| geant.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
IP172.64.149.23:0
Hashbe987060da98eab9b4c752b3bf75f114 8f18bbb35dd4758fe28d52aeda7fdcde8a073ac9 79a0ff4374b63740e7861829f27f1dc6e3d53bcd95f882f08e9ff53bdeaf7a2b
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:17 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 00:42:41 GMT
Expires: Tue, 23 Apr 2024 00:42:40 GMT
Etag: "8f18bbb35dd4758fe28d52aeda7fdcde8a073ac9"
Cache-Control: max-age=401482,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87637828295a0b02-OSL
|
|
| | 134.157.37.9 | 302 Found | 284 B |
URL User Request GET HTTP/1.1IP134.157.37.9:80
File typeHTML document, ASCII text Hash85c75f0095ccda47d1c50342f39282cf 9e0d07daf4f739e6436a52e035b5b9f2e1a0dc37 07311edea171ad0e329a841b360c8def5298a8e14f42a8a8e6636b1ab517718a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: 134.157.37.9
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 18 Apr 2024 09:01:17 GMT
Server: Apache
Location: https://webmail.insp.upmc.fr/login.php
Content-Length: 284
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| geant.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
IP172.64.149.23:0
Hashbe987060da98eab9b4c752b3bf75f114 8f18bbb35dd4758fe28d52aeda7fdcde8a073ac9 79a0ff4374b63740e7861829f27f1dc6e3d53bcd95f882f08e9ff53bdeaf7a2b
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 00:42:41 GMT
Expires: Tue, 23 Apr 2024 00:42:40 GMT
Etag: "8f18bbb35dd4758fe28d52aeda7fdcde8a073ac9"
Cache-Control: max-age=401482,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8763782a7bb30b02-OSL
|
|
| webmail.insp.upmc.fr/login.php | 134.157.37.9 | 200 OK | 2.0 kB |
URL User Request GET HTTP/1.1webmail.insp.upmc.fr/login.php IP134.157.37.9:443
CertificateIssuerGEANT Vereniging Subjectwebmail.insp.upmc.fr Fingerprint2D:BA:4F:4D:9F:F7:FF:3F:AC:8C:EC:BF:27:E1:CE:92:C1:80:DE:80 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hash68e96616a8af56d63812a9ad43fac325 3601269e2b936ffa34047fe53e0c40818a564964 86c1987a3b15501844f47fbc626814345d2dcdf5188e83770c60ef6ebeb7916d
GET /login.php HTTP/1.1
Host: webmail.insp.upmc.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: Horde=9qmeap2egs9ocq6532kvqhei25; path=/; domain=webmail.insp.upmc.fr; HttpOnly
horde_secret_key=9qmeap2egs9ocq6532kvqhei25; path=/; domain=webmail.insp.upmc.fr; HttpOnly
Vary: Accept-Language,Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| webmail.insp.upmc.fr/static/1e72f736b64c97e5.css | 134.157.37.9 | 200 OK | 41 kB |
URL GET HTTP/1.1webmail.insp.upmc.fr/static/1e72f736b64c97e5.css IP134.157.37.9:443
Requested byhttps://webmail.insp.upmc.fr/login.php CertificateIssuerGEANT Vereniging Subjectwebmail.insp.upmc.fr Fingerprint2D:BA:4F:4D:9F:F7:FF:3F:AC:8C:EC:BF:27:E1:CE:92:C1:80:DE:80 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash7a9eeea4969be5a74b4cebbdd0900ff4 c7169505fef7bcdfc659ee39f28f10e1c356046d 3f88c58cd86ac75f1c15708a86774002dae10e88101e82d26bb6f62afedd8643
GET /static/1e72f736b64c97e5.css HTTP/1.1
Host: webmail.insp.upmc.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.insp.upmc.fr/login.php
Cookie: Horde=9qmeap2egs9ocq6532kvqhei25; horde_secret_key=9qmeap2egs9ocq6532kvqhei25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Server: Apache
Last-Modified: Thu, 18 Apr 2024 07:18:09 GMT
ETag: "15d4e-61659c5f13d32-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 41095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| webmail.insp.upmc.fr/themes/default/graphics/INSP_moyen.png | 134.157.37.9 | 200 OK | 21 kB |
URL GET HTTP/1.1webmail.insp.upmc.fr/themes/default/graphics/INSP_moyen.png IP134.157.37.9:443
Requested byhttps://webmail.insp.upmc.fr/login.php CertificateIssuerGEANT Vereniging Subjectwebmail.insp.upmc.fr Fingerprint2D:BA:4F:4D:9F:F7:FF:3F:AC:8C:EC:BF:27:E1:CE:92:C1:80:DE:80 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typePNG image data, 184 x 172, 8-bit/color RGBA, non-interlaced Hash4f0f7b0dcae45208b91e425919e458d3 cdeb96dced910df16a89adb1b143153e3c8c2878 cc95a7f99a92757b83931d6df8178a6c1790d8ca79e904557f13d4957c795cc0
GET /themes/default/graphics/INSP_moyen.png HTTP/1.1
Host: webmail.insp.upmc.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.insp.upmc.fr/login.php
Cookie: Horde=9qmeap2egs9ocq6532kvqhei25; horde_secret_key=9qmeap2egs9ocq6532kvqhei25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Server: Apache
Last-Modified: Mon, 12 Feb 2018 14:57:35 GMT
ETag: "520a-565051934d973"
Accept-Ranges: bytes
Content-Length: 21002
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| webmail.insp.upmc.fr/static/51b3482d550f971c.js | 134.157.37.9 | 200 OK | 1.9 kB |
URL GET HTTP/1.1webmail.insp.upmc.fr/static/51b3482d550f971c.js IP134.157.37.9:443
Requested byhttps://webmail.insp.upmc.fr/login.php CertificateIssuerGEANT Vereniging Subjectwebmail.insp.upmc.fr Fingerprint2D:BA:4F:4D:9F:F7:FF:3F:AC:8C:EC:BF:27:E1:CE:92:C1:80:DE:80 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hash6bd55cb683136e84cf2775d71baffc5e 802bdaa7b1dbbf0cf0b90a9f7bfc9b551a0ad582 831ac0d33c75760a5ae30017188416b46c8be04d870fe4589daecb2008ce9387
GET /static/51b3482d550f971c.js HTTP/1.1
Host: webmail.insp.upmc.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.insp.upmc.fr/login.php
Cookie: Horde=9qmeap2egs9ocq6532kvqhei25; horde_secret_key=9qmeap2egs9ocq6532kvqhei25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Server: Apache
Last-Modified: Tue, 16 Apr 2024 20:07:13 GMT
ETag: "16a1-6163c48af8027-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 1863
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| webmail.insp.upmc.fr/static/a5d85d896118b223.js | 134.157.37.9 | 200 OK | 48 kB |
URL GET HTTP/1.1webmail.insp.upmc.fr/static/a5d85d896118b223.js IP134.157.37.9:443
Requested byhttps://webmail.insp.upmc.fr/login.php CertificateIssuerGEANT Vereniging Subjectwebmail.insp.upmc.fr Fingerprint2D:BA:4F:4D:9F:F7:FF:3F:AC:8C:EC:BF:27:E1:CE:92:C1:80:DE:80 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash4c15be5fe9ab13865ebf04fb3e451f82 bab94952c4e4926771ea081c90b106c5c4b80fdc 26750c02aa2eeeb130fc8098a3bfa83a72caadee172c6fd01c68950443d895a3
GET /static/a5d85d896118b223.js HTTP/1.1
Host: webmail.insp.upmc.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.insp.upmc.fr/login.php
Cookie: Horde=9qmeap2egs9ocq6532kvqhei25; horde_secret_key=9qmeap2egs9ocq6532kvqhei25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Server: Apache
Last-Modified: Tue, 16 Apr 2024 20:04:23 GMT
ETag: "32602-6163c3e89886f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Length: 48119
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| webmail.insp.upmc.fr/themes/default/graphics/favicon.ico | 134.157.37.9 | 200 OK | 918 B |
URL GET HTTP/1.1webmail.insp.upmc.fr/themes/default/graphics/favicon.ico IP134.157.37.9:443
Requested byhttps://webmail.insp.upmc.fr/login.php CertificateIssuerGEANT Vereniging Subjectwebmail.insp.upmc.fr Fingerprint2D:BA:4F:4D:9F:F7:FF:3F:AC:8C:EC:BF:27:E1:CE:92:C1:80:DE:80 ValidityTue, 16 Apr 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced Hash75dcccb46e1574cc49df4ea02ca2a1d5 51c77ff26218bee6a8302fcc9ca9999369f6146b 1d2369a3986f4a0f1853c0e700a45e42e2d5901f8b1f6219005ec6e94e7f7b55
GET /themes/default/graphics/favicon.ico HTTP/1.1
Host: webmail.insp.upmc.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webmail.insp.upmc.fr/login.php
Cookie: Horde=9qmeap2egs9ocq6532kvqhei25; horde_secret_key=9qmeap2egs9ocq6532kvqhei25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:18 GMT
Server: Apache
Last-Modified: Thu, 01 Oct 2020 13:51:29 GMT
ETag: "396-5b09c501fe3c0"
Accept-Ranges: bytes
Content-Length: 918
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
|
|