| passbolt.essand.com/ | 74.208.242.159 | 301 Moved Permanently | 162 B |
IP74.208.242.159:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 26 Feb 2023 21:01:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://passbolt.essand.com/
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbc3cacbc6c565bf2955b507302b8fb41 7b773e19aff1d4904cec328c456513e80f917ba4 b45c582b42efef5e8bd5744333a137f13e94a93cafbaace39b36cfa1eeb041bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B45C582B42EFEF5E8BD5744333A137F13E94A93CAFBAACE39B36CFA1EEB041BD"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5487
Expires: Sun, 26 Feb 2023 22:32:45 GMT
Date: Sun, 26 Feb 2023 21:01:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8083775b7a6637d27672cc4a2581fa2d 023420d026fbf2cd0f69d5606524094011375202 66664ed1d36948fe99498950e3525d03c1797689c9186c4cd0bd5ded531b3bac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66664ED1D36948FE99498950E3525D03C1797689C9186C4CD0BD5DED531B3BAC"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13821
Expires: Mon, 27 Feb 2023 00:51:39 GMT
Date: Sun, 26 Feb 2023 21:01:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash29cfccb9238759ed21dbb0d92cae75f8 f41ad1b02e353cd2b33af7618c71cc16fae2886e 91e392e78e584e8a82762dab0d5615aa1af3893237d601db3d45bb6fad488580
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91E392E78E584E8A82762DAB0D5615AA1AF3893237D601DB3D45BB6FAD488580"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14075
Expires: Mon, 27 Feb 2023 00:55:53 GMT
Date: Sun, 26 Feb 2023 21:01:18 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash7f03faaba3392caae6dae54467bfdf6d 57ea1f14e8bfbcca8190c706d708c9fda12442c1 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Feb 2023 20:12:33 GMT
content-type: application/json
age: 2925
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sEa9G2npUzbnFnh9gLpvD/KhtCAeKUwmjrt9iupHio6AnuFspsHTpqqtadwk1+u+yF8kplugHoI=
x-amz-request-id: XRM41E9A56X3YNBS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Feb 2023 20:31:32 GMT
age: 1786
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Feb 2023 20:12:23 GMT
age: 2936
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashe81d88566f9c65076bbac43e96a48033 d29c705a859c7ec550c735e3a1159f7292e1edd5 be2eb652aaa6a9cc288e03bfcc62694aab28e3ac3671546e78e51e6db0c18871
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE2EB652AAA6A9CC288E03BFCC62694AAB28E3AC3671546E78E51E6DB0C18871"
Last-Modified: Sat, 25 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Mon, 27 Feb 2023 03:00:27 GMT
Date: Sun, 26 Feb 2023 21:01:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb1d73c7d1e3e594a7be10b7ac62176ac 46105f3b581c409f00524674825c08343e4d71d1 7b31674705946d30e1822ddca8008520258d81a32cb11fadeded012dac2b0d13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B31674705946D30E1822DDCA8008520258D81A32CB11FADEDED012DAC2B0D13"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14184
Expires: Mon, 27 Feb 2023 00:57:43 GMT
Date: Sun, 26 Feb 2023 21:01:19 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.184.15.26 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.184.15.26:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FtSqZKBq3mWLyQk00KFE3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3wQ3tBkdCnooMjA/9lFXjpbr5ow=
|
|
| passbolt.essand.com/js/app/api-vendors.js?v=3.2.1 | 74.208.242.159 | 200 OK | 126 kB |
URL HTTP/2passbolt.essand.com/js/app/api-vendors.js?v=3.2.1 IP74.208.242.159:0
File typeUnicode text, UTF-8 text, with very long lines (65435) Size126 kB (126440 bytes) Hash6486cc63dfa9f5b531f4ccf90709d011 bde50ffddbaa720d441b6607b1b0ac52f5a6f5c9 df2b261c4f7b0e781be993124dc73b1bd1534c564403085d786687309d07c64d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /js/app/api-vendors.js?v=3.2.1 HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://passbolt.essand.com/auth/login?redirect=%2F
Connection: keep-alive
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:14 GMT
content-type: application/javascript
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: W/"6c3b9-5c5b208c9b998"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/favicon_228.png | 74.208.242.159 | 200 OK | 6.0 kB |
