Report - webmail.holisticfacades.com.ng/

Report Overview

Submitted URL
webmail.holisticfacades.com.ng/
IP
192.227.170.162
ASN
#36352 AS-COLOCROSSING
Submitted
2023-03-24 23:02:02
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	35.83.201.49
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	64 kB	34.120.237.76
webmail.holisticfacades.com.ng	unknown	2020-01-30T05:17:23Z	2020-02-28T05:22:14Z	8.7 kB	127 kB	192.227.170.162
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-24	medium	webmail.holisticfacades.com.ng/	Phishing
2023-03-24	medium	webmail.holisticfacades.com.ng/	Phishing
2023-03-24	medium	webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/webmail-logo.svg	Phishing
2023-03-24	medium	webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff	Phishing
2023-03-24	medium	webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff	Phishing
2023-03-24	medium	webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed
2023-03-24	medium	holisticfacades.com.ng	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	webmail.holisticfacades.com.ng/	84 B	2023-03-07	2024-05-09
Pretty URL webmail.holisticfacades.com.ng/ IP 192.227.170.162 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-09 21:51:19 Times Seen1380 Hash f88baf75b8e07dd7ec741e96546bc4f7 a74b22312f7ce6ea751190a32f188b305f2e71e3 1e5f5c8697f7a5934a4e88d298805feb7272c5ae7b1a357b44ec0b5289b60a50 Loading...

	webmail.holisticfacades.com.ng/	19 kB	2023-03-29	2023-03-29
Pretty URL webmail.holisticfacades.com.ng/ IP 192.227.170.162 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:53:28 Last Seen2023-03-29 21:53:28 Times Seen1 Hash f0c110e0c251bea8f45c612878122cfc 37eec3db50e5c06091c9db1e6453684cf2d4a2ec 6cb5f594a0d5fa6352a5946db3ec5e3e53cc3ce0ed73ffd6f75fe6a176eacf42 Loading...

HTTP Transactions (34)

URL IP Response Size

webmail.holisticfacades.com.ng/

192.227.170.162

301 Moved

123 B

URL HTTP/1.1
webmail.holisticfacades.com.ng/
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
HTML document text\012- HTML document, ASCII text
Size
123 B (123 bytes)
Hash
a13b52a67dfb39fd30b226a06feaa7c0
2136bec854f08b78f9118d4820a01174287327e3
c508ee39db60a201bfbf51eb557ecd1426102d001c8296768cec86c12fececef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved
Date: Fri, 24 Mar 2023 23:01:51 GMT
Server: Apache
Content-length: 123
Location: https://webmail.holisticfacades.com.ng/
Content-type: text/html; charset="utf-8"
Cache-Control: no-cache, no-store, must-revalidate, private
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2183
Expires: Fri, 24 Mar 2023 23:38:15 GMT
Date: Fri, 24 Mar 2023 23:01:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
13f90146df1d559743af6df15c29b77b
6dd24f60629c39f857e3c996084f4d515cf3f8d0
ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16895
Expires: Sat, 25 Mar 2023 03:43:27 GMT
Date: Fri, 24 Mar 2023 23:01:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 22:27:40 GMT
content-type: application/json
age: 2052
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11233
Expires: Sat, 25 Mar 2023 02:09:05 GMT
Date: Fri, 24 Mar 2023 23:01:52 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TLRkeq4yH0VujLEuOoxposkSH/uLiR+BSTusa8tFiVV1ZHstBSb1xsGzbVwJilP5YRz3MS37+yE=
x-amz-request-id: NPVQ477JK2ZQFQRY
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 23:00:33 GMT
age: 79
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 23:01:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 22:17:23 GMT
age: 2669
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

webmail.holisticfacades.com.ng/

192.227.170.162

200 OK

12 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10609)
Size
12 kB (12163 bytes)
Hash
4eeadb12e6b23184fb1a3bb80f8ef1a1
cd9ee6d8026a58eb93cc25157c297d2583b0fd14
f8d1b48b7c1231a1180fa6352f23d358f3329bc97b617a6960336e7c4b42f69f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:52 GMT
Server: Apache
Content-Type: text/html; charset="utf-8"
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, private, no-cache, no-store, must-revalidate, private
Content-Encoding: gzip
Content-Length: 12163
Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; HttpOnly; path=/; port=443; secure
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_sessauth=expired; HttpOnly; domain=webmail.holisticfacades.com.ng; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.holisticfacades.com.ng; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.holisticfacades.com.ng; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=443; secure
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
imp_key=expired; HttpOnly; domain=webmail.holisticfacades.com.ng; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.holisticfacades.com.ng; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
horde_secret_key=expired; HttpOnly; domain=.webmail.holisticfacades.com.ng; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
roundcube_cookies=enabled; HttpOnly; expires=Sat, 23-Mar-2024 23:01:52 GMT; path=/; port=443; secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15056
Expires: Sat, 25 Mar 2023 03:12:48 GMT
Date: Fri, 24 Mar 2023 23:01:52 GMT
Connection: keep-alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/open_sans.min.css

192.227.170.162

200 OK

522 B

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/open_sans.min.css
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
ASCII text, with very long lines (6358), with no line terminators
Size
522 B (522 bytes)
Hash
078451aa3d5a638defbab914828f8896
29e4c4d3612532853e4e85024bc5876821a4c1d7
b314e7360085c08219398ddf90b0c5da7bbc712b6b052e305d55246891a37599

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/open_sans.min.css HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:52 GMT
Server: Apache
Content-Type: text/css
Last-Modified: Wed, 30 Mar 2022 03:16:35 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:52 GMT
Content-Encoding: gzip
Content-Length: 522
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css

192.227.170.162

200 OK

33 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
ASCII text, with very long lines (35968)
Size
33 kB (33187 bytes)
Hash
6c5a4bc6c93e6a7350c7e8772855100a
1f77e6d41a7377fb792b274160ac1648060e86ce
d3f3d4c92a0f44e7433f30b77ce3a4fecf8e97fb96f351b8284b2045c5b4f95c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:52 GMT
Server: Apache
Content-Type: text/css
Last-Modified: Wed, 22 Feb 2023 03:30:12 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:52 GMT
Content-Encoding: gzip
Content-Length: 33187
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

push.services.mozilla.com/

35.83.201.49

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.201.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9G8GWifA2hQVEInSIgTspQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kZMgc2Tqah2ySTgcG1XvseB9qXQ=

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/webmail-logo.svg

192.227.170.162

200 OK

2.4 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/webmail-logo.svg
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5359)
Size
2.4 kB (2399 bytes)
Hash
1e8155df2eb2dd8cab316b75d06e6c62
150d79bc2e8c863083fa66a59138aea83ae9e3d5
316b6db503e40d0c57179ade6d4b8ad863716060444b395c01cb1d93c84caebe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/webmail-logo.svg HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/svg+xml
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Encoding: gzip
Content-Length: 2399
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-error.png

192.227.170.162

200 OK

1.0 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-error.png
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1026 bytes)
Hash
a3265cc598ae28633c060889e790f80c
57530d6996c8f36711ef05681474b8f63d4184b3
bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-error.png HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 1026
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/icon-username.png

192.227.170.162

200 OK

320 B

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/icon-username.png
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
320 B (320 bytes)
Hash
07ff84f8c855e5fe9d510ff5c9a4b1e4
11c262053e2b9be57d1dba7cb3d916ef041a0e50
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/icon-username.png HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 320
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff

192.227.170.162

200 OK

23 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
Web Open Font Format, TrueType, length 22908, version 1.0\012- data
Size
23 kB (22908 bytes)
Hash
697574b47bcfdd2c45e3e63c7380dd67
4590722b795938e0b6ff1b99701d1abe37aeabef
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: application/font-woff
Last-Modified: Wed, 30 Mar 2022 03:16:35 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 22908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/icon-password.png

192.227.170.162

200 OK

450 B

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/icon-password.png
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
450 B (450 bytes)
Hash
7ac1cefcb7eab93c6d6981ecde6c1635
1523f8cb80ab19108549d0b7db31a58b71c05d39
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/icon-password.png HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 450
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff

192.227.170.162

200 OK

23 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
Web Open Font Format, TrueType, length 22660, version 1.0\012- data
Size
23 kB (22660 bytes)
Hash
79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: application/font-woff
Last-Modified: Wed, 30 Mar 2022 03:16:35 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 22660
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/warning.png

192.227.170.162

200 OK

1.1 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/warning.png
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1060 bytes)
Hash
a64b8c7407bf94cc4448cb210bb882e7
a526cf52b2c5b6c2d0409b886de4aa968000fcd8
7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/warning.png HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 1060
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-info.png

192.227.170.162

200 OK

976 B

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-info.png
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
976 B (976 bytes)
Hash
14146cf832470d9beca95a708a1d6f8d
d4b506f92876baea69409f3a78c4718757a53b33
95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-info.png HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 976
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-success.png

192.227.170.162

200 OK

962 B

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-success.png
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
962 B (962 bytes)
Hash
0a0ec2a6468d4d1aa3fc2baa70271ac8
a31fb01790aca8dc1976450e4234cb6ccc328956
cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1546888268/unprotected/cpanel/images/notice-success.png HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1677036612/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Mon, 07 Jan 2019 19:11:08 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 962
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff

192.227.170.162

200 OK

22 kB

URL HTTP/1.1
webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff
IP
192.227.170.162:0
ASN
#36352 AS-COLOCROSSING

File type
Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Size
22 kB (22432 bytes)
Hash
2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff HTTP/1.1
Host: webmail.holisticfacades.com.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.holisticfacades.com.ng/cPanel_magic_revision_1648610195/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aKbethZwfYd_Iv2Dx%2c0e731906fab840bd9dcb647bbe529b57; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 24 Mar 2023 23:01:53 GMT
Server: Apache
Content-Type: application/font-woff
Last-Modified: Wed, 30 Mar 2022 03:16:35 GMT
Cache-Control: max-age=5184000, public
Expires: Tue, 23 May 2023 23:01:53 GMT
Content-Length: 22432
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15123
Expires: Sat, 25 Mar 2023 03:13:57 GMT
Date: Fri, 24 Mar 2023 23:01:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15123
Expires: Sat, 25 Mar 2023 03:13:57 GMT
Date: Fri, 24 Mar 2023 23:01:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15123
Expires: Sat, 25 Mar 2023 03:13:57 GMT
Date: Fri, 24 Mar 2023 23:01:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15123
Expires: Sat, 25 Mar 2023 03:13:57 GMT
Date: Fri, 24 Mar 2023 23:01:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15123
Expires: Sat, 25 Mar 2023 03:13:57 GMT
Date: Fri, 24 Mar 2023 23:01:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4000 bytes)
Hash
85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ncagzm12kJaHQtYhhjUUhcfXVfbwMdonoNYqpK-QXEmLfyyENgFnFA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 06:10:34 GMT
age: 60680
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F112421ed-b175-4bc1-9471-a730a43d97ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11390 bytes)
Hash
4de7ee55ab2a3a55a800c34ceffa6c26
35b3ad636660a46d6dab04d339dc4e7b34e31c34
fa9544bf632143a4a737ed20bba63a19441f68a7638fa583dc08dd1dc8155e27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F112421ed-b175-4bc1-9471-a730a43d97ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11390
x-amzn-requestid: dba50a43-8691-454d-9ec5-52816ea060c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CNDLZHE7oAMFXNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b7f15-2e40f713578806a02c5d93ec;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 22:20:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: sh8XjQuZDjMiAxBTOziS19ScH__2mZCqyQER6ZUp5biTdqtrQUUn9A==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
etag: "35b3ad636660a46d6dab04d339dc4e7b34e31c34"
content-type: image/jpeg
age: 4886
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8635 bytes)
Hash
73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ogff88YPb_ia9BPyBI0afIy9cWym7eDnXHKykpTS3NVG4EY_SUENDA==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:28 GMT
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
age: 4886
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0532fc8f-d698-45f5-b83f-b76e5cc7ae92.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11632 bytes)
Hash
6e4ebd0e1a713316e50ed843d8787568
8771e96beb62b1f136fdc24413767d9019eb0cbe
f65384731713085686d53666a19184eddc605c9cc7ca36ccccfef318bcb266c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0532fc8f-d698-45f5-b83f-b76e5cc7ae92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11632
x-amzn-requestid: 4ff6dfb6-7ee4-46ad-bfd5-8a73fa618c02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi8ZEZ_oAMFVSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b82-32567eed3e65a91a21fcb241;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:34 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Opj5IPBrtqn3zuHssdJsHk8fgn61j99IihSWfUsLFTn_w3_FbWFnlA==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 07:11:44 GMT
age: 57010
etag: "8771e96beb62b1f136fdc24413767d9019eb0cbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4160b82-5435-4953-972b-ec17ed6cfabb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
a181b1a0f36b14bbd372dedf341a5bfc
f86e75abebaa04f5a32c71b333f4ffe4c558025f
ab96058001db408e27be4d86eb9e2b688ba1691f206f4639971c5eb245ea5a4b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4160b82-5435-4953-972b-ec17ed6cfabb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: 0462dd66-7dc9-4339-89a1-467b3e39b392
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzFHfIAMFVyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-452c60524b5562dc5fda941a;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: usehpOA6Rgi0ehv2QGrAOAshAu9i0q9G3Fae44xd2mRX2JPfKPR_Nw==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:24 GMT
age: 4890
etag: "f86e75abebaa04f5a32c71b333f4ffe4c558025f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644f61ad-59fd-4171-83b9-7bcc66bb6067.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15418 bytes)
Hash
4fde777f6873c8532e6d5b8f1eadab56
5df18e308fe21cb5466d839d52a63a92b51d0ff4
ab805e2ce663c4df10af28ee58e6bdcd0618e602971cc5fdb841d865d824e858

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644f61ad-59fd-4171-83b9-7bcc66bb6067.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15418
x-amzn-requestid: 8341421b-a004-404b-be63-837e3e093fda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzHu1oAMFWZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-36bcecd1567f6180628b621e;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 44l0AUs59sygEPc7EaXwnEUpo6NKTyKTjt8nOb_ypnGc776ntfHp9g==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:40:23 GMT
age: 4891
etag: "5df18e308fe21cb5466d839d52a63a92b51d0ff4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN