - lamital.in/flipbook/service/LP/DSP2/login/login.php

Report Overview

URL

lamital.in/flipbook/service/LP/DSP2/login/login.php
IP

173.249.25.22

ASN

#51167 Contabo GmbH
Submitted

2023-03-19T08:40:02Z

Access

public
Tags

la_banque_postale phishing
urlquery detections

Phishing - La Banque postale

Detections

urlquery

27
Network Intrusion Detection

0
Threat Detection Systems

12

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333	391	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606	127	35.161.44.207
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3245	54484	34.120.237.76
lamital.in (23)	301268	2020-05-20T05:14:57Z	2023-03-24T13:03:19Z	11403	2094600	173.249.25.22
r3.o.lencr.org (7)	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2366	6204	23.36.77.32
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782	2373	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413	5894	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/login/login.php	La Banque postale
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/login/login.php	La Banque postale

PhishTank

Scan Date	Severity	Indicator	Alert
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/login/login.php	Other
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/login/login.php	Other

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/login/login.php	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/login/login.php	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/assets/js/bootstrap.min.js	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/assets/js/main.js	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/assets/js/popper.min.js	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/assets/js/jquery.min.js	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/assets/fonts/secure-asterisk.woff	Phishing
2023-03-19	medium	lamital.in/flipbook/service/LP/DSP2/assets/js/fontawesome.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

HTTP Transactions (41)

URL IP Response Size

lamital.in/flipbook/service/LP/DSP2/login/login.php

173.249.25.22

301 Moved Permanently

267

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/login/login.php
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

Size

267
Hash

7b11675401ae58dfe9fb7faf2cfb3c3c

47dea18747e1112d9564a766503911d9782d7342

0772eb09e525ee2ac07235df1b929390bceabb90cc60f3f999cfcba2e18703e0

Detections

Analyzer	Verdict	Alert
openphish	La Banque postale
phishtank	Other
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/login/login.php HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Date: Sun, 19 Mar 2023 08:39:51 GMT
Server: Apache
Location: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Content-Length: 267
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

2857be6f18459c7a4a7f00f6cd6076f1

570609086d72a9be57cde7bfefd25663c1035fba

bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12185
Expires: Sun, 19 Mar 2023 12:02:56 GMT
Date: Sun, 19 Mar 2023 08:39:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

443a700f85619f4fd8a548421c5c23e2

a58764a07feafb2bb4b340c020b5104c55b35195

0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7994
Expires: Sun, 19 Mar 2023 10:53:05 GMT
Date: Sun, 19 Mar 2023 08:39:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

bc86ef2a0cee04915bc360f5821adc8f

3658f9028cce204d38f7f48fcfaa2a8e4f54383a

aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 08:27:03 GMT
content-type: application/json
age: 768
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

eddc2a353d39e5ce5c30d7e90b3ed6a5

305e86e4b966344c135c50af9a6509ffd3a83e9e

bd775c38c2e11f1baedde5d92ab17ceaf4c2067f8ea996595a66801758a71813

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD775C38C2E11F1BAEDDE5D92AB17CEAF4C2067F8EA996595A66801758A71813"
Last-Modified: Fri, 17 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2635
Expires: Sun, 19 Mar 2023 09:23:46 GMT
Date: Sun, 19 Mar 2023 08:39:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

e7bace7c1e04d44012e37ddffe36e5d5

3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2

6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: wdLIUc41OEXTryQ3nNPBrOZvg7ZYyjBL5m7JZYgjYAuDH4gyDsm2Gfw5GkhjECoQPfieNdlVOSJNjuye3djLww==
x-amz-request-id: S6PE8N88PP6Y1FPF
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 07:52:17 GMT
age: 2854
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

lamital.in/flipbook/service/LP/DSP2/login/login.php

173.249.25.22

200 OK

10453

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/login/login.php
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (726), with CRLF line terminators

