Report - sante-public.net/

Report Overview

Submitted URL
sante-public.net/
IP
45.148.116.57
ASN
#61218 4b42 UG
Submitted
2022-10-03 10:35:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
132

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.5 kB	18.164.68.6
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.242.254
bam.eu01.nr-data.net	9782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	883 B	884 B	185.221.85.3
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
sante-public.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	870 kB	45.148.116.57
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance
2022-10-02	medium	sante-public.net/	French Health Insurance

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-03	medium	sante-public.net/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/images/telecommande/contact.svg	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/images/footer/footer_logo_ss.svg	Phishing
2022-10-03	medium	sante-public.net/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/roboto/Roboto-Bold-webfont.woff	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/opensans/opensans-light-webfont.woff2	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2	Phishing
2022-10-03	medium	sante-public.net/ameli-menu/footer/rubrique_assure/2?rbd837	Phishing
2022-10-03	medium	sante-public.net/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/images/logo.svg	Phishing
2022-10-03	medium	sante-public.net/ameli-menu/menu_mobile/rubrique_assure/3?rbd837	Phishing
2022-10-03	medium	sante-public.net/	Phishing
2022-10-03	medium	sante-public.net/themes/custom/ameli/js/menuce6f.js?rbd837	Phishing
2022-10-03	medium	sante-public.net/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js	Phishing
2022-10-03	medium	sante-public.net/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	sante-public.net/	413 B	2023-03-07	2024-01-26
Pretty URL sante-public.net/ IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen55 Hash 5de747dc080cfb3f9ba70704254d593e fdf12e3729e639b7609d8ba26e8dd2706873697f e03a0db99d78a252d489f9e7cab6c52a23624498bcae455a7909393c00b331f9 Loading...

	sante-public.net/	67 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/ IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen52 Hash 76a19a88ada7830fe02a9cee511b78b9 f63c5faff3a19812b61dae28d3ae43ae4cf842d7 394d8990659fe0762643e03e06698dd5fd64e4274ff7135938ccdc50e9b8a5f8 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 04:19:41 Times Seen36927099 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sante-public.net/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12	961 B	2023-03-07	2024-01-26
Pretty URL sante-public.net/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12 IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen74 Hash 779c599b746b19858bbb530581e2433f 5f9ef133d3d20060186d505ba63d1ede1e43fdc7 da61616ca4e51d55638c3c3ff0b94e77d27ad62d415f49fd84a3c5a9a17255c3 Loading...

	sante-public.net/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js	118 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:37 Last Seen2024-01-26 16:03:51 Times Seen71 Hash 0f893ee857afbb06e894e6bf8f1a652f d6daaaad8cbcda1603f7345f5f341e06fec937c9 d1d5296bdb800f537d700c917950e120a942359343db100ac1cdd7d29b267690 Loading...

	sante-public.net/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js	194 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen72 Hash 7b75151624cf8d1f022d58514ce61f22 27111aaa4d9fb6a23659d8efb3cbdad61c2b18aa 3f148ab86f4664aaec3ef32c3529cd4b9968957fd74856a79bab264e70d37f53 Loading...

	sante-public.net/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12	1.0 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12 IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen77 Hash 6743f65284c1c03273872c2965940bda d6a603c3c5438606eaba9f2ac5fdee84c7f87874 31317a75136cf0812fcc98ada50fa0785accb01bcf9bddefd203e5dac3be15a9 Loading...

	sante-public.net/themes/custom/ameli/js/menuce6f.js?rbd837	3.0 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/themes/custom/ameli/js/menuce6f.js?rbd837 IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen72 Hash 6ba690f7539b32933372078c5e4d1725 e0562f4c73aad39ef034b113794d040025b7a50f 56878a1f7cbacbdc705a420d5267be305c056df280650916168b37695db90a62 Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	sante-public.net/	300 B	2023-03-07	2024-01-26
Pretty URL sante-public.net/ IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen52 Hash 6822400e5dd29f66e28ce88cba97f8f6 138e63ea9d948875df682f83409d14a92279b994 2ae256335f8fd4ded9a62200f233086d785ff443e626f657cb9c69bd370e3fdd Loading...

	sante-public.net/libraries/tarteaucitron/tarteaucitrona4f0.js	108 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/libraries/tarteaucitron/tarteaucitrona4f0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen59 Hash 45aae2bf019dcfda62eac50ef782e5a2 6910bc2bc1166af2993df34bd717dfd0abd6388e 04bafe11986495786a314879ae430c191f7c04bbccd74a849be51f36809fc687 Loading...