URL HTTP/2passbolt.essand.com/favicon_228.png IP74.208.242.159:0
File typePNG image data, 228 x 228, 8-bit/color RGBA, non-interlaced\012- data Hashf2efe99b347c979f4e9ade01830ebea3 cca6dbd1dd3dfe450f089fa8098ac175a0c8d3ee 4436e1005ac4f12f36c385fb914c86cf25601d4fc6e3fdf6ecf1ef470c64a463
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /favicon_228.png HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://passbolt.essand.com/auth/login?redirect=%2F
Connection: keep-alive
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:14 GMT
content-type: image/png
content-length: 6040
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: "1798-5c5b208c95bd8"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6136
Expires: Sun, 26 Feb 2023 22:43:37 GMT
Date: Sun, 26 Feb 2023 21:01:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6136
Expires: Sun, 26 Feb 2023 22:43:37 GMT
Date: Sun, 26 Feb 2023 21:01:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc930829bdcc2bf23ff3014e5dd21f270 7e175882efd19d1649537da3c2c2e70833558d87 c18c9de6b0d5d2d78d1869d8138a00ef62cbd29a77e7cc2c69d30ad54799dda7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C18C9DE6B0D5D2D78D1869D8138A00EF62CBD29A77E7CC2C69D30AD54799DDA7"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6136
Expires: Sun, 26 Feb 2023 22:43:37 GMT
Date: Sun, 26 Feb 2023 21:01:21 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F475b1534-7068-4e8f-b3cf-2b8383c868c7.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F475b1534-7068-4e8f-b3cf-2b8383c868c7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1a071a3ba84b6fa6254044ab8378a2a0 5d9d0c12c4b9bcdac503d9089c158ea1281644fb 557c482e3f008a13dc0821d2dddd59d6d352672f9afab2d2c42b15d4ab256b08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F475b1534-7068-4e8f-b3cf-2b8383c868c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10195
x-amzn-requestid: a9b85d09-7704-4d07-bcc0-4e8b2db6f94e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6jiaE_aoAMFjJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7fa8-6caf97ad35b0949f7cda0c10;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:37:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: tUzVVz2Otd77Q8FGmm7SwXxMgqQBSzpWNmfXu2Ug8kkvedqfaKx3_Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 22:03:16 GMT
age: 82685
etag: "5d9d0c12c4b9bcdac503d9089c158ea1281644fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/js/app/api-triage.js?v=3.2.1 | 74.208.242.159 | 200 OK | 28 kB |
URL HTTP/2passbolt.essand.com/js/app/api-triage.js?v=3.2.1 IP74.208.242.159:0
File typeASCII text, with very long lines (65468) Hash9a75261a5e760ca25dc5d67f673fdc97 abc6f8f475c6e258e9be487ef08202057bc80aec 601efa75e471117060a5b5cbc52556005c62a3bfafab0188c6802915e29f1916
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /js/app/api-triage.js?v=3.2.1 HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://passbolt.essand.com/auth/login?redirect=%2F
Connection: keep-alive
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:14 GMT
content-type: application/javascript
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: W/"13083-5c5b208c9ade0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2a5f3d376fe6a3a78a5d1fe136f962fb 3e9b03cc296e954d63526a4e7e75beea3130fc3b c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGDTF9U77Y1pmqtYk-yDa2GsiRraTcwCOBV-yAzDPT2PvS89NeCtZg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:35:01 GMT
age: 84380
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f844fa-53e0-4abd-9ae5-9448aeaa72de.jpeg | 34.120.237.76 | 200 OK | 5.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f844fa-53e0-4abd-9ae5-9448aeaa72de.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8c8f0f9ea900d5a2e27184e569b81bde b919478bef2429d5aa8bc15ed12b42a9b66adbd9 da208f3d93a0e4eb1c8339c6766bba614da04117caa41901211ae7d4d4b62b19
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f844fa-53e0-4abd-9ae5-9448aeaa72de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5794
x-amzn-requestid: 27446889-573e-4333-be70-ca8a9c03172b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6kHSGB-oAMFQEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa8094-0d00b48f489acf46746056db;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:41:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TFAAmbnOJEMMwK_nKyJvEoWyEDBlRsylxDlwY9Fqn9me7MtPE0KxGg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 22:16:53 GMT
age: 81868
etag: "b919478bef2429d5aa8bc15ed12b42a9b66adbd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash32d08a3dc7c1e88313f487d74babdfe5 12f4693c36cb8980a5c740b735b7cf64542734e4 ae717a6760a0a6c179b950643eb3590c0ab5ec6cf159061246c6e8fc38a7ae89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: bd3ecc5c-1efc-4589-8789-48693fbfa6d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6i2sGKkIAMFXtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e90-7acdeb5b05f8bcf726309125;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: OIer9IgcIIbMg6EdrYFpojiEtN5oxPBijKFbX4UzURWTKha09i8NcQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:53:01 GMT
age: 83300
etag: "12f4693c36cb8980a5c740b735b7cf64542734e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d7456a6-d447-4d39-b384-99f96d97f6f3.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d7456a6-d447-4d39-b384-99f96d97f6f3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash82806a802cb8a3fbd7d44c822aa3dcbc e12d277ae82104765d6d01bd71c5cd617a00dc13 2cf6284b7068e98215b4b9600ec60e4a837c9aec2b5a0910ffd06246f0787dfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d7456a6-d447-4d39-b384-99f96d97f6f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8390
x-amzn-requestid: 60825131-7fba-44a7-ba2e-2c6e38501b22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6kHHFOpIAMFVww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa8093-7ae3d8e612ff5a5a0aa631e0;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:41:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: NrPjFPy8u-3N95MCHWAoT94IonVSoD8EM35sOmWLS1udN8hPozdtcw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 21:51:23 GMT
age: 83398
etag: "e12d277ae82104765d6d01bd71c5cd617a00dc13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/img/controls/loading_light.svg | 74.208.242.159 | 200 OK | 730 B |
URL HTTP/2passbolt.essand.com/img/controls/loading_light.svg IP74.208.242.159:0
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text Hashe21a090d2c8aaba23edcbfd68dbb5f3c 2d478bf5fb02f99610bf88f8fbf45ae15572d1c0 253623ba12397aa081301ef779d083bc747c40394297fc1331c6949bdc4807cb
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /img/controls/loading_light.svg HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://passbolt.essand.com/css/themes/default/api_authentication.min.css?v=3.2.1
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:15 GMT
content-type: image/svg+xml
content-length: 730
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: "2da-5c5b208c986d0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/locales/en-UK/common.json | 74.208.242.159 | 200 OK | 30 kB |
URL HTTP/2passbolt.essand.com/locales/en-UK/common.json IP74.208.242.159:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (415) Hash5cb14e864bc6e7e34761f6b94d622c85 0604223c07ca14ec027e6b58770cd6561c090a64 4219c37939a46d45916160823e73073478b654354ce80ebbe668acc129ef2a27
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /locales/en-UK/common.json HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://passbolt.essand.com/auth/login?redirect=%2F&locale=en-UK
Connection: keep-alive
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:15 GMT
content-type: application/json
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: W/"da44-5c5b208c9e878"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/fonts/opensans-bold.woff | 74.208.242.159 | 200 OK | 21 kB |
URL HTTP/2passbolt.essand.com/fonts/opensans-bold.woff IP74.208.242.159:0
File typeWeb Open Font Format, TrueType, length 21272, version 1.1\012- data Hash51e97884d76e946a3312b3c842ef0c55 f40a2d8c5e038c4dd2846c33547b41d0a195876d 7321676b42f78a15ae4f423ec222b5f8d8e433000d2ae4b97804f8e60d9d51aa
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /fonts/opensans-bold.woff HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://passbolt.essand.com/css/themes/default/api_authentication.min.css?v=3.2.1
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:15 GMT
content-type: application/font-woff
content-length: 21272
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: "5318-5c5b208c97f00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/img/logo/logo.svg | 74.208.242.159 | 200 OK | 4.6 kB |
URL HTTP/2passbolt.essand.com/img/logo/logo.svg IP74.208.242.159:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4626), with no line terminators Hashf0e3c69a1deb016f23d9213ef2575114 0ce93dcf46dd0db2eae7d3f29c1626a3470b4c12 4b91aa7108f8a57a87bbfc1a384e8ee8084390e22bc8d3c658d140d41e0681ad
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /img/logo/logo.svg HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://passbolt.essand.com/css/themes/default/api_authentication.min.css?v=3.2.1
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:15 GMT
content-type: image/svg+xml
content-length: 4626
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: "1212-5c5b208c98ab8"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/img/controls/chevron-down_black.svg | 74.208.242.159 | 200 OK | 283 B |
URL HTTP/2passbolt.essand.com/img/controls/chevron-down_black.svg IP74.208.242.159:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text Hashef86c2138457b37153c3a9c4f2bb6eee 1faa00b13d685ccac9d8ac08c6d69c2415d27205 74f07195dcd85e836c42df219a789b638bea59b222b86765b5ff37f2e6ebe865
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /img/controls/chevron-down_black.svg HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://passbolt.essand.com/css/themes/default/api_authentication.min.css?v=3.2.1
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:16 GMT
content-type: image/svg+xml
content-length: 283
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: "11b-5c5b208c986d0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/ | 74.208.242.159 | 302 Found | 0 B |
IP74.208.242.159:0
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 26 Feb 2023 21:01:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self';frame-src 'self';
set-cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; path=/; secure; HttpOnly; SameSite=Lax
location: /auth/login?redirect=%2F
x-powered-by: PHP/7.3.33, PleskLin
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/auth/login?redirect=%2F | 74.208.242.159 | 200 OK | 0 B |
URL HTTP/2passbolt.essand.com/auth/login?redirect=%2F IP74.208.242.159:0
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /auth/login?redirect=%2F HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: all
referrer-policy: same-origin
x-frame-options: sameorigin
x-download-options: noopen
x-content-type-options: nosniff
x-gpgauth-version: 1.3.0
x-gpgauth-login-url: /auth/login
x-gpgauth-logout-url: /auth/logout
x-gpgauth-verify-url: /auth/verify
x-gpgauth-pubkey-url: /auth/verify.json
access-control-expose-headers: X-GPGAuth-Verify-Response, X-GPGAuth-Progress, X-GPGAuth-User-Auth-Token, X-GPGAuth-Authenticated, X-GPGAuth-Refer, X-GPGAuth-Debug, X-GPGAuth-Error, X-GPGAuth-Pubkey, X-GPGAuth-Logout-Url, X-GPGAuth-Version
x-gpgauth-authenticated: false
x-gpgauth-progress: stage0
x-gpgauth-debug: There is no user associated with this key. No key id set.
x-gpgauth-error: true
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self';frame-src 'self';
set-cookie: csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d; path=/
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| passbolt.essand.com/css/themes/default/api_authentication.min.css?v=3.2.1 | 74.208.242.159 | 200 OK | 0 B |
URL HTTP/2passbolt.essand.com/css/themes/default/api_authentication.min.css?v=3.2.1 IP74.208.242.159:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /css/themes/default/api_authentication.min.css?v=3.2.1 HTTP/1.1
Host: passbolt.essand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://passbolt.essand.com/auth/login?redirect=%2F
Connection: keep-alive
Cookie: passbolt_session=o9f9tp7qd8dutil3kc8bj8kodi; csrfToken=f2180161be07e33dd806303735ac0c9d18f6ff1d586da054bbde316124ecddd49c39c391c08cd031824042a9ebf8a46226d05464df16a73c39ea1630380c5c2d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Feb 2023 21:01:14 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 21:35:25 GMT
etag: W/"718e-5c5b208c94c38"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|