Size

10453
Hash

6690cf6868d9b267d772c07d361e6b22

cd9ac3cb478625bb760f8c30c5a3cfa9ca89a84a

ace0ff01bcbf27edbdf4dc42ffe01db57990ec904be88083c7541457d2175395

Detections

Analyzer	Verdict	Alert
openphish	La Banque postale
phishtank	Other
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/login/login.php HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:51 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:39:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

lamital.in/flipbook/service/LP/DSP2/assets/css/bootstrap.min.css

173.249.25.22

200 OK

155758

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/css/bootstrap.min.css
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (65324)

Size

155758
Hash

a15c2ac3234aa8f6064ef9c1f7383c37

6e10354828454898fda80f55f3decb347fd9ed21

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/css/bootstrap.min.css HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:51 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 155758
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

lamital.in/flipbook/service/LP/DSP2/assets/css/fonts.css

173.249.25.22

200 OK

1751

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/css/fonts.css
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with CRLF line terminators

Size

1751
Hash

489bf4af64d712bd387b4e4c8b158eba

21cc8f3dc55483a53adac5f2785e4cbae985e579

a4592a42945beac4574095cb95f96f482116e2076a20f1ef8629a6021a643f6a

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/css/fonts.css HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 1751
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

lamital.in/flipbook/service/LP/DSP2/assets/css/main.css

173.249.25.22

200 OK

6951

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/css/main.css
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (6949), with CRLF line terminators

Size

6951
Hash

5aec67a2f1a0b885f7a1262d7cc590fa

ed95e5bffa5115b7a3c0e0ffa054b28a468393ad

6c9f3bd3803218c842991179eaef618f5aa1519551360e1834fda108ad5c68cc

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/css/main.css HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 6951
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

lamital.in/flipbook/service/LP/DSP2/assets/js/bootstrap.min.js

173.249.25.22

200 OK

136072

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/js/bootstrap.min.js
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (328), with CRLF, CR line terminators

Size

136072
Hash

5e7d168ed3203dab385e83f97f98f725

6d19a7d83a87b427f2fc5ced2c0e86c92f58a142

2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/js/bootstrap.min.js HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 136072
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

lamital.in/flipbook/service/LP/DSP2/assets/js/main.js

173.249.25.22

200 OK

1916

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/js/main.js
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators

Size

1916
Hash

cf6ff0eef580f3393e37146c85def933

dee034e0cd52594132ca4f73911c1386b660a1ff

6485f454bae479e9e556ac912a9bfeee8619437989c5ff4423b3d5d6e8e5e209

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/js/main.js HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 1916
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

lamital.in/flipbook/service/LP/DSP2/assets/js/popper.min.js

173.249.25.22

200 OK

20340

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/js/popper.min.js
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (20164), with CRLF line terminators

Size

20340
Hash

5644e6835941af44dcb5cead916c2b79

6eb1840d55338895ce6ecc3eab56132b1d152b93

315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/js/popper.min.js HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 20340
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

lamital.in/flipbook/service/LP/DSP2/assets/css/helpers.css

173.249.25.22

200 OK

41752

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/css/helpers.css
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (41750), with CRLF line terminators

Size

41752
Hash

fd877f138d23d5a790645eb95167aec3

ee2f01ca01c5f7e6f674ad79a9fea30f78a66f2c

f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/css/helpers.css HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 41752
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

lamital.in/flipbook/service/LP/DSP2/assets/images/top-header-right.png

173.249.25.22

200 OK

3223

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/top-header-right.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 165 x 12, 8-bit/color RGBA, non-interlaced\012- data

Size

3223
Hash

a807d65c0c9d3f695f10e08980bc1b51

e1fa5b9f089087d9b0c94dfc1557d6de22fb6b8e

5b6cd7b81854519965959d1549226e565a77de441a694df48579868348513d21

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/top-header-right.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 3223
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/top-header-left.png

173.249.25.22

200 OK

7766

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/top-header-left.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 582 x 46, 8-bit/color RGBA, non-interlaced\012- data

Size

7766
Hash

05d0bcebf3df7ee2a73dee6cded8748c

3a2063b7ea5f324dfba774b9cf2671480f387fd3

004c0d90d64d9266498f39a020a0a6fe4110b94f8447daea5b1373d3e7934aad

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/top-header-left.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 7766
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/footer.png

173.249.25.22

200 OK

53035

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/footer.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 907 x 595, 8-bit/color RGBA, non-interlaced\012- data

Size

53035
Hash

f96a98795792fd92b817f70089d30c31

b2ca6b578360c9f67c6af13a25568ac31fb08f7b

5bb399100f821a7bada7a8faa36de1e64dd19bcde8854eb9980b5b07cb74de1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/footer.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 53035
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/top-header-left2.png

173.249.25.22

200 OK

1402

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/top-header-left2.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 83 x 41, 8-bit/color RGB, non-interlaced\012- data

Size

1402
Hash

6c8bd7116fa86f2ae3c0180d903925ef

bf8ddfd792a103dc6d5aacd11e9d903072684c70

c96109fef3e6ae0c4dffe3fcc9026352c44a2147b9fd2c4d6e08d32cdcf2641f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/top-header-left2.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 1402
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/js/jquery.min.js

173.249.25.22

200 OK

88145

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/js/jquery.min.js
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (65450), with CRLF line terminators

Size

88145
Hash

2f772fed444d5489079f275bd01e26cc

a8927ac2830b2fdd4a729eb0eb7f80923539ceb9

2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/js/jquery.min.js HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

lamital.in/flipbook/service/LP/DSP2/assets/images/header-right.png

173.249.25.22

200 OK

4864

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/header-right.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 383 x 50, 8-bit/color RGBA, non-interlaced\012- Minix filesystem, V1 (big endian), 8916 zones\012- data

Size

4864
Hash

2375d45e3a3f1902e9e5e3509b729ab0

611da0b1ef30ce60cb99fc53e8f4e68e2c4b89a6

dc76d1d3963947047b414b58209d235ff6e36043fe66514606a260a8c3d96cb0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/header-right.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 4864
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/header-left.png

173.249.25.22

200 OK

13753

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/header-left.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 481 x 70, 8-bit/color RGBA, non-interlaced\012- data

Size

13753
Hash

7d9605f1532c3522c8bcbb0f29365c33

01d4c9d444aa4f64223febe842a7d1d371215dd1

c83e6ec9b5ceece6db819192b3f6f877fc64296b1ed27ec5b53cc5c4d86f8ab4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/header-left.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 13753
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/logo.png

173.249.25.22

200 OK

6360

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/logo.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data

Size

6360
Hash

25722a7e1f0c794ae8b299897c61a03b

8657666cb41fd8fcd3e0202bb9c3327fba3f837f

f0f02c834c71eff3c9dbc749f81ea8be9c213326a6908e7b80a7da9cba637ae3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/logo.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 6360
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/header-right3.png

173.249.25.22

200 OK

1187

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/header-right3.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 228 x 50, 8-bit/color RGB, non-interlaced\012- data

Size

1187
Hash

f2766a53f341aa32b32efef5152cb92b

472e5b58d6f177a1dae8c272b209aa0a4c7c2731

f209ec1d94d89a8fa9cdadffa82ac9f6bb696687d21caaf0a15007199fdbcbfc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/header-right3.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 1187
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/images/header-right2.png

173.249.25.22

200 OK

4897

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/header-right2.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 503 x 50, 8-bit/color RGB, non-interlaced\012- data

Size

4897
Hash

9252aa94fff77064c1ff6bcc5b7398dd

b4ff8e78716f29cccb54b70906794a44fd7a1a21

37a288f0c7a73fecda634b2262ba8d7c23953e2268aa9a6dabc21955b5a174e9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/header-right2.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 4897
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

lamital.in/flipbook/service/LP/DSP2/assets/fonts/secure-asterisk.woff

173.249.25.22

200 OK

3176

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/fonts/secure-asterisk.woff
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

Web Open Font Format, TrueType, length 3176, version 0.0\012- data

Size

3176
Hash

374b020a914ea198d75d783535440a81

2dd183915d84f1a8deee4fdb1091af1cd2989e25

cc0b81d5e663b8abed0d6035739f40950ae99bcabb9a88f1e92eb910ae769cea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/fonts/secure-asterisk.woff HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/assets/css/fonts.css
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 3176
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Mar 2023 08:14:32 GMT
age: 1520
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

lamital.in/flipbook/service/LP/DSP2/assets/images/content.png

173.249.25.22

200 OK

461751

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/content.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 939 x 2166, 8-bit/color RGBA, non-interlaced\012- data

Size

461751
Hash

a163946bb2c40cfce6b8eb1f7c5a4f63

77405f7e4c20b1e6088ec70c468edacda7638aac

8f7220fde4861e61d5d1f84538771bf385a161f5889476028a61341ac01875d0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/content.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/assets/css/main.css
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 461751
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

0a4b141e90b0fb22cf6d10a6a4fd360d

37b081be1a69edb97a7c562b71474f4d7405d94e

5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13100
Expires: Sun, 19 Mar 2023 12:18:12 GMT
Date: Sun, 19 Mar 2023 08:39:52 GMT
Connection: keep-alive

push.services.mozilla.com/

35.161.44.207

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

35.161.44.207:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qiD5pQ5Kgkl+FzIfVpDJYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wBtb61Kf6Sv9bF6TNYE5hPkiuGQ=

lamital.in/flipbook/service/LP/DSP2/assets/js/fontawesome.min.js

173.249.25.22

200 OK

1061198

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/js/fontawesome.min.js
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

ASCII text, with very long lines (65347), with CRLF line terminators

Size

1061198
Hash

a6756b0b8637e62f56d9d794b154ca12

5cd7e758e41375d85cef812d4578d5cd9b949ea7

21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/js/fontawesome.min.js HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:52 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 1061198
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

lamital.in/flipbook/service/LP/DSP2/assets/images/favicon.png

173.249.25.22

200 OK

2817

URL HTTP/1.1

lamital.in/flipbook/service/LP/DSP2/assets/images/favicon.png
IP

173.249.25.22:0
ASN

#51167 Contabo GmbH

Magic

PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data

Size

2817
Hash

95148d7f825922493ef706dd98457ff4

a0a5b1c2f52bb002000a04de5aa74d8ed25fc703

c78d2b529472912245060a36f2393b664716b51511b6bdcfa385fba224ba3811

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - La Banque postale
urlquery	phishing	Phishing - La Banque postale

HTTP Headers

                                        GET /flipbook/service/LP/DSP2/assets/images/favicon.png HTTP/1.1
Host: lamital.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lamital.in/flipbook/service/LP/DSP2/login/login.php
Cookie: PHPSESSID=cecc220f9c2c3df9fcfb9d63d74ec818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Date: Sun, 19 Mar 2023 08:39:53 GMT
Server: Apache
Last-Modified: Fri, 10 Mar 2023 23:41:53 GMT
Accept-Ranges: bytes
Content-Length: 2817
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

de95776582936b8e129e876cf6d80fa8

0233251e1cf0123f1260d980d7c8ef92718723f9

49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4413
Expires: Sun, 19 Mar 2023 09:53:27 GMT
Date: Sun, 19 Mar 2023 08:39:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

de95776582936b8e129e876cf6d80fa8

0233251e1cf0123f1260d980d7c8ef92718723f9

49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4413
Expires: Sun, 19 Mar 2023 09:53:27 GMT
Date: Sun, 19 Mar 2023 08:39:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

de95776582936b8e129e876cf6d80fa8

0233251e1cf0123f1260d980d7c8ef92718723f9

49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4413
Expires: Sun, 19 Mar 2023 09:53:27 GMT
Date: Sun, 19 Mar 2023 08:39:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58bd5191-7eab-437d-a18c-a930f08c6cc6.jpeg

34.120.237.76

200 OK

7842

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58bd5191-7eab-437d-a18c-a930f08c6cc6.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

7842
Hash

916a27eee94b9be1c268cd17c11c4824

4530492308074d7f4f7f888593149377e70ee561

a7aeaf49047efb11e4cd8b72bd2e00b4afdfe461b5be50d88c343ffbf3d3ca45

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F58bd5191-7eab-437d-a18c-a930f08c6cc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 7842
x-amzn-requestid: 6e6fff9e-c942-498d-b649-9f7f6d82fba6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B6lDbHn4oAMF5BA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64141baf-268367ad5333899e40d8353d;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 07:50:07 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: k1cHkKf_bxsiXniP1nGXKi6fUo9WFRCOkvu7hewwOQZdtkWnBtoktQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:13:50 GMT
age: 37564
etag: "4530492308074d7f4f7f888593149377e70ee561"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5417

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8797d11-0587-421b-bfe0-8621f2e6a8be.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5417
Hash

0eda887ce6aad02ab7605ffd54b736c2

4de17a25e8c0155e60ac08df41fcdd13f321a35f

d6ed571fc493fadc069b2191475face34d57823820b9e7d63d13eeeddb5ad6aa

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8797d11-0587-421b-bfe0-8621f2e6a8be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5417
x-amzn-requestid: 377c2c60-47d3-4b30-91be-bb249e8c4bb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wY4FZnIAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162dd2-7bd4ba134f3e30e245cd42b9;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: VX90uELFRDIL876EBNzljOUqcGwO2F8AUN8ejKq8ETqnEmxcyfTc3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 da4fa914888b330b3e8a08632b8e41be.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:46:34 GMT
age: 39200
etag: "4de17a25e8c0155e60ac08df41fcdd13f321a35f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5311

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5311
Hash

07289211ce045b31693c7bb59c06f338

210abec1182bb94b9d0e48827ecb8023611c4489

808b7bfa4b75cfb91e003d6375802da7d2719de29d4f64776dea57992b7632c4

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5311
x-amzn-requestid: 3e000f36-3e2a-4008-950b-2e9f83306e51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w3eFmtIAMF7EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e95-1b9e4cc8033920ea365de22f;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: mB-sWMCTChGtVbvW4TkpKqqpSACyRLw9x32bDY3kvV3f0IrEsti9cg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:48:16 GMT
etag: "210abec1182bb94b9d0e48827ecb8023611c4489"
content-type: image/jpeg
age: 39098
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11784

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

11784
Hash

49b71c6b1d8a81d5c9e5281eec609c25

59d56060ea97e27de572e48eb907882f5767f427

d8d1aa817b12b61d85115c0020fafd2c2e02a0277417e96fb995329ea3c7f01a

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ca6f680-5e4b-497f-aef4-6cca71cb98d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 11784
x-amzn-requestid: 29c7373c-4eb0-4374-8c4c-205285e23667
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_whwHM7oAMF_kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e0a-0c30752b04757beb7ea417a7;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:32:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pPIURVGevjYlykVadfXACVKOnHw9BNb9udBL65Kl-z7I9AUWFDoOeQ==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:14:05 GMT
age: 37549
etag: "59d56060ea97e27de572e48eb907882f5767f427"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10338

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

10338
Hash

78453ba98b72eff3879ef163b59c86ed

80519bb3726ee1f9f211344cd433cefaed3a7f2e

61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: K19FG80YIBs-7NnPFJQEodETe4DpifB_BA2FpyYtB0W-sXXjNlLKxw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 07:04:47 GMT
age: 5707
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7432

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834645cc-a32c-47ac-a12f-235778429d48.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

7432
Hash

082117af513213d5b43e25c97b2b2ed6

f7f8151a3827455579613bf12a3e45c049fb2e33

bb31257b2410493e8ab481ce3f2a3215c7ca5af9702319afbafc17b988d5bde1

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834645cc-a32c-47ac-a12f-235778429d48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 7432
x-amzn-requestid: eadf4a39-81bf-4e09-b9e4-45e3c9592996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w2HEzSoAMFTxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e8d-099b5c3d32d7d7300266dd95;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: geY0kRQBa0RwG_aW9n_18KoQrJNNNR3zRMKkmsA2OOXQHGkEE4N0Qw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:13:23 GMT
age: 37591
etag: "f7f8151a3827455579613bf12a3e45c049fb2e33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

#1 JS:Script (size: 136072)

#2 JS:Script (size: 20340)

#3 JS:Script (size: 88145)

#4 JS:Script (size: 1061198)

#5 JS:Script (size: 1916)

#6 JS:Script (size: 1378)

HTTP Transactions (41)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash