| cz17443.tw1.ru/assets/images/top-header-left.png | 185.114.247.232 | 200 OK | 7.8 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/top-header-left.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 582 x 46, 8-bit/color RGBA, non-interlaced Hash05d0bcebf3df7ee2a73dee6cded8748c 3a2063b7ea5f324dfba774b9cf2671480f387fd3 004c0d90d64d9266498f39a020a0a6fe4110b94f8447daea5b1373d3e7934aad
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/top-header-left.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 7766
last-modified: Sun, 21 Apr 2024 13:30:01 GMT
etag: "662514d9-1e56"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/top-header-left2.png | 185.114.247.232 | 200 OK | 1.4 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/top-header-left2.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 83 x 41, 8-bit/color RGB, non-interlaced Hash6c8bd7116fa86f2ae3c0180d903925ef bf8ddfd792a103dc6d5aacd11e9d903072684c70 c96109fef3e6ae0c4dffe3fcc9026352c44a2147b9fd2c4d6e08d32cdcf2641f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/top-header-left2.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 1402
last-modified: Sun, 21 Apr 2024 13:29:58 GMT
etag: "662514d6-57a"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/top-header-right.png | 185.114.247.232 | 200 OK | 3.2 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/top-header-right.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 165 x 12, 8-bit/color RGBA, non-interlaced Hasha807d65c0c9d3f695f10e08980bc1b51 e1fa5b9f089087d9b0c94dfc1557d6de22fb6b8e 5b6cd7b81854519965959d1549226e565a77de441a694df48579868348513d21
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/top-header-right.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 3223
last-modified: Sun, 21 Apr 2024 13:29:54 GMT
etag: "662514d2-c97"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/header-left.png | 185.114.247.232 | 200 OK | 14 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/header-left.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 481 x 70, 8-bit/color RGBA, non-interlaced Hash7d9605f1532c3522c8bcbb0f29365c33 01d4c9d444aa4f64223febe842a7d1d371215dd1 c83e6ec9b5ceece6db819192b3f6f877fc64296b1ed27ec5b53cc5c4d86f8ab4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/header-left.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 13753
last-modified: Sun, 21 Apr 2024 13:30:02 GMT
etag: "662514da-35b9"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/logo.png | 185.114.247.232 | 200 OK | 6.4 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/logo.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced Hash25722a7e1f0c794ae8b299897c61a03b 8657666cb41fd8fcd3e0202bb9c3327fba3f837f f0f02c834c71eff3c9dbc749f81ea8be9c213326a6908e7b80a7da9cba637ae3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/logo.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 6360
last-modified: Sun, 21 Apr 2024 13:29:57 GMT
etag: "662514d5-18d8"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/header-right.png | 185.114.247.232 | 200 OK | 4.9 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/header-right.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 383 x 50, 8-bit/color RGBA, non-interlaced Hash2375d45e3a3f1902e9e5e3509b729ab0 611da0b1ef30ce60cb99fc53e8f4e68e2c4b89a6 dc76d1d3963947047b414b58209d235ff6e36043fe66514606a260a8c3d96cb0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/header-right.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 4864
last-modified: Sun, 21 Apr 2024 13:30:00 GMT
etag: "662514d8-1300"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/header-right2.png | 185.114.247.232 | 200 OK | 4.9 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/header-right2.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 503 x 50, 8-bit/color RGB, non-interlaced Hash9252aa94fff77064c1ff6bcc5b7398dd b4ff8e78716f29cccb54b70906794a44fd7a1a21 37a288f0c7a73fecda634b2262ba8d7c23953e2268aa9a6dabc21955b5a174e9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/header-right2.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 4897
last-modified: Sun, 21 Apr 2024 13:29:54 GMT
etag: "662514d2-1321"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/header-right3.png | 185.114.247.232 | 200 OK | 1.2 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/header-right3.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 228 x 50, 8-bit/color RGB, non-interlaced Hashf2766a53f341aa32b32efef5152cb92b 472e5b58d6f177a1dae8c272b209aa0a4c7c2731 f209ec1d94d89a8fa9cdadffa82ac9f6bb696687d21caaf0a15007199fdbcbfc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/header-right3.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 1187
last-modified: Sun, 21 Apr 2024 13:29:53 GMT
etag: "662514d1-4a3"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/footer.png | 185.114.247.232 | 200 OK | 53 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/footer.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 907 x 595, 8-bit/color RGBA, non-interlaced Hashf96a98795792fd92b817f70089d30c31 b2ca6b578360c9f67c6af13a25568ac31fb08f7b 5bb399100f821a7bada7a8faa36de1e64dd19bcde8854eb9980b5b07cb74de1c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/footer.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 53035
last-modified: Sun, 21 Apr 2024 13:29:58 GMT
etag: "662514d6-cf2b"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/fonts/secure-asterisk.woff | 185.114.247.232 | 200 OK | 3.2 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/fonts/secure-asterisk.woff IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeWeb Open Font Format, TrueType, length 3176, version 0.0 Hash374b020a914ea198d75d783535440a81 2dd183915d84f1a8deee4fdb1091af1cd2989e25 cc0b81d5e663b8abed0d6035739f40950ae99bcabb9a88f1e92eb910ae769cea
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/fonts/secure-asterisk.woff HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/assets/css/fonts.css
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: application/font-woff
content-length: 3176
last-modified: Sun, 21 Apr 2024 13:30:20 GMT
etag: "662514ec-c68"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/content.png | 185.114.247.232 | 200 OK | 462 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/content.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 939 x 2166, 8-bit/color RGBA, non-interlaced Size462 kB (461751 bytes) Hasha163946bb2c40cfce6b8eb1f7c5a4f63 77405f7e4c20b1e6088ec70c468edacda7638aac 8f7220fde4861e61d5d1f84538771bf385a161f5889476028a61341ac01875d0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/content.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/assets/css/main.css
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 461751
last-modified: Sun, 21 Apr 2024 13:29:57 GMT
etag: "662514d5-70bb7"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/images/favicon.png | 185.114.247.232 | 200 OK | 2.8 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/images/favicon.png IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash95148d7f825922493ef706dd98457ff4 a0a5b1c2f52bb002000a04de5aa74d8ed25fc703 c78d2b529472912245060a36f2393b664716b51511b6bdcfa385fba224ba3811
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/images/favicon.png HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: image/png
content-length: 2817
last-modified: Sun, 21 Apr 2024 13:29:56 GMT
etag: "662514d4-b01"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/js/popper.min.js | 185.114.247.232 | 200 OK | 16 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/js/popper.min.js IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hashc93d0ef11c127aa00587ad2642fc9f29 dd054b2bb028607aa901ea5e9d33a154a43a2c59 5476c66e33b3e2bcdd1174f1d16a9ec8f7c2abbb96483da5783ca0602b6a4a63
GET /assets/js/popper.min.js HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: application/x-javascript
last-modified: Sun, 21 Apr 2024 13:30:07 GMT
vary: Accept-Encoding
etag: W/"662514df-4f74"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/js/main.js | 185.114.247.232 | 200 OK | 8.2 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/js/main.js IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typegzip compressed data, from Unix Hashd4862c7edd0cd9836134a77cdce56433 73786f3f6604248e3446df4035892dea8b3f1340 f4179da84ea100a6979cfcfe1e99e436e0b87a15c4f4dbf6c5e001157dfd0951
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code |
GET /assets/js/main.js HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: application/x-javascript
last-modified: Sun, 21 Apr 2024 13:30:06 GMT
vary: Accept-Encoding
etag: W/"662514de-77c"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/css/helpers.css | 185.114.247.232 | 200 OK | 42 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/css/helpers.css IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (41750), with CRLF line terminators Hashfd877f138d23d5a790645eb95167aec3 ee2f01ca01c5f7e6f674ad79a9fea30f78a66f2c f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/css/helpers.css HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: text/css
last-modified: Sun, 21 Apr 2024 13:29:50 GMT
vary: Accept-Encoding
etag: W/"662514ce-a318"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/js/jquery.min.js | 185.114.247.232 | 200 OK | 88 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/js/jquery.min.js IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeJavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators Hash2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/js/jquery.min.js HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: application/x-javascript
last-modified: Sun, 21 Apr 2024 13:30:06 GMT
vary: Accept-Encoding
etag: W/"662514de-15851"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/css/bootstrap.min.css | 185.114.247.232 | 200 OK | 156 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/css/bootstrap.min.css IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (65324) Size156 kB (155758 bytes) Hasha15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: text/css
last-modified: Sun, 21 Apr 2024 13:29:50 GMT
vary: Accept-Encoding
etag: W/"662514ce-2606e"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/js/fontawesome.min.js | 185.114.247.232 | 200 OK | 1.1 MB |
URL GET HTTP/2cz17443.tw1.ru/assets/js/fontawesome.min.js IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
Size1.1 MB (1061198 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/js/fontawesome.min.js HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: application/x-javascript
last-modified: Sun, 21 Apr 2024 13:30:09 GMT
vary: Accept-Encoding
etag: W/"662514e1-10314e"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/js/bootstrap.min.js | 185.114.247.232 | 200 OK | 136 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/js/bootstrap.min.js IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeJavaScript source, ASCII text, with very long lines (328), with CRLF, CR line terminators Size136 kB (136072 bytes) Hash5e7d168ed3203dab385e83f97f98f725 6d19a7d83a87b427f2fc5ced2c0e86c92f58a142 2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: application/x-javascript
last-modified: Sun, 21 Apr 2024 13:30:07 GMT
vary: Accept-Encoding
etag: W/"662514df-21388"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/login/login.php | 185.114.247.232 | 200 OK | 10 kB |
URL User Request GET HTTP/2cz17443.tw1.ru/login/login.php IP185.114.247.232:443
CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | La Banque postale |
GET /login/login.php HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/css/fonts.css | 185.114.247.232 | 200 OK | 1.8 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/css/fonts.css IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (1817), with no line terminators Hasha96ab3b78425633d0dbf2f0285ccc550 8183b1c4e80de616c4fa96a32478d993b3e1ade6 4df52e83e87903f23044e3ceaf236659081ecad258807cfed440b0f93ff70c47
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/css/fonts.css HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: text/css
last-modified: Sun, 21 Apr 2024 13:29:51 GMT
vary: Accept-Encoding
etag: W/"662514cf-6d7"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cz17443.tw1.ru/assets/css/main.css | 185.114.247.232 | 200 OK | 7.0 kB |
URL GET HTTP/2cz17443.tw1.ru/assets/css/main.css IP185.114.247.232:443
Requested byhttps://cz17443.tw1.ru/login/login.php CertificateIssuerGlobalSign nv-sa Subject*.tw1.ru FingerprintF8:4F:0D:CA:E7:A6:0A:6D:24:20:EA:9A:4A:5A:FD:93:21:2F:88:51 ValidityThu, 11 Jan 2024 13:25:41 GMT - Tue, 11 Feb 2025 13:25:40 GMT
File typeASCII text, with very long lines (6977), with no line terminators Hashdd15b1c9feb20af2bfb80065dc24874b 7a46bbcf56f8bdc8ada3b9da5e7623c1b319b422 6bca7e062245492adc3f218a54392c572401f5fb617fb35ec253a8dad270f3e3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - La Banque postale |
GET /assets/css/main.css HTTP/1.1
Host: cz17443.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cz17443.tw1.ru/login/login.php
Cookie: PHPSESSID=f4b1ec5ce16abdb0890e33a45ba6e263
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 26 Apr 2024 17:30:55 GMT
content-type: text/css
last-modified: Sun, 21 Apr 2024 13:29:49 GMT
vary: Accept-Encoding
etag: W/"662514cd-1b27"
expires: Sat, 26 Apr 2025 17:30:55 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|