Report - www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile

Report Overview

Submitted URL
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile
IP
192.124.249.137
ASN
#30148 SUCURI-SEC
Submitted
2022-10-07 20:08:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.69.181.45
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	28 kB	104.17.25.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	334 B	2.4 kB	192.124.249.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
secureservercdn.net	14983	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	4.7 kB	192.124.249.16
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	934 B	104.18.10.207
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
www.vgbuilding.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	266 kB	192.124.249.137
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	2.3 kB	192.124.249.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-03	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/	Generic/Spear Phishing
2022-10-03	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/	Generic/Spear Phishing

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/aide.svg	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/auth.js	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/fermer.svg	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/urls.js	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/jquery-1.11.3.min.js	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/PlutoSansDPDRegular-Web.woff	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/bootstrap.min.js	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/	Phishing
2022-10-07	medium	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	vgbuilding.com	Sinkholed
2022-10-07	medium	vgbuilding.com	Sinkholed
2022-10-07	medium	vgbuilding.com	Sinkholed
2022-10-07	medium	vgbuilding.com	Sinkholed

JavaScript (6)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 10:48:57 Times Seen60851 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/auth.js	12 kB	2023-03-07	2023-05-16
Pretty URL www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/auth.js IP 192.124.249.137 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2023-05-16 01:46:00 Times Seen23 Hash c7d1485870c2b18dfaa8feee71ea3642 ba10266f8e3179e8a7038c098160bd81d320ca4a 4978eaf0bc28dd26ce43237fc213d2935569523b5001362493d66262a0808aca Loading...

	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/jquery-1.11.3.min.js	96 kB	2023-03-07	2024-04-18
Pretty URL www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/jquery-1.11.3.min.js IP 192.124.249.137 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:14 Last Seen2024-04-18 02:03:18 Times Seen2804 Hash 13c0a5055cca7b2463b2f73701960b9e e6082a7b52db82604ac446d2e6a32cb5af263781 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104 Loading...

	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-19
Pretty URL www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/bootstrap.min.js IP 192.124.249.137 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2024-04-19 06:50:02 Times Seen945 Hash fb0e635db142b1b9fce20fe2370ec6cc c5c481ca5a263031d938f6c12abd2fe5fb4b6a83 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459 Loading...

	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/urls.js	381 B	2023-03-07	2023-05-16
Pretty URL www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/urls.js IP 192.124.249.137 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2023-05-16 01:46:00 Times Seen16 Hash b7d4ecba14772406600a629440622341 4fde1419b92a2879d2a162cc5f09cde9b47d0665 1517e991b1118e6bcb4136a5fb7cf8558a4314cc9a3141f7df1dbd0134056cba Loading...

	www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/	1.2 kB	2023-03-07	2023-05-16
Pretty URL www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/ IP 192.124.249.137 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:27 Last Seen2023-05-16 01:46:00 Times Seen12 Hash 7ec5b1bc843f1615f75df2a3909b57ca 263499838efb7a6a5f74935830c117a9a01d2cc4 2ef896869f2e016dee8068325c355e98462484106656b4def16e097c0d7ab5a8 Loading...

HTTP Transactions (47)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11361
Expires: Fri, 07 Oct 2022 23:17:52 GMT
Date: Fri, 07 Oct 2022 20:08:31 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HgA2xniHoT4NGHFD8HSogd9eR7Yf-cJHCr_Ket2sh-pNXEJKzb5ttA==
Age: 188473

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5817
Expires: Fri, 07 Oct 2022 21:45:28 GMT
Date: Fri, 07 Oct 2022 20:08:31 GMT
Connection: keep-alive

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile

192.124.249.137

308 Permanent Redirect

112 B

URL HTTP/1.1
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
HTML document, ASCII text
Size
112 B (112 bytes)
Hash
00611dc573fca5ece7541d7e57b78fd0
da45479a69f67e9864f1f2f06bd9af3b6a3a96a3
d2fe46bbea000d3f97c25edb09cded91a6371c0f31bcba5405a7fa5376853150

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 308 Permanent Redirect
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 20:08:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 112
Connection: keep-alive
X-Sucuri-ID: 19037
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile
X-Sucuri-Cache: MISS

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Rlmv2yxPbSAnfhZpGvTigQmZ3CkkvvqnbNyayvSaCdjGl6YwGjKd3DwVQIpQvlOIsu7/QwI/Am8v50zX+wLqIg==
x-amz-request-id: SQD9D3R9ZHN5GEJK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 19:59:18 GMT
age: 553
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
cc97ca150a00a0245282d7fdc021414c
8b2a4c499f12ce069121d1ceea802b1ec19bfe1d
1e526e76d1544dbfbd99899fede8a1dea2f657957b6de7500c47b2d56f6c2fdc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 20:08:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:12:49 GMT
Expires: Fri, 07 Oct 2022 23:12:49 GMT
ETag: "8b2a4c499f12ce069121d1ceea802b1ec19bfe1d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 19:29:41 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 20:21:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y2DXYKZEtuCNhQVlUp1ZMTAqp_Nv_oznz51WHtAAxTtZStrBgLUjzQ==
Age: 2330

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 707
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 20:08:31 GMT
Last-Modified: Fri, 07 Oct 2022 19:56:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile

192.124.249.137

301 Moved Permanently

217 B

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
217 B (217 bytes)
Hash
e807c50bd6cd7060e7414a62065bf1ba
d67d954c6eccb7c3964c7d27a1af490a57eb00d3
41d41904ba1bfb67ff8214ee5f016292a2dd0513687aa532bf10218c0c3116fc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 07 Oct 2022 20:08:32 GMT
content-type: text/html; charset=iso-8859-1
content-length: 217
location: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
x-sucuri-id: 19037
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
age: 84874
content-encoding: gzip
vary: User-Agent, Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: EXPIRED
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jFFElPA8MF6Vx/my4CP1YQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ndiM76ZAWGG2PQTtAPxwbsoSDZA=

cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32058)
Size
27 kB (27277 bytes)
Hash
b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:08:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 841942
expires: Wed, 27 Sep 2023 20:08:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3aZjptZBZXhkJYH9e87RBffNYqU4VixZIQftuGnDh8L9bzchQ5FE49JUlbYLJqpIVRsbRumZNMzfAroPPm7hZhb6syKVIUvjVIJkhsIh7V3kh8zapVu8MkTqhw1UWdop22nOuap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756944f0fb7ab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/style.css

192.124.249.137

200 OK

11 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/style.css
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (636)
Size
11 kB (11141 bytes)
Hash
7acfaadd9e8402b24b7083c9a9b0f786
3fe0823d3fab2ed5b63ca244268a8749bea84708
efd9f795e14ee6ac73c32693c5c02648f7433153525a13712cb8872593b19942

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/poste_files/style.css HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: text/css
content-length: 11141
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "f2d4-5e9da889acbf4-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/styles/autentification.css

192.124.249.137

200 OK

3.5 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/styles/autentification.css
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
3.5 kB (3548 bytes)
Hash
572b9d9d65f3b9cc87ed964ba7f9037b
bf871208bd7712228f99023036b06219bd7ffa27
0a009577cb610d21820e9fc6be866839ac994fbec65002baa310b2ade05a3cfc

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/styles/autentification.css HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: text/css
content-length: 3548
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "3123-5e9da889cdb4e-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/logo-fc.png

192.124.249.137

200 OK

7.5 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/logo-fc.png
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 45 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7532 bytes)
Hash
34bfd90a0a2d8e31841fa6fa5d8f0773
d5d5274014cb0fdefe1412a48456278012b9ed33
8a1ffefb7605c98a92890e4ab41705314eb5c2aab201d4863cb06a24ee2d383d

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/logo-fc.png HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/png
content-length: 7532
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "1d6c-5e9da889c8946"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/logo-chronopost-international.png

192.124.249.137

200 OK

7.4 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/logo-chronopost-international.png
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 292 x 63, 8-bit/color RGB, non-interlaced\012- data
Size
7.4 kB (7416 bytes)
Hash
79295bc1d708ac9c90b388c0c0a5fe11
26e9e23a1b965008c30f45b6384be38877e4cf93
18772aeed03cde3b768320d3ba30034c0dd14f51cfefa202e2b3d6f7dc7fab99

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/poste_files/logo-chronopost-international.png HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/png
content-length: 7416
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "1cf8-5e9da889a9544"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/styles/bootstrap-3.3.6.min.css

192.124.249.137

200 OK

20 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/styles/bootstrap-3.3.6.min.css
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
20 kB (19763 bytes)
Hash
3f9dbe279cdd5918abd4433e99583cc3
7aae75708c5f5fd426a5cebe46c750d07aea309e
15a28696b576bbbdf13a7892b7f6d892ce07312fcb1b74891877be8200754588

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/styles/bootstrap-3.3.6.min.css HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: text/css
content-length: 19763
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "1d9c0-5e9da889ce31e-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/double-logo.png

192.124.249.137

200 OK

5.4 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/double-logo.png
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 900 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5404 bytes)
Hash
6d573547252d41ac80a647c32852e922
5ed5c7dffa5aa4e04eab2dbede57eaf00518b726
c64afcfa2be1d10a4375990cf4d192e4d374d4eeaad621e4721c2641d2f3e12e

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/poste_files/double-logo.png HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/png
content-length: 5404
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "151c-5e9da889a85a3"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/num_fiscal.png

192.124.249.137

200 OK

11 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/num_fiscal.png
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 358 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11352 bytes)
Hash
e1ec4daf3bb73fc2d1ae4a8ccaeaab56
95f7c081aba105bb2ee25d136866c974ef37905e
662ee4624be6f67f73e1365f9ed8eaba64b08044eea22f41102b64cfa1b97c6b

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/num_fiscal.png HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/png
content-length: 11352
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "2c58-5e9da889c9cce"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/aide.svg

192.124.249.137

200 OK

5.3 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/aide.svg
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2097)
Size
5.3 kB (5335 bytes)
Hash
f7b182639e776e90e75bd08d41c6b27e
a99286e8ef923b37679f523729db1a281e1b4b9d
e952750309dc8bd10a6bc568005552dbc541ec388fcd5b959a2e2f918e6a93df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/aide.svg HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/svg+xml
content-length: 5335
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
access-control-allow-origin: *
age: 0
etag: "14d7-5e9da889c75bd"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/Miniballs.gif

192.124.249.137

200 OK

18 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/Miniballs.gif
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
GIF image data, version 89a, 64 x 64\012- data
Size
18 kB (17926 bytes)
Hash
19df9250795ee08e7c07c9f342422657
97a1f8cd94be6909fdde853ba6f04b1432e03ba5
4d644aae3091c93a949be93b969dcd0f1ac12faf5c233556a6aa9d64b79479d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/Miniballs.gif HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/gif
content-length: 17926
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "4606-5e9da889c94fe"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr2.gif

192.124.249.137

200 OK

7.9 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr2.gif
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
GIF image data, version 87a, 500 x 45\012- data
Size
7.9 kB (7850 bytes)
Hash
9ac569f9172ee2f72b4b8ec60e878200
1aa6a5e76bf8e57df193b9c4c54a695885aeae07
c4544c13ad576f40a13c65e029f0b71dd886995a44fe60d8950e4a3ac3c72ef2

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr2.gif HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/gif
content-length: 7850
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "1eaa-5e9da889ca49e"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/auth.js

192.124.249.137

200 OK

1.8 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/auth.js
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
1.8 kB (1809 bytes)
Hash
61e42dc8e4fc4d2657011be96aef5563
46772aa2f258e5e5f26f64b90169f1717347430d
cbaba5c552e0c26c968b44a24af79ce7f1c9aea7dcd2a2ee9ee3f84029c977d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/js/auth.js HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: application/javascript
content-length: 1809
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "3073-5e9da889cbff6-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/fermer.svg

192.124.249.137

200 OK

1.8 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/fermer.svg
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (340)
Size
1.8 kB (1757 bytes)
Hash
c2a9168d032fcd7c8a0f8f015b10d211
8376d9a7c74b0b3ba4cbfde3658cf893a4cce7ec
bd41f1926d21d2cdcc4522c7d6ad6348e4f79230f97dc81910486b633fc98c23

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/fermer.svg HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/svg+xml
content-length: 1757
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
access-control-allow-origin: *
age: 0
etag: "6dd-5e9da889c7d8e"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/urls.js

192.124.249.137

200 OK

202 B

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/urls.js
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with CRLF line terminators
Size
202 B (202 bytes)
Hash
584eb148eea2e090869aa1230377541d
4f57128a6f3336b69fcd74f41b35b3bfa492cdf1
0dd4138ce6fc774c7d196f31edee639ff24c043d139780f514f8062f13a89523

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/js/urls.js HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: application/javascript
content-length: 202
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "17d-5e9da889ccf96-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/num_acces.png

192.124.249.137

200 OK

11 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/num_acces.png
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 358 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (10775 bytes)
Hash
4e6c27da9520a8c2ceef91ed89259369
2b08f22f82091ecc2870b479757fd649180e97a2
df2b07cd437457754a5c25161c293a2786b7cb8469f1ceb7cc9c9610f9138ed5

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/num_acces.png HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/png
content-length: 10775
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "2a17-5e9da889c98e6"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr_th.gif

192.124.249.137

200 OK

12 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr_th.gif
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
GIF image data, version 87a, 500 x 77\012- data
Size
12 kB (11850 bytes)
Hash
e80bd3543a2f020bb1d41127658a71dd
cf385d3e0852316b718f199d4e5da68f05ffeb29
081f617d20c0d2420e4f16b1ea74665263cf1dc94b165344e9db43c8f692fa67

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr_th.gif HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/gif
content-length: 11850
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "2e4a-5e9da889ca886"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr.gif

192.124.249.137

200 OK

21 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr.gif
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
GIF image data, version 89a, 261 x 224\012- data
Size
21 kB (21111 bytes)
Hash
3ca9a8d2da0185952738f92c4e8b5af5
3a3fee8aa01051a0fd781928cc99c62849bb2370
30c41fffa269f92fe8cd7f7b8826158257370884de8bd331c88fe32838a2b0fe

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/images/rfr.gif HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: image/gif
content-length: 21111
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
etag: "5277-5e9da889ca0b6"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/jquery-1.11.3.min.js

192.124.249.137

200 OK

33 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/jquery-1.11.3.min.js
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (32038), with CRLF line terminators
Size
33 kB (33289 bytes)
Hash
974102b326f151ad5d65a2b8dbab8de1
ade3c0b49411dad4d3749980ebca8db137ccdd3c
d0b818c4365e46d213ec8c91d8e68a85fa38ee3531810b45139c1d00ba9db8dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/js/jquery-1.11.3.min.js HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: application/javascript
content-length: 33289
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "176da-5e9da889ccf96-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/PlutoSansDPDRegular-Web.woff

192.124.249.137

200 OK

60 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/PlutoSansDPDRegular-Web.woff
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
Web Open Font Format, TrueType, length 60042, version 1.0\012- data
Size
60 kB (60042 bytes)
Hash
32319d6149e2659c974fef61dfd5cc42
e2aedccccdbad3f63b14e27941c59e7ba533cc51
c99d0b5a290e48d4e4cbb86c29dd12436f465696702a81ded130a411f1e98cd3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/poste_files/PlutoSansDPDRegular-Web.woff HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/poste_files/style.css
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: font/woff
content-length: 60042
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
age: 88872
etag: "ea8a-5e9da889ac03c"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/bootstrap.min.js

192.124.249.137

200 OK

9.8 kB

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/templates/js/bootstrap.min.js
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type
ASCII text, with very long lines (32003), with CRLF line terminators
Size
9.8 kB (9773 bytes)
Hash
9cda0a87ca6f3ee17062c37e3a68935b
1e76d5a64b89d9b007015f884a4527ea4dc52df6
8250b90941986ee4353506f41c7a855c19ed6fbeb7c9dc74f34c50552e4406d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/templates/js/bootstrap.min.js HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:33 GMT
content-type: application/javascript
content-length: 9773
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 88871
content-encoding: gzip
etag: "900a-5e9da889cc3de-gzip"
last-modified: Fri, 30 Sep 2022 01:01:27 GMT
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11258
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:08:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11258
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:08:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11258
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:08:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11258
Expires: Fri, 07 Oct 2022 23:16:11 GMT
Date: Fri, 07 Oct 2022 20:08:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8445 bytes)
Hash
4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 79596
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7261 bytes)
Hash
ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 80655
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.5 kB (2478 bytes)
Hash
17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:09 GMT
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
age: 79224
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10987 bytes)
Hash
53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 32432
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13437 bytes)
Hash
16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 79595
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9046 bytes)
Hash
7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 80655
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.vgbuilding.com/favicon.ico

192.124.249.137

302 Found

0 B

URL HTTP/2
www.vgbuilding.com/favicon.ico
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 07 Oct 2022 20:08:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://secureservercdn.net/45.40.150.54/4nn.60a.myftpupload.com/wp-includes/images/w-logo-blue-white-bg.png?time=1664432269
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 21378
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-redirect-by: WordPress
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
a4a0ba7eb0e73e48bfbb4c57c6cba4f5
77c93b70ac901ebe032ca081aeb88092e154689a
77c53726b0278ff4c2c2cefb3ddbccaae964aaebc823b35508be4248acfdab2f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 20:08:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 07 Oct 2022 07:45:42 GMT
Expires: Sat, 08 Oct 2022 07:45:42 GMT
ETag: "77c93b70ac901ebe032ca081aeb88092e154689a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

secureservercdn.net/45.40.150.54/4nn.60a.myftpupload.com/wp-includes/images/w-logo-blue-white-bg.png?time=1664432269

192.124.249.16

200 OK

4.1 kB

URL HTTP/2
secureservercdn.net/45.40.150.54/4nn.60a.myftpupload.com/wp-includes/images/w-logo-blue-white-bg.png?time=1664432269
IP
192.124.249.16:0
ASN
#30148 SUCURI-SEC

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /45.40.150.54/4nn.60a.myftpupload.com/wp-includes/images/w-logo-blue-white-bg.png?time=1664432269 HTTP/1.1
Host: secureservercdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vgbuilding.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:34 GMT
content-type: image/png
content-length: 4119
x-sucuri-id: 19016
age: 30571
etag: "1017-5ea5c9da34eae;5e3b5495ba8c6
last-modified: Thu, 06 Oct 2022 12:13:06 GMT
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/

192.124.249.137

200 OK

0 B

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/ HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:32 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j; path=/
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: EXPIRED
X-Firefox-Spdy: h2

www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/

192.124.249.137

200 OK

0 B

URL HTTP/2
www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
IP
192.124.249.137:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing
fortinet	Phishing

HTTP Headers

GET /livraison-colisadomicile/livraison-colisadomicile/ HTTP/1.1
Host: www.vgbuilding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vgbuilding.com/livraison-colisadomicile/livraison-colisadomicile/
Cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 20:08:32 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19037
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=1flkrpcfg1btp4t4c3ifv3ns0j; path=/
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff, nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block, 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vgbuilding.com
Connection: keep-alive
Referer: https://www.vgbuilding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 07 Oct 2022 20:08:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 896712035152dd56e79d5e033f213804
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 756944f0eae41c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (47)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size