	sante-public.net/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js	64 kB	2023-03-07	2024-01-26
Pretty URL sante-public.net/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js IP 45.148.116.57 ASN #61218 4b42 UG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:21 Last Seen2024-01-26 16:03:51 Times Seen20 Hash 51d670152f1d2de6bb845b3153d95c21 c7340f1ea520b6be0d578a51a5c056c58d995349 c9aaf20ce39ca94ff54fe27b14e84dca081fc9b0f82ac4c4d7b8d3319f526205 Loading...

	bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1512&ck=0&ref=https://sante-public.net/&ap=27&be=713&fe=1335&dc=1155&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1664793309126,%22n%22:0,%22f%22:-8,%22dn%22:94,%22dne%22:98,%22c%22:98,%22s%22:143,%22ce%22:525,%22rq%22:526,%22rp%22:613,%22rpe%22:621,%22dl%22:687,%22di%22:1151,%22ds%22:1155,%22de%22:1245,%22dc%22:1334,%22l%22:1334,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fcp=1115&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1512&ck=0&ref=https://sante-public.net/&ap=27&be=713&fe=1335&dc=1155&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1664793309126,%22n%22:0,%22f%22:-8,%22dn%22:94,%22dne%22:98,%22c%22:98,%22s%22:143,%22ce%22:525,%22rq%22:526,%22rp%22:613,%22rpe%22:621,%22dl%22:687,%22di%22:1151,%22ds%22:1155,%22de%22:1245,%22dc%22:1334,%22l%22:1334,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fcp=1115&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken IP 185.221.85.3 ASN #206998 New Relic International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

HTTP Transactions (65)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

18.164.68.6

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.164.68.6:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 10:03:32 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 cfd57c1039d68b4426a9a3580c0aa4f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: sqM-f6NT3KGWrEcFYnOoyZAOqbNIn87klD1qePDF9Eu1nZbnkXKZkA==
Age: 1897

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2216
Expires: Mon, 03 Oct 2022 11:12:05 GMT
Date: Mon, 03 Oct 2022 10:35:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b8769801e8712cb7b401b5752da2c2
30d14bf20b20507a4fda3d7dbee9fbba7327139a
69d097718cac37cc6b77d417711c4356557f2b47c78026303bfe5f985b94a5a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6963
Expires: Mon, 03 Oct 2022 12:31:12 GMT
Date: Mon, 03 Oct 2022 10:35:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1qrj4Y+kvUsyTjUr+RfGPW4OSJEuynGrz5inkpitgoq5B+hvOAvGIfRNcQAUJSM/4h8PjTyaOys=
x-amz-request-id: A65TVPDKVPQAA99S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 03 Oct 2022 09:53:29 GMT
age: 2500
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e78d8c68e4879916e93177c63fd72b7b
c07359317abf48ca2aebcf891467363d61543152
fc461e81885e6a4040184300cce1ed4c8b16200967f23838ec46da1f17db64fb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC461E81885E6A4040184300CCE1ED4C8B16200967F23838EC46DA1F17DB64FB"
Last-Modified: Sat, 01 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Mon, 03 Oct 2022 16:34:49 GMT
Date: Mon, 03 Oct 2022 10:35:09 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 10:35:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

sante-public.net/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12

45.148.116.57

200 OK

440 B

URL HTTP/2
sante-public.net/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
ASCII text, with very long lines (661)
Size
440 B (440 bytes)
Hash
95ec5b5ce9cd27cbbff5dcffba0933fa
cb8437b504f4f94626bbce6973eab0bc34e1f6a1
7864fbd29749e47da978ce17fdb878790c6f1f03ca5885f8a74e1ad397ea8f3c

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
content-length: 440
x-accel-version: 0.01
last-modified: Wed, 04 May 2022 12:18:12 GMT
etag: "3f7-5de2e9e76c900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/telecommande/mon-espace-sante.png

45.148.116.57

200 OK

608 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/telecommande/mon-espace-sante.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
608 B (608 bytes)
Hash
8d39dfb4bdca7b65637fd3c860eda365
8a9f35c911a1d622d4dff40e90de7b7033fcf884
1d3d56b79295a4880f83fd3d2910d45a3b61e8090d1b55a4b8592f5b5531255b

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/telecommande/mon-espace-sante.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 608
x-accel-version: 0.01
last-modified: Mon, 14 Feb 2022 08:55:08 GMT
etag: "260-5d7f692c71300"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/telecommande/contact.svg

45.148.116.57

200 OK

12 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/telecommande/contact.svg
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
12 kB (12545 bytes)
Hash
85598c2d6e7ae18de80069db917d18a9
58aaf961633d0089cfd6ee5685865d303ae5dfd1
3c9b952c5f3f5fa966d9af774dc504462a198f4b75a4f9168100b08a22f1d8f6

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/images/telecommande/contact.svg HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/svg+xml
content-length: 12545
last-modified: Tue, 06 Jul 2021 09:32:04 GMT
etag: "60e42314-3101"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/telecommande/telecommande_3.png

45.148.116.57

200 OK

448 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/telecommande/telecommande_3.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
448 B (448 bytes)
Hash
858fe6e525a47c18c8dfd7f39e2a0ae5
fe34b1daa7f2c554cd3c08769acf674c945fe4d5
f134ef5eac4e75c5b04232a908e5820a7af17ccdf3336c730f3dbe6dc732620e

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_3.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 448
x-accel-version: 0.01
last-modified: Tue, 06 Jul 2021 09:32:04 GMT
etag: "1c0-5c671183fed00"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/telecommande/telecommande_5.png

45.148.116.57

200 OK

722 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/telecommande/telecommande_5.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
722 B (722 bytes)
Hash
219b6f9332d4271f3baa57f1518b9e88
2e9d66c614b05fe9459c263919ad7dce256eb1c5
08807b6dbb61fc5e066ca4f8e7a88c0932dc34d2cd12b0517c89f9ff33a9aec2

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_5.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 722
x-accel-version: 0.01
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "2d2-5c671185e7180"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/telecommande/telecommande_1.png

45.148.116.57

200 OK

723 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/telecommande/telecommande_1.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
723 B (723 bytes)
Hash
1c3a691059e846736caef3d17a360519
453511e36db678b3a77124af4f697d82987393b1
97409f23aff1c1428275dff14a547f64c18b64ebb3cc3fbe0cf36f3117886d3e

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_1.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 723
x-accel-version: 0.01
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "2d3-5c671185e7180"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/outils-sante/outils-sante-recosante.png

45.148.116.57

200 OK

11 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/outils-sante/outils-sante-recosante.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 439 x 322, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11203 bytes)
Hash
bcb257b6a124eb053c1cb1546b019cb5
26797075a23d425da3bc2a4a87c627c69ee910e6
020689c940f494cf0d063de0a04404b4b44d8d49194b650e93894679448748f4

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-sante-recosante.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 11203
last-modified: Wed, 02 Mar 2022 10:45:40 GMT
etag: "621f4ad4-2bc3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg

45.148.116.57

200 OK

26 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (26035)
Size
26 kB (26246 bytes)
Hash
381e33091e0774d59064b3b0cfd446a3
db6869462f5c72f11cfd427d01d72f11916e3478
97ae2ef28651fc17a197830e8bc6918bc9add749b2000d30ef4b5ebb21760d63

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/svg+xml
content-length: 26246
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-6686"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12

45.148.116.57

200 OK

425 B

URL HTTP/2
sante-public.net/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
ASCII text, with very long lines (824)
Size
425 B (425 bytes)
Hash
bf86a3be803e5abd427f81f13ad59ffd
aa5d82402f4cb9e26137ef3976a8dfacc923ac40
08059f351f1370e0af1a2ca813e8fcc375a30d7c362434d165ddaef35df51e0c

HTTP Headers

GET /modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
content-length: 425
x-accel-version: 0.01
last-modified: Tue, 05 Apr 2022 11:42:16 GMT
etag: "3c1-5dbe6bc8ef600-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/telecommande/telecommande_6.png

45.148.116.57

200 OK

706 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/telecommande/telecommande_6.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Size
706 B (706 bytes)
Hash
1802b81060e10dfbf321bf26cc5d0d25
39f7b1ceeffdae901e2cc2d8ca66404306bb30f5
1fa419dac7b93b687d68c8304e846dbed9fe6bd91f25597a117fbab2d30e0cdb

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/telecommande/telecommande_6.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 706
x-accel-version: 0.01
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "2c2-5c671185e7180"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/icone-alert-white.png

45.148.116.57

200 OK

712 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/icone-alert-white.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 64 x 57, 8-bit gray+alpha, non-interlaced\012- data
Size
712 B (712 bytes)
Hash
7b7ff036e18b23d0d34ba61fc7d53bc5
c4b3d8153aa6fef4cee6379bdd214150fa855ae2
216ad62585bd0260a9da24858ed58f5cbe32c2e4ad87e91d804d09717f40aad9

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/icone-alert-white.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 712
x-accel-version: 0.01
last-modified: Thu, 09 Sep 2021 07:21:34 GMT
etag: "2c8-5cb8ad93afb80"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/outils-sante/outils-annuaire.png

45.148.116.57

200 OK

2.8 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/outils-sante/outils-annuaire.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 41 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2761 bytes)
Hash
303904aaf853a1aea4f1c257a83b2b5f
f5d05f8e5fa1c9a775b204d4c9dfc0e8e7d89457
33df36ed55cbd63831d64a18083dd1297a821cba56c7d8b8aa22d064f47e34c7

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-annuaire.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 2761
last-modified: Wed, 02 Mar 2022 10:45:40 GMT
etag: "621f4ad4-ac9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/outils-sante/outils-annuaire-image.png

45.148.116.57

200 OK

3.5 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/outils-sante/outils-annuaire-image.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 58 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3499 bytes)
Hash
175282c10a79d665d68a5c3d09d99ed2
6f216cf0c8aac7c38a759b79dd248763432a6ad8
b9d5de52ff68278b6f0a13eb99bfdd4af84c9e2995ddb2a8504a1a4daba659bb

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-annuaire-image.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 3499
last-modified: Mon, 17 Jan 2022 10:47:58 GMT
etag: "61e5495e-dab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/outils-sante/outils-sophia.png

45.148.116.57

200 OK

3.0 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/outils-sante/outils-sophia.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 60 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3023 bytes)
Hash
34c813ea8f458b7c4c3ef50529594c5c
16e28bb48015d359c506da759a06f344d968b293
4a8b8fdcde9cf27edd4f70795a3b1c3ced8e56950c24b74b84a416df693c8a1d

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/outils-sophia.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 3023
last-modified: Wed, 02 Mar 2022 10:45:40 GMT
etag: "621f4ad4-bcf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/outils-sante/franceRecosante.png

45.148.116.57

200 OK

33 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/outils-sante/franceRecosante.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 242 x 208, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32985 bytes)
Hash
63baa27fac9bd0ab121f4cc106f31747
b52907607a917838a85f49a44cbd94c1af70187d
d7bccd64dd7979627192319d9d2cfa7db03066ee99fb8752d0c2a7d0239fb096

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/outils-sante/franceRecosante.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 32985
last-modified: Mon, 14 Feb 2022 08:55:10 GMT
etag: "620a18ee-80d9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/footer/footer_lien_forum.png

45.148.116.57

200 OK

1.1 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/footer/footer_lien_forum.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 55 x 55, 8-bit gray+alpha, non-interlaced\012- data
Size
1.1 kB (1131 bytes)
Hash
9a524b412d0f399fa5575377765244a4
9973d9120adda8bfd264651914392a2270dec7ac
b70014ea02c995d069754f1263f2e362d8dc77788692090ded32afabdfe2fb9c

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/footer/footer_lien_forum.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 1131
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-46b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/footer/footer_logo_ss.svg

45.148.116.57

200 OK

402 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/images/footer/footer_logo_ss.svg
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8572)
Size
402 kB (402368 bytes)
Hash
f259af7e9e79d8aa7a8d8d188e1fd21f
c46455fbaee37802c25f5ccb0a205ce173cb8f8d
d1ead117c96b507d90c32b2f7b83a88ae9140d65be6cf0d5be14715dcb30447a

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/images/footer/footer_logo_ss.svg HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/svg+xml
content-length: 402368
last-modified: Thu, 09 Sep 2021 07:21:34 GMT
etag: "6139b5fe-623c0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css

45.148.116.57

200 OK

298 B

URL HTTP/2
sante-public.net/sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
ASCII text, with very long lines (547), with no line terminators
Size
298 B (298 bytes)
Hash
841c80d9487a9ad068d33f29cd5519ca
17610d8b311556378a31d6b636672c86b3388cde
8d6e329ee15f2c2943e3f6959b18843a06adabdc5084e7a4b26663042b294e49

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/css
content-length: 298
x-accel-version: 0.01
last-modified: Fri, 13 May 2022 11:43:24 GMT
etag: "223-5dee32e94cf00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js

45.148.116.57

200 OK

30 kB

URL HTTP/2
sante-public.net/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Unicode text, UTF-8 text, with very long lines (13594)
Size
30 kB (29987 bytes)
Hash
33c10b194b65914a71a89ce7a306bda6
fcf3ecea57b83c1a45cb50599425fa71afee5254
9f02ab8beb884e3b7bda368d48bb546fad86be11a74c0cd1f9b4441b7423f481

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 11:46:42 GMT
etag: W/"62692d22-1ce6c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr=

45.148.116.57

200 OK

9.2 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr=
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ameli-icons\012- data
Size
9.2 kB (9208 bytes)
Hash
37f90c0863044fb103eb8950fb6a3b5e
442f72e0dcb0dbe91341458a84c4e3ca0a1ce459
fbd106268bd42f8ca5168e74367312baa18f4a3a38176d3c75e13fe20d9513b8

HTTP Headers

GET /themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr= HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/ttf
content-length: 9208
last-modified: Wed, 03 Nov 2021 03:57:10 GMT
etag: "61820896-23f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff

45.148.116.57

200 OK

70 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format, TrueType, length 69880, version 1.0\012- data
Size
70 kB (69880 bytes)
Hash
023db09b1888a089c4729f183feb6e72
bc7017dfe5f08ae0a3456cdf5a17f0807263543a
6353b6bc05de7c03bbc2fd25408a160053748a5ad079ab2eae0239eb4ff9c97f

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff
content-length: 69880
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-110f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/images/uk.png

45.148.116.57

200 OK

275 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/uk.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 32 x 16, 8-bit colormap, non-interlaced\012- data
Size
275 B (275 bytes)
Hash
84b72a42524b5670390adf73aaa074f5
c04077b4389a764b467860134d2e99410d0052d6
218f95b4c48d6cad016a6bf8e94101bab9651670f623997b0ee1bfdacec4d44b

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/images/uk.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 275
x-accel-version: 0.01
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "113-5c671185e7180"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff

45.148.116.57

200 OK

31 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format, TrueType, length 30716, version 1.0\012- data
Size
31 kB (30716 bytes)
Hash
7c8f834f4e70cb19b33082147bbf5088
3634a4709a8fe3968c972c879b0ad514218ae572
6c9c446322395751b8962ba1c108c2d828893c614dc99a9da85c264816ca188a

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff
content-length: 30716
last-modified: Tue, 06 Jul 2021 09:32:04 GMT
etag: "60e42314-77fc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff

45.148.116.57

200 OK

31 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format, TrueType, length 31396, version 1.0\012- data
Size
31 kB (31396 bytes)
Hash
912a578723e2b64ab98fba9662707550
dca6ae60c99a61a96f69a6fe170b6dc9f92690af
20449902bed689ac02f6efc038b1862c05ecc260843e89551c5389bd1af24081

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff
content-length: 31396
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-7aa4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff

45.148.116.57

200 OK

25 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format, TrueType, length 25072, version 1.0\012- data
Size
25 kB (25072 bytes)
Hash
25fb08ceaba4191aed4e2555219c4810
e74dd870dc4262c1980bfd57a84935069d08f15f
d84d71e171c2c269ad160798c6301daf2009bf17783d700490973f85854f9b55

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff
content-length: 25072
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-61f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/roboto/Roboto-Bold-webfont.woff

45.148.116.57

200 OK

25 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/roboto/Roboto-Bold-webfont.woff
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format, TrueType, length 24808, version 1.0\012- data
Size
25 kB (24808 bytes)
Hash
8b18d65d6824460ad37616723e493bcd
da4032f9e0a9753489a58f81bf02930ed6952e04
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/roboto/Roboto-Bold-webfont.woff HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff
content-length: 24808
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-60e8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff

45.148.116.57

200 OK

32 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format, TrueType, length 31660, version 1.0\012- data
Size
32 kB (31660 bytes)
Hash
222fff8003f2f7599d3bb745469b06a3
1b0c8c388774dc427c9add86aa9e14ff87bdb7b4
03882a72d20985f3f8e84918f1a2b594e528e380903f952a2c06487f569d26ff

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff
content-length: 31660
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-7bac"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2

45.148.116.57

200 OK

10 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format (Version 2), TrueType, length 10328, version 1.6554\012- data
Size
10 kB (10328 bytes)
Hash
d8411d8bb1d6060de4fee4f3a20973cc
bda09aa58d916d532c9981c6e1c32215ab027742
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff2
content-length: 10328
last-modified: Tue, 06 Jul 2021 09:32:04 GMT
etag: "60e42314-2858"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2

45.148.116.57

200 OK

10 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format (Version 2), TrueType, length 10352, version 1.6554\012- data
Size
10 kB (10352 bytes)
Hash
4124088fdd8c315a6d096b65b6cbf428
0477e48f455cbfe729f90389d3fd8aaca6cc483b
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff2
content-length: 10352
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-2870"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/fonts/opensans/opensans-light-webfont.woff2

45.148.116.57

200 OK

10 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/opensans/opensans-light-webfont.woff2
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format (Version 2), TrueType, length 10200, version 1.6554\012- data
Size
10 kB (10200 bytes)
Hash
98b6233d6ac91b3538d60fee0ce3393b
dc7dc7c6c7307a7e0bec5f14e98a8d8ee519e4df
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/opensans/opensans-light-webfont.woff2 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff2
content-length: 10200
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-27d8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/thumbnails/image/twitter_logo_white.png

45.148.116.57

200 OK

5.3 kB

URL HTTP/2
sante-public.net/sites/default/files/thumbnails/image/twitter_logo_white.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5326 bytes)
Hash
cedcf74f0fea3299f59bb3c11ee5f303
1626dca6211236041dec59796f05042167c44f55
058a2aaae51543f61ebaa8bb12b0172982ec7b17217f58394588ac105e4083f5

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /sites/default/files/thumbnails/image/twitter_logo_white.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 5326
last-modified: Fri, 10 Dec 2021 13:53:24 GMT
etag: "61b35bd4-14ce"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png

45.148.116.57

200 OK

2.3 kB

URL HTTP/2
sante-public.net/sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2322 bytes)
Hash
b8b6d31c81619407a95fd7b2c045b0a0
d2ab18854e0fa55fc30800af0bea5cae42255336
ab2d2a264e10dadd27653a6f41c87759af2c9064c110b467693f55e655f90e42

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 2322
last-modified: Fri, 10 Dec 2021 13:55:44 GMT
etag: "61b35c60-912"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/thumbnails/image/fb-f-logo_white_50.png

45.148.116.57

200 OK

1.3 kB

URL HTTP/2
sante-public.net/sites/default/files/thumbnails/image/fb-f-logo_white_50.png
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1317 bytes)
Hash
ea167e1b8f3edba0206fe07e5a0e89a3
13d7c4dbc043f22fc7a178dae111192a59c3ff7e
504b4de8f04d4c0c0c52a1fa8f1a745cf955fc4eda7fbf3cf28750675845ede6

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /sites/default/files/thumbnails/image/fb-f-logo_white_50.png HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/png
content-length: 1317
last-modified: Fri, 10 Dec 2021 13:53:24 GMT
etag: "61b35bd4-525"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/favicon.ico

45.148.116.57

200 OK

4.3 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/favicon.ico
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
64939ecaeec8810b850c53dfcc7a121c
197f072d1459ee0f93604536ed61afaf22a758bc
9eb7011b23171aec853d7ea040a50c61cde14fff5763b899ba937fea956626ff

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /themes/custom/ameli/favicon.ico HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Cookie: ameli_espace=rubrique_assure
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/vnd.microsoft.icon
content-length: 4286
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-10be"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 10:35:10 GMT
Last-Modified: Mon, 03 Oct 2022 09:38:42 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

sante-public.net/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2

45.148.116.57

200 OK

28 kB

URL HTTP/2
sante-public.net/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Web Open Font Format (Version 2), TrueType, length 28188, version 3.0\012- data
Size
28 kB (28188 bytes)
Hash
f5dd1b6aee7e582132f0707d6a392697
92ca02ed47b0e9296b0b36094926ac6d2ef8761f
35fa96ecaf1dec9b60fa590e153e173f3cc060e04c7108612f54ac46251cb935

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: font/woff2
content-length: 28188
last-modified: Tue, 06 Jul 2021 09:32:06 GMT
etag: "60e42316-6e1c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

sante-public.net/ameli-menu/footer/rubrique_assure/2?rbd837

45.148.116.57

404 Not Found

15 kB

URL HTTP/2
sante-public.net/ameli-menu/footer/rubrique_assure/2?rbd837
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
15 kB (14575 bytes)
Hash
fc784980394b5f95b38c9059453dc50a
6275960014a7a93d734fde9b3ef7ba6f1e58086f
b984c9e2c80796b57a7c799eec6709f9f19a4892ded38f8018da0e8c93495104

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /ameli-menu/footer/rubrique_assure/2?rbd837 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sante-public.net/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.242.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.242.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zam7M/ndEVMS5DX6Hk1xiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eIkLakYtOdUl0xfVNqONe9Hppwg=

bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1512&ck=0&ref=https://sante-public.net/&ap=27&be=713&fe=1335&dc=1155&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1664793309126,%22n%22:0,%22f%22:-8,%22dn%22:94,%22dne%22:98,%22c%22:98,%22s%22:143,%22ce%22:525,%22rq%22:526,%22rp%22:613,%22rpe%22:621,%22dl%22:687,%22di%22:1151,%22ds%22:1155,%22de%22:1245,%22dc%22:1334,%22l%22:1334,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fcp=1115&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken

185.221.85.3

200 OK

77 B

URL HTTP/1.1
bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1512&ck=0&ref=https://sante-public.net/&ap=27&be=713&fe=1335&dc=1155&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1664793309126,%22n%22:0,%22f%22:-8,%22dn%22:94,%22dne%22:98,%22c%22:98,%22s%22:143,%22ce%22:525,%22rq%22:526,%22rp%22:613,%22rpe%22:621,%22dl%22:687,%22di%22:1151,%22ds%22:1155,%22de%22:1245,%22dc%22:1334,%22l%22:1334,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fcp=1115&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken
IP
185.221.85.3:0
ASN
#206998 New Relic International Limited

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1512&ck=0&ref=https://sante-public.net/&ap=27&be=713&fe=1335&dc=1155&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1664793309126,%22n%22:0,%22f%22:-8,%22dn%22:94,%22dne%22:98,%22c%22:98,%22s%22:143,%22ce%22:525,%22rq%22:526,%22rp%22:613,%22rpe%22:621,%22dl%22:687,%22di%22:1151,%22ds%22:1155,%22de%22:1245,%22dc%22:1334,%22l%22:1334,%22le%22:1340%7D,%22navigation%22:%7B%7D%7D&fcp=1115&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 10:35:11 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75450796aa3798fd-ARN
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 3
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubXX8J2b0%2Bwd0b1B5736iT04ibHkR6O3ACmyuv6SglCw%2Fvjrj9LfheMgQeCeTNj%2FBj6EEHAy%2B1KdQdc%2BGjdcfSng1PocZtWqgi2RToIMPCu%2BrNInytl6esqafXYrcGGpHXkpeyjj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

sante-public.net/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js

45.148.116.57

200 OK

16 kB

URL HTTP/2
sante-public.net/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
Unicode text, UTF-8 text, with very long lines (7437)
Size
16 kB (16473 bytes)
Hash
5a7d85a062dc2fd78bd0fbafcc1e728c
515c3be1eb1d6da53549821408a5f756c5f75da4
4f6dd566c130a39983d90311e8cc32f72a8a171bca5f14f4bf2f5c15e45e4508

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 11:46:42 GMT
etag: W/"62692d22-f8b1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20508
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 10:35:11 GMT
Connection: keep-alive

sante-public.net/themes/custom/ameli/images/logo.svg

45.148.116.57

200 OK

503 B

URL HTTP/2
sante-public.net/themes/custom/ameli/images/logo.svg
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/images/logo.svg HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: image/svg+xml
content-length: 22990
last-modified: Tue, 06 Jul 2021 09:32:04 GMT
etag: "60e42314-59ce"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20508
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 10:35:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20508
Expires: Mon, 03 Oct 2022 16:16:59 GMT
Date: Mon, 03 Oct 2022 10:35:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 16:41:13 GMT
age: 64438
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb166fe-e146-46cf-a93b-905deefbae87.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3272 bytes)
Hash
9a96da552b7ddb23b1f2fb506de2aed4
2926163d332abfb70f9565a45f7546f2efdc7716
2da0e160e0e8a116ab76614e29609e43d132cc9e56636ad91399f33e53346a23

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb166fe-e146-46cf-a93b-905deefbae87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3272
x-amzn-requestid: b2ace456-0abd-416c-9c1c-799eb5c73269
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabG8zIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3e61e1e9283bd78e76731b47;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oHEIG44XMoSu6XEYOPW8LNkvZPbIrgo6KuLHluknV7Hgfv-3IOWL2A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:10:59 GMT
age: 44652
etag: "2926163d332abfb70f9565a45f7546f2efdc7716"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 21140
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8279 bytes)
Hash
bfb6fbd0b91416a5a7cc7f7d0fcbf27c
ced4806b7cc4d08e2c3f1c5e591184f462e86ec2
9a217da43a32c70ebd39b3076b3c14b16d8931ccebfe5d41139fa706b3b3e149

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F780fc623-fddc-49c7-99c9-1dd66ce64db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8279
x-amzn-requestid: fed6efac-3419-4ecc-89f8-d4c3e0c22915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWbsHpBIAMFT1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044a-5fc3bf5b7126d4a835d93e3d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7g6tucmoqeX5RFtet3L9XllP1G6fx4RWt5XqTsVvhtxZnPxV0EVpqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 22:19:52 GMT
age: 44119
etag: "ced4806b7cc4d08e2c3f1c5e591184f462e86ec2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9083 bytes)
Hash
523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 46115
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10839 bytes)
Hash
36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 45413
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sante-public.net/ameli-menu/menu_mobile/rubrique_assure/3?rbd837

45.148.116.57

404 Not Found

0 B

URL HTTP/2
sante-public.net/ameli-menu/menu_mobile/rubrique_assure/3?rbd837
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /ameli-menu/menu_mobile/rubrique_assure/3?rbd837 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sante-public.net/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/

45.148.116.57

200 OK

0 B

URL HTTP/2
sante-public.net/
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:49 GMT
content-type: text/html
last-modified: Fri, 20 May 2022 20:37:57 GMT
etag: W/"6287fc25-2d68f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509

45.148.116.57

404 Not Found

0 B

URL HTTP/2
sante-public.net/libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/ameli-menu/menu/rubrique_assure/3?rbd837

45.148.116.57

404 Not Found

0 B

URL HTTP/2
sante-public.net/ameli-menu/menu/rubrique_assure/3?rbd837
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ameli-menu/menu/rubrique_assure/3?rbd837 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://sante-public.net/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/themes/custom/ameli/js/menuce6f.js?rbd837

45.148.116.57

200 OK

0 B

URL HTTP/2
sante-public.net/themes/custom/ameli/js/menuce6f.js?rbd837
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /themes/custom/ameli/js/menuce6f.js?rbd837 HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 11:42:52 GMT
etag: W/"62692c3c-ba5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/css/css_WShWl_AdJMGy6G1jmegavaGETwAc3F4pC_5dJj4a7eo.css

45.148.116.57

200 OK

0 B

URL HTTP/2
sante-public.net/sites/default/files/css/css_WShWl_AdJMGy6G1jmegavaGETwAc3F4pC_5dJj4a7eo.css
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /sites/default/files/css/css_WShWl_AdJMGy6G1jmegavaGETwAc3F4pC_5dJj4a7eo.css HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/css
last-modified: Wed, 27 Apr 2022 11:48:12 GMT
etag: W/"62692d7c-6c92"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js

45.148.116.57

200 OK

0 B

URL HTTP/2
sante-public.net/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
last-modified: Fri, 13 May 2022 11:48:20 GMT
etag: W/"627e4584-2f53f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js

45.148.116.57

200 OK

0 B

URL HTTP/2
sante-public.net/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance
fortinet	Phishing

HTTP Headers

GET /sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 11:47:58 GMT
etag: W/"624c2c6e-2f50f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css

45.148.116.57

200 OK

0 B

URL HTTP/2
sante-public.net/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
IP
45.148.116.57:0
ASN
#61218 4b42 UG

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	French Health Insurance

HTTP Headers

GET /sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css HTTP/1.1
Host: sante-public.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sante-public.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 04:28:50 GMT
content-type: text/css
last-modified: Fri, 13 May 2022 12:16:20 GMT
etag: W/"627e4c14-78a33"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP