Report - www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25

Report Overview

Visited public
2024-12-07 21:13:57
Tags
Submit Tags
URL
www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Finishing URL
www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
IP / ASN
104.21.88.47
#13335 CLOUDFLARENET
Title
uc berkeley academic calendar 2024-25

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-01	970 B	738 B	18.197.104.204
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-01	409 B	86 kB	185.196.197.71
normalfloat.com	unknown	2024-08-13	2024-12-03	2024-12-03	3.0 kB	40 kB	192.243.61.225
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-01	423 B	375 B	185.196.197.72
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2024-12-03	910 B	248 kB	45.133.44.1
www.ehpad-lou-casteig.fr	unknown	2024-12-06	2018-01-01	2023-08-03	4.2 kB	356 kB	172.67.172.140
degeneratesevere.com	unknown	2024-06-04	2024-10-15	2024-11-30	892 B	24 kB	192.243.59.13
clusterposture.com	unknown	2024-08-13	2024-12-03	2024-12-03	3.0 kB	40 kB	172.240.108.84
lazy.agczn.my.id	unknown	2023-10-22	2024-05-12	2024-12-01	944 B	2.7 kB	172.67.221.7
behaviorbald.com	unknown	2024-08-13	2024-12-03	2024-12-03	493 B	491 B	192.243.59.20
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-12-05	746 B	496 B	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-07	medium	degeneratesevere.com	Sinkholed
2024-12-07	medium	degeneratesevere.com	Sinkholed
2024-12-07	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	unknown	ScriptElement	3.3 kB	2024-12-07	2024-12-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 21:14 Last Seen2024-12-07 21:14 Times Seen1 Hash 421192b6df3da72370d0308afbeeddcb 178283be042cfb7dabadfeb7b94faf40ef4f11c0 5253e8391a4cdf71db42315ff538338a79e7264f94d3e9104175cf9aa42c5148 Loading...

	www.ehpad-lou-casteig.fr/js/highlight.min.js	ScriptElement	123 kB	2024-08-28	2025-05-18
Pretty URL www.ehpad-lou-casteig.fr/js/highlight.min.js IP 172.67.172.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen292 Hash ce552ffc8630869b9d3a215fca292098 6324f32bee04e9925adde9522dfe78eeae4858d5 30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812 Loading...

	clusterposture.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js	ScriptElement	95 kB	2024-12-07	2024-12-07
Pretty URL clusterposture.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 21:14 Last Seen2024-12-07 21:14 Times Seen1 Hash 87461ddd137fcf0e60b2e916c269b966 125e5596f768dab92769469662610041ad0cf982 40049802fe5f0f51ccda625ad6c0951f50f06a09215cf38e0f61283830d8d197 Loading...

	lazy.agczn.my.id/js15_as.js?hash=iMpKs06nUMRC&host=www.ehpad-lou-casteig.fr&path=%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&ref=	ScriptElement	0 B	0001-01-01	2025-07-01
Pretty URL lazy.agczn.my.id/js15_as.js?hash=iMpKs06nUMRC&host=www.ehpad-lou-casteig.fr&path=%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&ref= IP 172.67.221.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-01 06:04 Times Seen5223710 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25	ScriptElement	140 B	2024-08-12	2025-04-12
Pretty URL www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25 IP 172.67.172.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-12 23:40 Last Seen2025-04-12 04:44 Times Seen81 Hash 007007e8011e776d0bda59afe96b760b 484e3ebf64458a0190029b3c89c19464e1be6c30 36dd7b85aa904d058bec5f229e5e70f1c8daad32e0c2092491b602a110cf9cac Loading...

	degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js	ScriptElement	25 kB	2024-12-03	2024-12-07
Pretty URL degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-03 11:20 Last Seen2024-12-07 21:14 Times Seen3 Hash 70692efae2f6228a7d215594e8469138 e54a6da7eda1284e18d429b94a7b23df1e45e2d8 b4c60f41600ce5639262ec6a55905b19249c5caf6b7a2bce23ae3c195d613fe1 Loading...

	degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js	ScriptElement	25 kB	2024-12-06	2024-12-07
Pretty URL degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-06 18:43 Last Seen2024-12-07 21:14 Times Seen4 Hash 6ff57185b0b87c37f2774c19c77b34c3 632b39a1edeebc7ae3e5ca1fdb22ccff868bc8c7 c6edcc4da578b9e580091d0621aa34ab6f6ce6dd7dbb9c5ea5ac7c2a1a32b6da Loading...

	www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25	ScriptElement	98 B	2024-04-10	2025-05-18
Pretty URL www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25 IP 172.67.172.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-10 17:35 Last Seen2025-05-18 14:52 Times Seen659 Hash 943d0828305b7fffcee63720ab297353 0af67ef5eeb188730502b4885f171e4c343fb22e ac5930440fe8be9005bae09ce1c2e9458c90f7428bcd7c7eb0191df1e90c71d6 Loading...

	www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25	ScriptElement	358 B	2024-08-28	2025-05-18
Pretty URL www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25 IP 172.67.172.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-28 15:34 Last Seen2025-05-18 14:52 Times Seen290 Hash 307edac2bd62b6f19385c5536829d90b 6f9190c70649d6e3ba068981d500e0b002e44a95 9fa7264cd962450aea00f182bf47d25821832bf69b4b7df75a049abfb510efc0 Loading...

	lazy.agczn.my.id/tag.js	ScriptElement	904 B	2024-10-11	2025-05-18
Pretty URL lazy.agczn.my.id/tag.js IP 172.67.221.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-11 05:13 Last Seen2025-05-18 14:52 Times Seen275 Hash f613be6d1cb212afb7ae84007056445d 2fb9979f24cd6cfd3b959630aeb5c3e7b784d9cb a240184536984e9c3a0c758f14a57cbda4fefd001cb3a0379c52b5f1b2e498a9 Loading...

	unknown	ScriptElement	145 B	2024-08-12	2025-01-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-12 23:40 Last Seen2025-01-09 18:35 Times Seen74 Hash 62649fd59fce608732d45d40fc143106 6be59b524fc70dfeef3f682bbd2f8808431357f5 c8c47460f9bc91bf63e50b0e5875f8d80d6a9f0965689670f7e962df69b2b289 Loading...

	www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25	ScriptElement	424 B	2024-12-04	2024-12-17
Pretty URL www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25 IP 172.67.172.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-04 21:59 Last Seen2024-12-17 09:16 Times Seen8 Hash 5a4bf208588df0fd355cd01938abea72 5f6211e6bbf1491eba4b53f8fa8427cac90473f5 3a21e4f3adbd1973057f9805f8fa682edf6da0e9b07aeb9fd2b02884f6b5d2e0 Loading...

	normalfloat.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js	ScriptElement	95 kB	2024-12-07	2024-12-07
Pretty URL normalfloat.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 18:39 Last Seen2024-12-07 21:14 Times Seen2 Hash 23714e61cc17acc7760dca7075dea119 b54e50d6d83badf9f06e22e9fea1486158a6a805 c5bcf837dc4173ae1dbaff8671ae86e45d6dfd4b0bc3aafaf3c8dd873196d8a8 Loading...

	unknown	ScriptElement	3.3 kB	2024-12-07	2024-12-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 21:14 Last Seen2024-12-07 21:14 Times Seen1 Hash 2499d156086a6c2bf5c153fb4657670c 36dcc8031b12ee0621e5f1129e0e014a672ea391 fa10074bded290722c527b5b23d75fb8282a10d171ad63743744eb895552ac16 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5e43241ecfa639c3c5f2e529987b9540	2.2 kB	2024-12-07 21:14	2024-12-07 21:14
Pretty Observations First Seen2024-12-07 21:14 Last Seen2024-12-07 21:14 Times Seen1 Hash 5e43241ecfa639c3c5f2e529987b9540 908af4cb13d7d8bfed9341348ec3e8fe7897b2f6 bc628d447b3f8ec99fd4a554732017d91eb98c09bfe8c077d5dd046d392218d6 Loading...

	#2 Eval - a773b205a1fbf34d93299bc96d31e3eb	2.1 kB	2024-12-07 21:14	2024-12-07 21:14
Pretty Observations First Seen2024-12-07 21:14 Last Seen2024-12-07 21:14 Times Seen1 Hash a773b205a1fbf34d93299bc96d31e3eb e782c26ee85292c4f1cd33fc6bb2a365edd2fd50 11549096bad15e1a9bcf4ea887058a737274222c08180e1f3a5654940b9b07b6 Loading...

HTTP Transactions (24)

URL IP Response Size

GET degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js

192.243.59.13

200 OK

11 kB

URL GET HTTP/1.1
degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectdegeneratesevere.com
Fingerprint78:E0:86:5B:9F:8A:52:19:5A:26:41:95:F7:70:0F:3C:10:C1:15:82
ValidityTue, 03 Dec 2024 21:35:24 GMT - Mon, 03 Mar 2025 21:35:23 GMT

File type
JavaScript source, ASCII text, with very long lines (24920), with no line terminators
Size
11 kB (11310 bytes)
Hash
70692efae2f6228a7d215594e8469138
e54a6da7eda1284e18d429b94a7b23df1e45e2d8
b4c60f41600ce5639262ec6a55905b19249c5caf6b7a2bce23ae3c195d613fe1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js HTTP/1.1
Host: degeneratesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Dec 2024 21:13:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: degeneratesevere.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: cfc1d17dfb2f444cd4e657d0df6525d4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

18.197.104.204

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.197.104.204:443
ASN
#16509 AMAZON-02

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3850a67673a91e4745dcf0034bd87b81
a5d92f27fdabdac42149c6be1ae2394033260f75
4faf79bc535c4fedfc128c48258f0b0c939503c92807c1cb998797336e232107

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ehpad-lou-casteig.fr
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 21:13:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ehpad-lou-casteig.fr
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d18da4e5-bacd-453d-bf4e-89099f05579b:1:1; expires=Tue, 05 Dec 2034 21:13:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js

192.243.59.13

200 OK

11 kB

URL GET HTTP/1.1
degeneratesevere.com/4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectdegeneratesevere.com
Fingerprint78:E0:86:5B:9F:8A:52:19:5A:26:41:95:F7:70:0F:3C:10:C1:15:82
ValidityTue, 03 Dec 2024 21:35:24 GMT - Mon, 03 Mar 2025 21:35:23 GMT

File type
JavaScript source, ASCII text, with very long lines (24908), with no line terminators
Size
11 kB (11297 bytes)
Hash
6ff57185b0b87c37f2774c19c77b34c3
632b39a1edeebc7ae3e5ca1fdb22ccff868bc8c7
c6edcc4da578b9e580091d0621aa34ab6f6ce6dd7dbb9c5ea5ac7c2a1a32b6da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4ebc5c5268f114d8d4e2aad31b3a7099/invoke.js HTTP/1.1
Host: degeneratesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: degeneratesevere.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 847d1b2c6f708d5e66b10cd4f0ae145f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

18.197.104.204

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.197.104.204:443
ASN
#16509 AMAZON-02

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3850a67673a91e4745dcf0034bd87b81
a5d92f27fdabdac42149c6be1ae2394033260f75
4faf79bc535c4fedfc128c48258f0b0c939503c92807c1cb998797336e232107

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ehpad-lou-casteig.fr
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Cookie: uid_id2=d18da4e5-bacd-453d-bf4e-89099f05579b:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 21:13:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ehpad-lou-casteig.fr
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET clusterposture.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js

172.240.108.84

200 OK

34 kB

URL GET HTTP/1.1
clusterposture.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectclusterposture.com
Fingerprint4C:B5:C5:B8:D3:18:E6:F3:7F:BF:1F:F6:C8:12:72:93:6A:31:82:43
ValidityMon, 14 Oct 2024 03:37:53 GMT - Sun, 12 Jan 2025 03:37:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33684 bytes)
Hash
87461ddd137fcf0e60b2e916c269b966
125e5596f768dab92769469662610041ad0cf982
40049802fe5f0f51ccda625ad6c0951f50f06a09215cf38e0f61283830d8d197

HTTP Headers

GET /e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js HTTP/1.1
Host: clusterposture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: clusterposture.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ae6b3ea42067b45503b409320dc0c1a6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET clusterposture.com/watch.1494348001143.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&tz=0&dev=e&res=14.2071&rb=&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1

172.240.108.84

307 Temporary Redirect

0 B

URL GET HTTP/1.1
clusterposture.com/watch.1494348001143.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&tz=0&dev=e&res=14.2071&rb=&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectclusterposture.com
Fingerprint4C:B5:C5:B8:D3:18:E6:F3:7F:BF:1F:F6:C8:12:72:93:6A:31:82:43
ValidityMon, 14 Oct 2024 03:37:53 GMT - Sun, 12 Jan 2025 03:37:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1494348001143.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&tz=0&dev=e&res=14.2071&rb=&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1 HTTP/1.1
Host: clusterposture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ehpad-lou-casteig.fr
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Origin: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Credentials: true
Location: https://clusterposture.com/watch.1494348001143.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=4609a7beb6c5e05ab52a832b3cd94ba2a1356c3befae613f9f311d09fdb9cdd9c4f058cf0d8ad858aa2f8091e108d1182faebd417648555caefd38d2fa87dd007853f916b0f28e339f6ede00106d1c60c515a28213739e5e6a1f93&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1
Set-Cookie: u_pl23748403=1; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmVocGFkLWxvdS1jYXN0ZWlnLmZyL05kbndldTMyOWIvdWMtYmVya2VsZXktYWNhZGVtaWMtY2FsZW5kYXItMjAyNC0yNSIsImFyIjpbXX19.zG36d0k4OwwIo_Y2QxjLh6imAmaAlyR9xomopMV-TdY; expires=Sat, 07 Dec 2024 21:14:32 GMT; path=/; secure; SameSite=None
Host: clusterposture.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 90e6aebfb5e28959b29f1471fe976940
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET lazy.agczn.my.id/js15_as.js?hash=iMpKs06nUMRC&host=www.ehpad-lou-casteig.fr&path=%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&ref=

172.67.221.7

200 OK

0 B

URL GET HTTP/3
lazy.agczn.my.id/js15_as.js?hash=iMpKs06nUMRC&host=www.ehpad-lou-casteig.fr&path=%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&ref=
IP
172.67.221.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint57:39:D4:DC:AF:10:E7:56:93:4E:5A:40:18:6A:27:1F:96:74:11:D7
ValidityThu, 10 Oct 2024 13:19:14 GMT - Wed, 08 Jan 2025 13:19:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js15_as.js?hash=iMpKs06nUMRC&host=www.ehpad-lou-casteig.fr&path=%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&ref= HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 21:13:32 GMT
content-length: 0
x-powered-by: Express
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMOXnyKuiSLuWqkI%2BjF%2FYMqiNCNe2ojGZTEnhkCxy1wtyl3LYdKCCFdcvlpM1UCe2yY8txPC52LLmHC4B9QfBRs%2BjGQBtIgrZlzNOI3SGsrxL1OU8X%2FkuFr3jSHWb%2FXfuc4K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee7852879500b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11412&min_rtt=8985&rtt_var=5103&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4090&recv_bytes=1198&delivery_rate=66105&cwnd=12000&unsent_bytes=0&cid=09c0719ec16748b1&ts=778&x=1", cfExtPri, cfHdrFlush;dur=0

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 16d006376df1fc70e098bddd4c91c346
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET clusterposture.com/watch.1494348001143.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=4609a7beb6c5e05ab52a832b3cd94ba2a1356c3befae613f9f311d09fdb9cdd9c4f058cf0d8ad858aa2f8091e108d1182faebd417648555caefd38d2fa87dd007853f916b0f28e339f6ede00106d1c60c515a28213739e5e6a1f93&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1

172.240.108.84

200 OK

2.0 kB

URL GET HTTP/1.1
clusterposture.com/watch.1494348001143.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=4609a7beb6c5e05ab52a832b3cd94ba2a1356c3befae613f9f311d09fdb9cdd9c4f058cf0d8ad858aa2f8091e108d1182faebd417648555caefd38d2fa87dd007853f916b0f28e339f6ede00106d1c60c515a28213739e5e6a1f93&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectclusterposture.com
Fingerprint4C:B5:C5:B8:D3:18:E6:F3:7F:BF:1F:F6:C8:12:72:93:6A:31:82:43
ValidityMon, 14 Oct 2024 03:37:53 GMT - Sun, 12 Jan 2025 03:37:52 GMT

File type
JavaScript source, ASCII text, with very long lines (2482)
Size
2.0 kB (2012 bytes)
Hash
ff79076a3fd7d0d6823a73f485f29e2b
f1e85d9cf225a0164fba22e1168b5623f9e6be73
35e4f0647eef065ee65947841000cb65647cdac3f149c8c66dcb115372aef0bc

HTTP Headers

GET /watch.1494348001143.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=4609a7beb6c5e05ab52a832b3cd94ba2a1356c3befae613f9f311d09fdb9cdd9c4f058cf0d8ad858aa2f8091e108d1182faebd417648555caefd38d2fa87dd007853f916b0f28e339f6ede00106d1c60c515a28213739e5e6a1f93&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1 HTTP/1.1
Host: clusterposture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ehpad-lou-casteig.fr
Referer: https://www.ehpad-lou-casteig.fr/
DNT: 1
Connection: keep-alive
Cookie: u_pl23748403=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmVocGFkLWxvdS1jYXN0ZWlnLmZyL05kbndldTMyOWIvdWMtYmVya2VsZXktYWNhZGVtaWMtY2FsZW5kYXItMjAyNC0yNSIsImFyIjpbXX19.zG36d0k4OwwIo_Y2QxjLh6imAmaAlyR9xomopMV-TdY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Origin: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d18da4e5-bacd-453d-bf4e-89099f05579b:1:1; expires=Sat, 14 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
Host: clusterposture.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9e857222e1259887466f51b143f23c61
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET normalfloat.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js

192.243.61.225

200 OK

34 kB

URL GET HTTP/1.1
normalfloat.com/e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectnormalfloat.com
FingerprintD7:D5:52:48:AB:4D:76:3F:44:BF:9C:06:08:FB:F9:66:58:F4:D5:AB
ValidityMon, 14 Oct 2024 07:53:11 GMT - Sun, 12 Jan 2025 07:53:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33683 bytes)
Hash
23714e61cc17acc7760dca7075dea119
b54e50d6d83badf9f06e22e9fea1486158a6a805
c5bcf837dc4173ae1dbaff8671ae86e45d6dfd4b0bc3aafaf3c8dd873196d8a8

HTTP Headers

GET /e6/3e/cf/e63ecf111180228a9e27d84976d262cc.js HTTP/1.1
Host: normalfloat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: normalfloat.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: edd9ad52e4231e0a3d4972dd280dbd7e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET normalfloat.com/watch.718061359136.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&tz=0&dev=e&res=14.2071&rb=&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
normalfloat.com/watch.718061359136.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&tz=0&dev=e&res=14.2071&rb=&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectnormalfloat.com
FingerprintD7:D5:52:48:AB:4D:76:3F:44:BF:9C:06:08:FB:F9:66:58:F4:D5:AB
ValidityMon, 14 Oct 2024 07:53:11 GMT - Sun, 12 Jan 2025 07:53:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.718061359136.js?key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&tz=0&dev=e&res=14.2071&rb=&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1 HTTP/1.1
Host: normalfloat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ehpad-lou-casteig.fr
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Origin: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Credentials: true
Location: https://normalfloat.com/watch.718061359136.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=d949ee49f24fda441d3b82b4b5bb7c26ea824e2ca976cb4152545b594dee71ce4c7178a528dfbb347da395c53ae9e92de344d57b8d41684aefc181a1e2715ba3ecd3654c97d9bc623a134c78de669a3dd32385892f8304b601e8e4&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1
Set-Cookie: u_pl23748403=1; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmVocGFkLWxvdS1jYXN0ZWlnLmZyL05kbndldTMyOWIvdWMtYmVya2VsZXktYWNhZGVtaWMtY2FsZW5kYXItMjAyNC0yNSIsImFyIjpbXX19.zG36d0k4OwwIo_Y2QxjLh6imAmaAlyR9xomopMV-TdY; expires=Sat, 07 Dec 2024 21:14:32 GMT; path=/; secure; SameSite=None
Host: normalfloat.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0eb0c2ffcbd80a35e681f3bd96ce515b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80
ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: bddce313c1a954f65fa08f0ef6739f94
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET normalfloat.com/watch.718061359136.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=d949ee49f24fda441d3b82b4b5bb7c26ea824e2ca976cb4152545b594dee71ce4c7178a528dfbb347da395c53ae9e92de344d57b8d41684aefc181a1e2715ba3ecd3654c97d9bc623a134c78de669a3dd32385892f8304b601e8e4&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1

192.243.61.225

200 OK

2.0 kB

URL GET HTTP/1.1
normalfloat.com/watch.718061359136.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=d949ee49f24fda441d3b82b4b5bb7c26ea824e2ca976cb4152545b594dee71ce4c7178a528dfbb347da395c53ae9e92de344d57b8d41684aefc181a1e2715ba3ecd3654c97d9bc623a134c78de669a3dd32385892f8304b601e8e4&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectnormalfloat.com
FingerprintD7:D5:52:48:AB:4D:76:3F:44:BF:9C:06:08:FB:F9:66:58:F4:D5:AB
ValidityMon, 14 Oct 2024 07:53:11 GMT - Sun, 12 Jan 2025 07:53:10 GMT

File type
JavaScript source, ASCII text, with very long lines (2503)
Size
2.0 kB (2028 bytes)
Hash
8ac6020b18f0065165c9e74caf364054
7c0806965ec6a995a3813d7261570bcaa96f0c92
d99f13a24e4893b83d908f6dfe6d7e99f07bf84f942773fb869566409993bbde

HTTP Headers

GET /watch.718061359136.js?dev=e&key=4ebc5c5268f114d8d4e2aad31b3a7099&kw=%5B%5D&pst=1733606072&rb=&refer=https%3A%2F%2Fwww.ehpad-lou-casteig.fr%2FNdnweu329b%2Fuc-berkeley-academic-calendar-2024-25&res=14.2071&rmtc=t&shu=d949ee49f24fda441d3b82b4b5bb7c26ea824e2ca976cb4152545b594dee71ce4c7178a528dfbb347da395c53ae9e92de344d57b8d41684aefc181a1e2715ba3ecd3654c97d9bc623a134c78de669a3dd32385892f8304b601e8e4&tz=0&uuid=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1 HTTP/1.1
Host: normalfloat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ehpad-lou-casteig.fr
Referer: https://www.ehpad-lou-casteig.fr/
DNT: 1
Connection: keep-alive
Cookie: u_pl23748403=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzc0ODQwMywiayI6IjRlYmM1YzUyNjhmMTE0ZDhkNGUyYWFkMzFiM2E3MDk5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjgxODg4LCJwaWQiOjE1NDYxMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImtxNmQxM2syNDciLCJjcGtzIjp7IjI4IjoiZTYzZWNmMTExMTgwMjI4YTllMjdkODQ5NzZkMjYyY2MifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmVocGFkLWxvdS1jYXN0ZWlnLmZyL05kbndldTMyOWIvdWMtYmVya2VsZXktYWNhZGVtaWMtY2FsZW5kYXItMjAyNC0yNSIsImFyIjpbXX19.zG36d0k4OwwIo_Y2QxjLh6imAmaAlyR9xomopMV-TdY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Origin: https://www.ehpad-lou-casteig.fr
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d18da4e5-bacd-453d-bf4e-89099f05579b:1:1; expires=Sat, 14 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Sun, 08 Dec 2024 21:13:32 GMT; path=/; secure; SameSite=None
Host: normalfloat.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c314125c732c71812447475509965311
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET behaviorbald.com/pixel/purst?dl=0&th=0&sc=0&rs=2331&rd=2331&fd=510&bv=24.12.6652&tmpl=136

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
behaviorbald.com/pixel/purst?dl=0&th=0&sc=0&rs=2331&rd=2331&fd=510&bv=24.12.6652&tmpl=136
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectbehaviorbald.com
Fingerprint0A:52:51:DA:C5:10:60:F3:D3:30:D0:28:C5:8E:42:0A:55:90:32:E1
ValiditySun, 13 Oct 2024 23:52:24 GMT - Sat, 11 Jan 2025 23:52:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2331&rd=2331&fd=510&bv=24.12.6652&tmpl=136 HTTP/1.1
Host: behaviorbald.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 07 Dec 2024 21:13:32 GMT
Content-Length: 0
Connection: keep-alive
Host: behaviorbald.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png

45.133.44.1

200 OK

128 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
128 kB (128359 bytes)
Hash
4f16ce4e40909eda7bb22f5f73d06049
5975a733f4231ac9f0ae476a4be97f1b7e7ad6bb
a6159f3d5a1a2ecf48e7d529a1afe6d2117621ea3cdf536bbfde8f203e1af461

HTTP Headers

GET /cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: image/png
content-length: 128359
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:41:24 GMT
etag: "65cb2b34-1f567"
expires: Mon, 09 Dec 2024 21:13:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png

45.133.44.1

200 OK

119 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
119 kB (118759 bytes)
Hash
72fe477091722c9a5ab9b26117663f22
edf375c273be0ee032792a29121c435678c303a5
7b2a8ad947f5c5ec0e0e4aaabc63cd445b1346e6f03ad5cfc604f1f274bd89a2

HTTP Headers

GET /cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: image/png
content-length: 118759
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:40:43 GMT
etag: "65cb2b0b-1cfe7"
expires: Mon, 09 Dec 2024 21:13:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.ehpad-lou-casteig.fr/profil.png

172.67.172.140

200 OK

194 kB

URL GET HTTP/3
www.ehpad-lou-casteig.fr/profil.png
IP
172.67.172.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectehpad-lou-casteig.fr
Fingerprint66:D7:27:E0:2F:15:DA:59:E5:D0:72:3C:FE:1D:47:45:CB:EE:C5:6D
ValidityFri, 06 Dec 2024 12:38:28 GMT - Thu, 06 Mar 2025 12:38:27 GMT

File type
PNG image data, 923 x 740, 8-bit/color RGBA, non-interlaced
Size
194 kB (194148 bytes)
Hash
0ecb16fcde3387b3713c23171a893d09
cfe3c161fb283b1edaad6d93d60b538dfb4fd26e
4a82536fd7a10df27764bc1d956a7423736b4e2c09332d7fabfe25c15f7119c6

HTTP Headers

GET /profil.png HTTP/1.1
Host: www.ehpad-lou-casteig.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sat, 07 Dec 2024 21:13:31 GMT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: image/png
content-length: 194148
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"2f664-19160ce8180"
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ushnQK9mVv0P8x%2FCgy21IxCLLW8%2FsxENm9xx8ZleUSi4Q2GVdu%2F%2B2sWhsFJwYlxz8jeKSxfGpe9GEhm0%2FG2%2BpaSX5f4F5E5EZanq0B587qJiFePZu5crxWZpKF16eWKZONLxZYhGsDa4zgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee785291fcdb517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11004&min_rtt=9146&rtt_var=3641&sent=30&recv=10&lost=0&retrans=0&sent_bytes=24444&recv_bytes=2138&delivery_rate=910317&cwnd=24000&unsent_bytes=0&cid=68ceaf8370df3915&ts=2025&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.ehpad-lou-casteig.fr/js/highlight.min.js

172.67.172.140

200 OK

42 kB

URL GET HTTP/3
www.ehpad-lou-casteig.fr/js/highlight.min.js
IP
172.67.172.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectehpad-lou-casteig.fr
Fingerprint66:D7:27:E0:2F:15:DA:59:E5:D0:72:3C:FE:1D:47:45:CB:EE:C5:6D
ValidityFri, 06 Dec 2024 12:38:28 GMT - Thu, 06 Mar 2025 12:38:27 GMT

File type
JavaScript source, ASCII text, with very long lines (7910), with CRLF line terminators
Size
42 kB (42207 bytes)
Hash
ce552ffc8630869b9d3a215fca292098
6324f32bee04e9925adde9522dfe78eeae4858d5
30ecef6c6f78426a75fa5f60f92780501a3619ec11367e3b67331576f3370812

HTTP Headers

GET /js/highlight.min.js HTTP/1.1
Host: www.ehpad-lou-casteig.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sat, 07 Dec 2024 21:13:31 GMT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sat, 17 Aug 2024 14:47:12 GMT
etag: W/"1e03b-19160ce8180"
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qg0m9%2FPSZ0ZwhNaoskxWOT%2Fzybuk5yQ5z%2FYFZhiGUEweXamUBrG%2BcN4rmEJKzKGUkEISa8SJwcYsC91kJgJcEcmlveW7IIfMEKkmVtF3LgTXUomqGHxCWibIfzPi67R%2BgqbGntWBT0QK2vQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee78528ffa9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10860&min_rtt=8992&rtt_var=2185&sent=199&recv=18&lost=0&retrans=0&sent_bytes=224210&recv_bytes=3558&delivery_rate=6441979&cwnd=100800&unsent_bytes=0&cid=68ceaf8370df3915&ts=2302&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.ehpad-lou-casteig.fr/apple-touch-icon.png

172.67.172.140

404 Not Found

13 kB

URL GET HTTP/3
www.ehpad-lou-casteig.fr/apple-touch-icon.png
IP
172.67.172.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectehpad-lou-casteig.fr
Fingerprint66:D7:27:E0:2F:15:DA:59:E5:D0:72:3C:FE:1D:47:45:CB:EE:C5:6D
ValidityFri, 06 Dec 2024 12:38:28 GMT - Thu, 06 Mar 2025 12:38:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7920), with CRLF line terminators
Size
13 kB (13135 bytes)
Hash
c53b9b315aa67830b1bb5c7a96853fa9
90e004dacf39e82987a4321e521261cbd729e758
781d69db3ee6004fff3fc496f0ba6fcf65ca38b9ce498c2ade55dc8a442a8d3c

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: www.ehpad-lou-casteig.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sat, 07 Dec 2024 21:13:31 GMT; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1; pp_show_on_e63ecf111180228a9e27d84976d262cc=1; pp_main_e63ecf111180228a9e27d84976d262cc=1; pp_exp_e63ecf111180228a9e27d84976d262cc=1733606913097
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhgR7RpXTMTagzhZ9zLNYa8tHUUobI5wwbTKso6VtXUJs%2FzH2kOnVedzH5%2B02DG8KXxpUfbxan3vadW6%2FZu%2F6SgQf9RDzC2sGV6xCPFLDSQU6NTBCJalfv8Ph%2FME67AOlcLWBIwvwJmUfRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee7852ed957b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11149&min_rtt=8992&rtt_var=1906&sent=238&recv=20&lost=0&retrans=0&sent_bytes=270372&recv_bytes=3650&delivery_rate=3657615&cwnd=100800&unsent_bytes=0&cid=68ceaf8370df3915&ts=2579&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.ehpad-lou-casteig.fr/image/uc-berkeley-academic-calendar-2024-25.jpeg

172.67.172.140

200 OK

24 kB

URL GET HTTP/3
www.ehpad-lou-casteig.fr/image/uc-berkeley-academic-calendar-2024-25.jpeg
IP
172.67.172.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectehpad-lou-casteig.fr
Fingerprint66:D7:27:E0:2F:15:DA:59:E5:D0:72:3C:FE:1D:47:45:CB:EE:C5:6D
ValidityFri, 06 Dec 2024 12:38:28 GMT - Thu, 06 Mar 2025 12:38:27 GMT

File type
gzip compressed data, from Unix
Size
24 kB (24533 bytes)
Hash
51303716e773b90cd32fa6ef2465823b
b0d25145c7b92d0e8622756c2253198df30826a4
c31ab9f74c5d8934626283599d492af4c16fd8556ef73847448494cc59979169

HTTP Headers

GET /image/uc-berkeley-academic-calendar-2024-25.jpeg HTTP/1.1
Host: www.ehpad-lou-casteig.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sat, 07 Dec 2024 21:13:31 GMT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: MISS
last-modified: Sat, 07 Dec 2024 21:13:32 GMT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJYaeGT1cxg5gDUrCAVrZEZFf3PZ6r54dBgIpdRWs%2FtWEO9pk2Su9nP9cdG2lA%2F6vWNA9rQayftp%2F4gNmpBdxjxtPK419lTfPNdTjaIS1kRDI0jxe2xNfXkdSN90D6K%2BVq4qnE7zdbGeTK4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee785292fd4b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11444&min_rtt=9170&rtt_var=5063&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4118&recv_bytes=2051&delivery_rate=64770&cwnd=12000&unsent_bytes=0&cid=68ceaf8370df3915&ts=1858&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25

172.67.172.140

200 OK

75 kB

URL User Request GET HTTP/2
www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
IP
172.67.172.140:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectehpad-lou-casteig.fr
Fingerprint66:D7:27:E0:2F:15:DA:59:E5:D0:72:3C:FE:1D:47:45:CB:EE:C5:6D
ValidityFri, 06 Dec 2024 12:38:28 GMT - Thu, 06 Mar 2025 12:38:27 GMT

File type
HTML document, ASCII text, with very long lines (7920)
Size
75 kB (75355 bytes)
Hash
21f9aefb9dbcd24bf4f1ab7871feb52c
52ff3041833a247a0c515c289d1752b9a6cd525b
197a38ccb8dafdc2396538d447d4378fe1a51d53e54dee155762f374b5286660

HTTP Headers

GET /Ndnweu329b/uc-berkeley-academic-calendar-2024-25 HTTP/1.1
Host: www.ehpad-lou-casteig.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 21:13:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: Express
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6%2FLoxeycpj96N9V2ulDS87eIsPqBZH%2BziakViU7a2SWD%2FzHDbEQEnu%2FZ2qPKic%2FihfTQLjHvtLzkMYKR7sK4dYOvGgt49PozGqlZiinWfMAn1n0QlOdUhzHE%2FfTQ7YQpUMtjKGPMfQnXmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8ee7851bfcd05693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=14560&min_rtt=8133&rtt_var=13781&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3298&recv_bytes=1295&delivery_rate=529110&cwnd=254&unsent_bytes=0&cid=6ca59abfb7b24221&ts=945&x=0"
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=d18da4e5-bacd-453d-bf4e-89099f05579b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e63ecf111180228a9e27d84976d262cc&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=d18da4e5-bacd-453d-bf4e-89099f05579b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e63ecf111180228a9e27d84976d262cc&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=d18da4e5-bacd-453d-bf4e-89099f05579b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e63ecf111180228a9e27d84976d262cc&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 07 Dec 2024 21:13:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d83b617e971a77db983e5cdc22f831d9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.ehpad-lou-casteig.fr/favicon.ico

172.67.172.140

200 OK

1.6 kB

URL GET HTTP/3
www.ehpad-lou-casteig.fr/favicon.ico
IP
172.67.172.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectehpad-lou-casteig.fr
Fingerprint66:D7:27:E0:2F:15:DA:59:E5:D0:72:3C:FE:1D:47:45:CB:EE:C5:6D
ValidityFri, 06 Dec 2024 12:38:28 GMT - Thu, 06 Mar 2025 12:38:27 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 61x60, components 3
Size
1.6 kB (1560 bytes)
Hash
defa547c534dc5efbd17a38ce1811a02
57430b1294a8c02fd41735363606ea5c01bd9db0
63303e092d818e3fed497001e848905956c646fe608d29c0c28fed2d2a15a9ce

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.ehpad-lou-casteig.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Cookie: isFTime_4ebc5c5268f114d8d4e2aad31b3a7099=true; isFTime_4ebc5c5268f114d8d4e2aad31b3a7099_expiry=Sat, 07 Dec 2024 21:13:31 GMT; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d18da4e5-bacd-453d-bf4e-89099f05579b%3A1%3A1; pp_show_on_e63ecf111180228a9e27d84976d262cc=1; pp_main_e63ecf111180228a9e27d84976d262cc=1; pp_exp_e63ecf111180228a9e27d84976d262cc=1733606913097
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 07 Dec 2024 21:13:33 GMT
content-type: image/jpeg
x-powered-by: Express
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: MISS
last-modified: Sat, 07 Dec 2024 21:13:33 GMT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztEzF%2BvMxOxtaccPsSHU15iuwxZVtb9wVGEdf9ro%2B8uyMHcDqlytGxJN%2BicNFx223LkCW%2FAkZRvxdwjw5O1pDQ%2F42AGCmehjmhFnxfNXiyEhaWZo6Ied5LOPciYS2eEfl3FbSgv5KKeOOx0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee7852ed95bb517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11149&min_rtt=8992&rtt_var=1906&sent=236&recv=20&lost=0&retrans=0&sent_bytes=268203&recv_bytes=3650&delivery_rate=3657615&cwnd=100800&unsent_bytes=0&cid=68ceaf8370df3915&ts=2578&x=1", cfExtPri, cfHdrFlush;dur=0

GET lazy.agczn.my.id/tag.js

172.67.221.7

200 OK

904 B

URL GET HTTP/2
lazy.agczn.my.id/tag.js
IP
172.67.221.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.ehpad-lou-casteig.fr/Ndnweu329b/uc-berkeley-academic-calendar-2024-25
Certificate
IssuerGoogle Trust Services
Subjectagczn.my.id
Fingerprint57:39:D4:DC:AF:10:E7:56:93:4E:5A:40:18:6A:27:1F:96:74:11:D7
ValidityThu, 10 Oct 2024 13:19:14 GMT - Wed, 08 Jan 2025 13:19:13 GMT

File type
ASCII text, with very long lines (1087), with no line terminators
Size
904 B (904 bytes)
Hash
838afb2c0623f31fd65038374b242898
8993bbea96f758e09898a01227b3b3bac42da25b
f76d845560c84df04db23c9880b2b0c1450533c811069ca04d84bea867c2895b

HTTP Headers

GET /tag.js HTTP/1.1
Host: lazy.agczn.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ehpad-lou-casteig.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 07 Dec 2024 21:13:31 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=120
last-modified: Thu, 10 Oct 2024 17:00:10 GMT
etag: W/"388-192775fa590"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8RV3oXZYiW64DZWQqKqv9EKQR4XWxifikW%2Fsw12BVWhI2PBbPzIsKUhO2KYkADhGkgokBwduvImFZZjjmzaScv1t0BN7NIGEdQN3P9KxHYUyv0BcKBro51dImPfxJBzd3RHQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8ee785239cda56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13444&min_rtt=7941&rtt_var=11839&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1062&delivery_rate=527760&cwnd=254&unsent_bytes=0&cid=8c731dc4107ec139&ts=449&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL