Report - libparis.fr/wp-content/uploads/dk/metamask/login/verify.html

Report Overview

Submitted URL
libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
IP
92.222.139.190
ASN
#16276 OVH SAS
Submitted
2022-10-21 10:58:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.3 kB	3.5 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.0 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	662 B	1.4 kB	142.250.74.3
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-09T12:10:42Z	404 B	959 B	104.18.10.207
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-09T13:58:35Z	375 B	32 kB	142.250.74.10
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.69.181.45
www.libparis.fr	unknown	2020-06-10T19:55:28Z	2023-01-29T04:30:03Z	2.2 kB	22 kB	92.222.139.190
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
libparis.fr	unknown	2020-06-10T19:55:27Z	2023-01-28T01:57:41Z	4.8 kB	264 kB	92.222.139.190
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-09T05:09:51Z	410 B	7.2 kB	104.17.25.14
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	55 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-20	medium	libparis.fr/wp-content/uploads/dk/metamask/login/verify.html	Crypto/Wallet

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/verify.html	Phishing
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg	Phishing
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282	Phishing
2022-10-21	medium	www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2	Phishing
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2	Phishing
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2	Phishing
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff	Phishing
2022-10-21	medium	libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff	Phishing
2022-10-21	medium	www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2	Phishing
2022-10-21	medium	www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff	Phishing
2022-10-21	medium	www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-19
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 16:12:43 Times Seen135514 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 16:12:43 Times Seen110166 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 16:12:43 Times Seen138300 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	libparis.fr/wp-content/uploads/dk/metamask/login/verify.html	2.0 kB	2023-03-10	2024-04-06
Pretty URL libparis.fr/wp-content/uploads/dk/metamask/login/verify.html IP 92.222.139.190 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:29:01 Last Seen2024-04-06 18:12:09 Times Seen35 Hash 3772fb807a1f4717b4eece1ac2f58b0c 046354912c17e6b0c42d104ee427c1fe461b0d24 5d49500838cc0c628d91f7b4d63001e74b5c670721d1757417bc39489b763b0e Loading...

HTTP Transactions (36)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 10:01:17 GMT
Expires: Fri, 21 Oct 2022 10:01:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UQOX3EdLbP9sDjNRVWuif9Pq8lSnG_xM05Vajdf_RZANgdFtXc4sKQ==
Age: 3450

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6481bf5f33b42cdd966d49d8b70107
03ed01a9dc82a7efaf3706691249d811f64719a4
1e42a2cd7e7ef655d17dea6423dff85d3f57111d9bd08d2f829535aa462eb11c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E42A2CD7E7EF655D17DEA6423DFF85D3F57111D9BD08D2F829535AA462EB11C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4838
Expires: Fri, 21 Oct 2022 12:19:25 GMT
Date: Fri, 21 Oct 2022 10:58:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4794
Expires: Fri, 21 Oct 2022 12:18:41 GMT
Date: Fri, 21 Oct 2022 10:58:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 7oH9J/2BOGPgTFdqERFTG6LniMpJXNnDsmRt17No7IEHZbvhPzJWU7UzOk4iUMz81l9dt8VGOts=
x-amz-request-id: CB4TV6A2CBWXY1S8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 10:37:08 GMT
age: 1299
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9bd0a52efbb1f4dff3491395ae176eca
903a6513090e965fa3e4dcf1ff9764cf8ff5c79b
8de16bea51d5f9ea2233b9a6c0c91ae20e0fff071f34be527dc5c67694a86d59

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DE16BEA51D5F9EA2233B9A6C0C91AE20E0FFF071F34BE527DC5C67694A86D59"
Last-Modified: Thu, 20 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8957
Expires: Fri, 21 Oct 2022 13:28:04 GMT
Date: Fri, 21 Oct 2022 10:58:47 GMT
Connection: keep-alive

libparis.fr/wp-content/uploads/dk/metamask/login/verify.html

92.222.139.190

200 OK

13 kB

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (14386), with CRLF line terminators
Size
13 kB (13396 bytes)
Hash
75a837355acffcd71e2c6faedc90e93e
cefccc8054e9a6943d9d91c9d4ecfb762d25808d
bfb19a5d165ecc8050facc34537dd73bb3ea477d21181f0b3522c30d03ad0eb3

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/verify.html HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:47 GMT
content-type: text/html
content-length: 13396
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 10:58:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

libparis.fr/wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg

92.222.139.190

200 OK

12 kB

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:47 GMT
content-type: image/svg+xml
content-length: 12019
server: Apache
last-modified: Wed, 19 Oct 2022 09:54:52 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 21 Oct 2022 11:13:47 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f8d99fcb1c8868cf12abe2d17e3be6ef
e1b2089de3499aa7199dec670ccdf8d908f1ebdb
e5ef2b09686fb53ee4aa0dad4ff38e7707a54f255a7a0d210ca262b7ac12fa4b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5412
Cache-Control: max-age=122186
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 10:58:47 GMT
Etag: "6351a08d-117"
Expires: Sat, 22 Oct 2022 20:55:13 GMT
Last-Modified: Thu, 20 Oct 2022 19:25:01 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 10:58:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

6.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libparis.fr
Connection: keep-alive
Referer: https://libparis.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4294352
expires: Wed, 11 Oct 2023 10:58:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLGVtu%2FBlxhT7jZs9OAZLjCCpCOdu7QI1Y1xnIR1HvLfYkb1%2FtclqRgktrzsl%2BZWRd3ud4luWTiS5sedM0SUMuuvqoYzKgPjmgBQ%2FR2v3nD6ZarT9xSSEzyRQOLPbY2yT9%2Fx76zy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75d97ae78ea9b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.10

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libparis.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 09:04:33 GMT
expires: Sat, 21 Oct 2023 09:04:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 6854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f8d99fcb1c8868cf12abe2d17e3be6ef
e1b2089de3499aa7199dec670ccdf8d908f1ebdb
e5ef2b09686fb53ee4aa0dad4ff38e7707a54f255a7a0d210ca262b7ac12fa4b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5412
Cache-Control: max-age=122186
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 10:58:47 GMT
Etag: "6351a08d-117"
Expires: Sat, 22 Oct 2022 20:55:13 GMT
Last-Modified: Thu, 20 Oct 2022 19:25:01 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 10:58:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

libparis.fr/wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/541bddd48cea207925635d697b9bbcc0/hero2.2.png

92.222.139.190

200 OK

183 kB

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/541bddd48cea207925635d697b9bbcc0/hero2.2.png
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
183 kB (182594 bytes)
Hash
dd868667a6c606f6d2b9abbea05d88f3
1d1a8e358fd1ed62e3953d65af7fe5e7a89d0fd2
8219d614dac0bfcd872cc52b1c919351b4bc1fa8d5850fbb3b9d5f751411e459

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/541bddd48cea207925635d697b9bbcc0/hero2.2.png HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:47 GMT
content-type: image/png
content-length: 182594
server: Apache
last-modified: Wed, 19 Oct 2022 09:54:52 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 21 Oct 2022 11:13:47 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 21 Oct 2022 10:43:40 GMT
Expires: Fri, 21 Oct 2022 11:43:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 36fP7czXNNe6vtvDvhvoJBzID6ZGqPcXc0S7udHb-soi0eg8KcdG-Q==
Age: 907

libparis.fr/wp-content/uploads/dk/metamask/login/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282

92.222.139.190

200 OK

4.2 kB

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4210 bytes)
Hash
7688ebe09d93b68eb4a23536f7b7aefb
5b33f4a405eb2f178146d1016fbf2046c1c77866
918a76a5bebc21af888b92725ad9207b7c6886f6035d5b5115999251b58ba9e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282 HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:48 GMT
content-type: image/png
content-length: 4210
server: Apache
last-modified: Wed, 19 Oct 2022 09:54:52 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 21 Oct 2022 11:13:48 GMT
X-Firefox-Spdy: h2

libparis.fr/wp-content/uploads/dk/metamask/login/icons/icon-512x512.png?v=48400a28770e10dd52a8c0e539aeb282

92.222.139.190

200 OK

48 kB

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/icons/icon-512x512.png?v=48400a28770e10dd52a8c0e539aeb282
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
48 kB (47459 bytes)
Hash
c5206b331ca49158d198c5ce22c61a76
fc889f7d651a4e2f63f5c82cde1e53e071c075d2
573bbe5e5f1e2ec776b4a1a3c7e47c1186164b385fe46f931fa09ae52ba51178

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/icons/icon-512x512.png?v=48400a28770e10dd52a8c0e539aeb282 HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:48 GMT
content-type: image/png
content-length: 47459
server: Apache
last-modified: Wed, 19 Oct 2022 09:54:52 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Fri, 21 Oct 2022 11:13:48 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5573
Cache-Control: max-age=168052
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 10:58:48 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:39:40 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VwrvWN7gNhK1n66UKp05xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QR3XOLqgC/I8gjp7LzGvjzicUnc=

www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2

92.222.139.190

404 Not Found

21 kB

URL HTTP/2
www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
data
Size
21 kB (21216 bytes)
Hash
8629d8c704256f2e3484334bf6cacda0
baedc6ee8e53ad7236cda9bf493225f17f956fd6
7930aa02a5caddf4d750f7b7c3f4afb399259d4c5019bec88bf2c592be14d2be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2 HTTP/1.1
Host: www.libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libparis.fr
Referer: https://libparis.fr/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 404 Not Found
date: Fri, 21 Oct 2022 10:58:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.libparis.fr/wp-json/>; rel="https://api.w.org/"
X-Firefox-Spdy: h2

libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2

92.222.139.190

301 Moved Permanently

503 B

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2 HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 21 Oct 2022 10:58:48 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-2d75957df3bb3aa6ed84f6591b0d5a1a.woff2
X-Firefox-Spdy: h2

libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2

92.222.139.190

301 Moved Permanently

503 B

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2 HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 21 Oct 2022 10:58:48 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Fri, 21 Oct 2022 12:28:33 GMT
Date: Fri, 21 Oct 2022 10:58:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg

34.120.237.76

200 OK

2.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.3 kB (2305 bytes)
Hash
76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 10:12:23 GMT
age: 2786
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb458662c-d437-4d78-9218-021bf453a379.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12683 bytes)
Hash
b3407289d0d5a3cc4bff8493349bd141
14ea4bc4b8a8600e8e3f31a7684636a335db1dc1
c0406f8d037045bbc80ffac713cd3055239bb2ad8d24ccf6a5acdfcb2fee2eb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb458662c-d437-4d78-9218-021bf453a379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 00900e5d-86da-4816-b0d4-ca1877328f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WZtHTLIAMF8cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d10a-37a5019113eff2fc2bbded44;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6OH6MZBtjo2lA6BfRO4yXsZMuQckcrv04QVgNxkP1xI5ks01TGxcPA==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:17:32 GMT
age: 45677
etag: "14ea4bc4b8a8600e8e3f31a7684636a335db1dc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9195 bytes)
Hash
d369f8641d3489521afd62e112136f5b
088a3290733195efeb1d79dcc995c22b603bece0
b18601499cbb7bbcc1eaa464cec12c0287f8fab52a89e97973bd78fcb26ea918

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9195
x-amzn-requestid: e40418b8-2272-44a3-83d6-9465798793ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLEk4oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-34994aca1e13dcab306bf1a4;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86MQ2WBrOZ2pH88f27PxZ9f8tuu_9u6qNzyr4LZz6-yNbfjJdjgr0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:48:08 GMT
age: 47441
etag: "088a3290733195efeb1d79dcc995c22b603bece0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6551 bytes)
Hash
1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5ilfg4GVL-HvWbuZrvFkZynDNCZDiBVNTDWjLdr2ZCLjH04NW3yqw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 07:24:29 GMT
age: 12860
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10799 bytes)
Hash
00f8ff57c0d15e1ce75a788b91dc0bd3
46445de659e1aa0623c7666c98b5f642ffeff89d
95eb2c3d2ab4643affffd59887814a013edacba9f73c633399905d9d0d397b1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10799
x-amzn-requestid: 9b27131b-a0ca-426d-939c-78de0beac51c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLF9hIAMF97g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-76bf3c356f04a6a672e2f7a1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 96xd1B3QDqywkAxLGVMbF6P4UJ_gweEBpEc8fcCwUzVhTG6GWA66FA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
age: 47321
etag: "46445de659e1aa0623c7666c98b5f642ffeff89d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6730 bytes)
Hash
41720951bc9f58ea936fb65b472ef05a
b8739209bdacc59cbf87b49024f73650a9a0f113
9dd1c174c5a45cf4167c4c20752c2575ab4280f869f49dd9056907c9521afe36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6730
x-amzn-requestid: 97d867bc-a398-4b2b-8dda-2497a105845e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aSsAnEP3oAMF2lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6350f39d-3f56509c395ff64a396b5706;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 07:07:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HnxmItt9LDm9ME1eITiRbQQr9xr7PLXcdTCRGyDVvO2Zo6x9pjavsw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 04:53:57 GMT
age: 21892
etag: "b8739209bdacc59cbf87b49024f73650a9a0f113"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libparis.fr
Connection: keep-alive
Referer: https://libparis.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 10:58:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:32:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8ea1b3d287dfbfc3341edbcf9098914c
cdn-cache: HIT
cf-cache-status: HIT
age: 53546
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75d97ae73e570b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff

92.222.139.190

301 Moved Permanently

0 B

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 21 Oct 2022 10:58:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff
X-Firefox-Spdy: h2

libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff

92.222.139.190

301 Moved Permanently

0 B

URL HTTP/2
libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff HTTP/1.1
Host: libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://libparis.fr/wp-content/uploads/dk/metamask/login/verify.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 21 Oct 2022 10:58:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff
X-Firefox-Spdy: h2

www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2

92.222.139.190

404 Not Found

0 B

URL HTTP/2
www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-9024d0bf73943172297c4628d0054e20.woff2 HTTP/1.1
Host: www.libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libparis.fr
Referer: https://libparis.fr/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 404 Not Found
date: Fri, 21 Oct 2022 10:58:49 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.libparis.fr/wp-json/>; rel="https://api.w.org/"
X-Firefox-Spdy: h2

www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff

92.222.139.190

404 Not Found

0 B

URL HTTP/2
www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Bold-WebXL-209069c7aa5477ff7e4589148b6eef8c.woff HTTP/1.1
Host: www.libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libparis.fr
Referer: https://libparis.fr/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 404 Not Found
date: Fri, 21 Oct 2022 10:58:50 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.libparis.fr/wp-json/>; rel="https://api.w.org/"
X-Firefox-Spdy: h2

www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff

92.222.139.190

404 Not Found

0 B

URL HTTP/2
www.libparis.fr/wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff
IP
92.222.139.190:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dk/metamask/login/static/EuclidCircularB-Regular-WebXL-22b35d70bd71015234110aadc6b8db1b.woff HTTP/1.1
Host: www.libparis.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libparis.fr
Referer: https://libparis.fr/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 404 Not Found
date: Fri, 21 Oct 2022 10:58:50 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.libparis.fr/wp-json/>; rel="https://api.w.org/"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (36)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size