| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ |  206.188.192.39 | 200 OK | 116 kB |
URL User Request GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1823) Size116 kB (115911 bytes) Hash4c42b89f044453c7042695d2d1915dc6 741425e63dd246a214cdb52b7a5dc5d37f1d1227 ca9e5daffd1c3c6b081707934dda0f1d15eededb31051c67fba79d33dc9de497
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | La Banque postale | | PhishTank | phishing | Other |
GET /Labanquepostale2/fr/Certicode-Plus/ HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base-footer.min.js | 206.188.192.39 | 200 OK | 190 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base-footer.min.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1458) Size190 kB (190097 bytes) Hashf0edce255aad604ee146ff88959f5667 691fc993899ed1039002fcf90d2084f30e010e3b 461ec24b9ecae73ad02e7854eb0af764d76a7ffbde729baa41fa04f71a007fe1
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base-footer.min.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:54:15 GMT
ETag: W/"88fa8-613225626eee8"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/banquepostale.inbenta.com/jsonp/inbenta-autocomplete.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/banquepostale.inbenta.com/jsonp/inbenta-autocomplete.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/banquepostale.inbenta.com/jsonp/inbenta-autocomplete.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:12 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_4.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_4.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_4.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:12 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.js | 206.188.192.39 | 200 OK | 7.9 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1708) Hashae42e8c7de02a960164ef8441b321c5a a9e6b57dffc053569779381dfef758a2b5af6b93 751e6cbea94c05a45bfc2cbc81b1640558a0edfdd6ac500107b7868164fcbc27
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:54:14 GMT
ETag: W/"478f-613225618c9a7"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_6.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_6.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_6.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/clientlib-iadvize.min.js | 206.188.192.39 | 200 OK | 345 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/clientlib-iadvize.min.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash0cb83389e176a4bc2d657cb1b9796a54 7aaefa9d5e60c115eca0f95a5dc4f31aea62ca35 806aad512868056b5b26505bbb2d2396198c8baac280e959c2fe1858b59dda22
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/clientlib-iadvize.min.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: application/javascript
Content-Length: 345
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:15 GMT
ETag: "159-613225623f528"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_5.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_5.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_5.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.css | 206.188.192.39 | 200 OK | 74 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.css IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (880) Hash2829b8c628a76fbaa14e0a76f90ab34c ab5968d1767eb4fe85db06eb34c551920f6eeedb c69c08a32c52f59ffef5607663cc3b806e8bf3a1c4c98b887430ad2285d28635
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.css HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:54:11 GMT
ETag: W/"63f3d-6132255ef5846"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/achat-vente-occasion/achat-vente-picto.jpg | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/achat-vente-occasion/achat-vente-picto.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/achat-vente-occasion/achat-vente-picto.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/tablette/Interstitiel_tablette.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/tablette/Interstitiel_tablette.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/tablette/Interstitiel_tablette.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/municipales-2020.jpg | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/municipales-2020.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/municipales-2020.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/close.jpg | 206.188.192.39 | 200 OK | 1.5 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/close.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 18x17, components 3 Hashaaccb4028c1487a50f42f96a8ed8ca71 e1921724874068af31e4b40ae0c7f479fdbc959c 8f4723dabbc7e614ac49a79544f72e3ef67acbe3530809b8c0feca3e3927be6f
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/close.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: image/jpeg
Content-Length: 1461
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:31 GMT
ETag: "5b5-6132257184bca"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-windows.png | 206.188.192.39 | 200 OK | 6.3 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-windows.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typePNG image data, 310 x 91, 8-bit/color RGBA, non-interlaced Hash9887f88bde4ea7a37358d5142ace04db e3f4b1e027a8cd6b536dc1bde41f6653c89c8de1 89ef0383ca4523cbac45fe1203a10f4fd83138015e91e86680c2a1d2d15d5e09
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-windows.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: image/png
Content-Length: 6345
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:35 GMT
ETag: "18c9-6132257536c90"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/logo-lbp.png | 206.188.192.39 | 200 OK | 4.8 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/logo-lbp.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typePNG image data, 140 x 140, 8-bit colormap, non-interlaced Hashd319def83abb4b0868a2c6cae43ccca3 15a7ec3b9fca0c16aae0d39053bb340e7885f200 6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/logo-lbp.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: image/png
Content-Length: 4818
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:44 GMT
ETag: "12d2-6132257de4381"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_4.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_4.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_4.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/tel-3639.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/tel-3639.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/tel-3639.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/loader.svg | 206.188.192.39 | 200 OK | 735 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/loader.svg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashae288b0f3be3c78cb580d9961a07699b 36e56e6bd5122559bcacf65b6041d7e4053ba424 e82a16b354398501c46036cab262369b7868839e751d53d80e58a032ce5ab701
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/loader.svg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: image/svg+xml
Content-Length: 735
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:35 GMT
ETag: "2df-613225756cfcf"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Pictos/Assurance_Prev/43_sante.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Pictos/Assurance_Prev/43_sante.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Pictos/Assurance_Prev/43_sante.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-android.png | 206.188.192.39 | 200 OK | 12 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-android.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typePNG image data, 310 x 91, 8-bit/color RGBA, non-interlaced Hash760e212125b4ba47678fdfe132bf758f d7e6f00af2a1bac11dcdd634ab64a4b21fac872b 89770d6bb0c7f868fc89cb4a3f498e26dbdc4224c533d1ad3e5275e0856be5fc
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-android.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: image/png
Content-Length: 11936
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:34 GMT
ETag: "2ea0-6132257471860"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/banquepostale.inbenta.com/jsonp/inbenta-autocomplete.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/banquepostale.inbenta.com/jsonp/inbenta-autocomplete.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/banquepostale.inbenta.com/jsonp/inbenta-autocomplete.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-ios.png | 206.188.192.39 | 200 OK | 8.6 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-ios.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typePNG image data, 310 x 91, 8-bit/color RGBA, non-interlaced Hashff6f443dec165d98cce21be0968d76f3 83b3ba54a0d093afeac60079503c2a68e1cb17d0 ad870bae449ef6b31ff821d333b78ae01783d988b94b60e8c11c81844dd882a1
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/images/lbp-app-ios.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: image/png
Content-Length: 8586
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:34 GMT
ETag: "218a-6132257490472"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/Smartphone/Interstitiel_stmarphone.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/Smartphone/Interstitiel_stmarphone.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/Smartphone/Interstitiel_stmarphone.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:40 GMT
expires: Fri, 02 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 225693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22504, version 1.0 Hash1c6c65523675abc6fcd78e804325bd77 898d9808304dc157f5dcb18ca169ec6e2b96b3d7 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:33:07 GMT
expires: Fri, 02 May 2025 02:33:07 GMT
cache-control: public, max-age=31536000
age: 266286
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23236, version 1.0 Hash716309aab2bca045f9627f63ad79d0bf 38804233a29aaf975d557fe14e762c627bef76e0 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:03:34 GMT
expires: Fri, 02 May 2025 22:03:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
age: 196059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 | 216.58.207.227 | 200 OK | 18 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 IP216.58.207.227:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 17728, version 1.0 Hash9d09d1df90538b11770ec5f593b6d792 6e117eeeda54f443063becf094332b362e19abb8 a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
GET /s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:32:02 GMT
expires: Sat, 03 May 2025 07:32:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:28 GMT
content-type: font/woff2
age: 161951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/tel-3639.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/tel-3639.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/tel-3639.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/tablette/Interstitiel_tablette.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/tablette/Interstitiel_tablette.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/tablette/Interstitiel_tablette.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:55:21 GMT
expires: Sat, 03 May 2025 01:55:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 182152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Pictos/Assurance_Prev/43_sante.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Pictos/Assurance_Prev/43_sante.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Pictos/Assurance_Prev/43_sante.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| halc.iadvize.com/iadvize.js?sid=4219&tpl=labanquepostale.nb&lang=fr&tpl=laposte2&lang=fr | 54.230.111.87 | 302 Found | 128 B |
URL GET HTTP/2halc.iadvize.com/iadvize.js?sid=4219&tpl=labanquepostale.nb&lang=fr&tpl=laposte2&lang=fr IP54.230.111.87:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com FingerprintEB:81:E7:EA:EC:F0:9B:07:B5:1B:70:1B:DE:BA:CC:C0:28:E7:F3:B4 ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text Hasheb65393d88295725a86ede76d53deaf6 4f9d91afc07c6510048ae5c0a01a71a98a9fedb8 dbd13db7de9521203ce5b64da91c81802fd05fc08dd67bc3533e00701f50ee77
GET /iadvize.js?sid=4219&tpl=labanquepostale.nb&lang=fr&tpl=laposte2&lang=fr HTTP/1.1
Host: halc.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 128
location: https://halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/live.js
date: Sun, 05 May 2024 04:30:20 GMT
access-control-allow-origin: *
cache-control: public, max-age=60
content-encoding: gzip
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: 347b56f0-ae82-61ef-40bd-036c8c839287
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JBMXvK5YRxRLTIPO3vucs7hJr3mA3tymMW8fAn1MRtHndfUC43PcBg==
age: 53
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php | 206.188.192.39 | 200 OK | 1.6 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (445) Hashc0fe7d1038b8305be25effdaf0b8a9eb 1233b3c32de0537d067fc223d4d8937e125b6338 03fee86b25b998b4fe13b3215403af8a41f6b2f9d249ad5ad27f2c46a96c303e
GET /Labanquepostale2/fr/Certicode-Plus/new.php HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b; path=/
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_5.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_5.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_5.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_6.js | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_6.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/cdn.tagcommander.com/2623/tc_LaBanquePostale_6.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/icomoon-library/icons2194.ttf?9h9ppi | 206.188.192.39 | 200 OK | 34 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/icomoon-library/icons2194.ttf?9h9ppi IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icons Hash28d39db36270fbba760c400517791fdc faedf0f09824f436010a0e9772bc98eee9667e1a eeaf9e9e84b69299e5cf608c81b91da54d286e556e9a87feccaddedd9ba7ce93
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/icomoon-library/icons2194.ttf?9h9ppi HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: font/ttf
Content-Length: 34296
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:25 GMT
ETag: "85f8-6132256b8f1ed"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/achat-vente-occasion/achat-vente-picto.jpg | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/achat-vente-occasion/achat-vente-picto.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/achat-vente-occasion/achat-vente-picto.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/municipales-2020.jpg | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/municipales-2020.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/mbp/actus/municipales-2020.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/commerciale/mea-hp-740x430-fdc-16-17ans-min.jpg | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/commerciale/mea-hp-740x430-fdc-16-17ans-min.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/commerciale/mea-hp-740x430-fdc-16-17ans-min.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Jeunes/tuiles-home/moment-de-vie/LBP-TalentBooster-MDV-gestion-budget.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Jeunes/tuiles-home/moment-de-vie/LBP-TalentBooster-MDV-gestion-budget.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Jeunes/tuiles-home/moment-de-vie/LBP-TalentBooster-MDV-gestion-budget.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| halc.iadvize.com/api/website/4219/visitor-context | 54.230.111.87 | 200 OK | 0 B |
URL POST HTTP/2halc.iadvize.com/api/website/4219/visitor-context IP54.230.111.87:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com FingerprintEB:81:E7:EA:EC:F0:9B:07:B5:1B:70:1B:DE:BA:CC:C0:28:E7:F3:B4 ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/website/4219/visitor-context HTTP/1.1
Host: halc.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://10949ec.wcomhost.com/
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sun, 05 May 2024 04:31:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://10949ec.wcomhost.com
access-control-max-age: 3600
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
trace-id: 4c9c50c3e083bc45
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3RBOWH2MFPFeos7ablIqXKqYw-s2LBdHALtbQJnbP9YLxQ_tkEo0lA==
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/commerciale/mea-hp-740x430-virement-instantane.jpg | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/commerciale/mea-hp-740x430-virement-instantane.jpg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/content/dam/refonte_Particulier/Home/new-homepage/commerciale/mea-hp-740x430-virement-instantane.jpg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base-edito-fonts/resources/svg/icon-interface-chevron-right.svg | 206.188.192.39 | 200 OK | 532 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base-edito-fonts/resources/svg/icon-interface-chevron-right.svg IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash1cefae9b6b7f8e1230ef5397b98bd967 50c8ba47ffae952466f9473762efff49bde4611e f8052c1e636a20c497b9ecd24da83c9f1e6ee556c72e285f8d99211cc4f77697
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base-edito-fonts/resources/svg/icon-interface-chevron-right.svg HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/particuliers/clientlibs/base.min.css
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: image/svg+xml
Content-Length: 532
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:47 GMT
ETag: "214-61322580f4a21"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| halc.iadvize.com/api/website/4219/visitor-context | 54.230.111.87 | 200 OK | 415 B |
URL POST HTTP/2halc.iadvize.com/api/website/4219/visitor-context IP54.230.111.87:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com FingerprintEB:81:E7:EA:EC:F0:9B:07:B5:1B:70:1B:DE:BA:CC:C0:28:E7:F3:B4 ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
Hashaec317eef8af98b33e7f66d9943945a8 edf7b8eabb078237180a2a9dc95eb9868d73fcc2 01433724e5b28aee7c649d39a74d1e91d77763af4ae05fd9fac807144875c461
POST /api/website/4219/visitor-context HTTP/1.1
Host: halc.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 575
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 415
date: Sun, 05 May 2024 04:31:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://10949ec.wcomhost.com
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
trace-id: c7d8d4742383aead
vary: Origin,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ILzKQqaJKQBzIFMpjMFedESlHIH80VF30M2JQyER2f25Toz_YS7eMw==
X-Firefox-Spdy: h2
|
|
| halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/live.js | 54.230.111.87 | 200 OK | 12 kB |
URL GET HTTP/2halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/live.js IP54.230.111.87:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com FingerprintEB:81:E7:EA:EC:F0:9B:07:B5:1B:70:1B:DE:BA:CC:C0:28:E7:F3:B4 ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42767) Hash39aab43c296647e25b43eb80c561a3df f780a070f415ccc5c81cb36e6afd1c3610608e5c 9907faa51a89c4a44eeeafe288b67719f59d97ca9cf4acea49a3071ed34f9fc4
GET /static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/live.js HTTP/1.1
Host: halc.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 30 Apr 2024 12:14:48 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-encoding: gzip
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: W/"a377076683192ffe491832729f9f5215"
last-modified: Mon, 29 Apr 2024 09:22:40 GMT
server: 47f88dcd-2e5c-0636-3a62-805212ee0faa, AmazonS3
strict-transport-security: max-age=31536000;
x-amz-server-side-encryption: AES256
x-amz-version-id: g6tGcISL8yBebnXDyul7kQCaIZs_hqkz
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Tv75KrJuipPPRfHLAD14wCop3M3lmIlJdqqFAq1kZZF1wE0C1ZPxw==
age: 404186
X-Firefox-Spdy: h2
|
|
| d1typd0v0mfr0u.cloudfront.net/1938/1938.js | 143.204.42.4 | 200 OK | 767 B |
URL GET HTTP/2d1typd0v0mfr0u.cloudfront.net/1938/1938.js IP143.204.42.4:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (765), with CRLF line terminators Hash7fb9e3e76b8c96eb45acb57f7e33ba96 b1d3a299478aece5aa93386d261c6898f7f434dd 5836c6addcdd6c6da27ad10f93564a2789bee3e685ced4808530da6487a8b18b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /1938/1938.js HTTP/1.1
Host: d1typd0v0mfr0u.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 767
date: Sun, 05 May 2024 00:49:10 GMT
last-modified: Mon, 06 May 2019 08:42:20 GMT
etag: "7fb9e3e76b8c96eb45acb57f7e33ba96"
x-amz-meta-s3b-last-modified: 20190506T083825Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TeR_3zWk21eUYRt2CUhFjdQ5H8z-rMcTHNP3ZWZ-5rXSgYm41vC6rA==
age: 13325
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/js/val_keypad_cvvs-commun-unifie.js | 206.188.192.39 | 200 OK | 3.9 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/js/val_keypad_cvvs-commun-unifie.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (385) Hashc3bcd9b8a5f8c28e1c59d399dec18605 3ec8d8c27fd4d10b08e04b6fd06f399b99a46b5e 26ac457637b6e883ca410bef71797ad78df8ab692fd4a42eebc2cf35326d4de5
GET /Labanquepostale2/fr/Certicode-Plus/js/val_keypad_cvvs-commun-unifie.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:53:45 GMT
ETag: W/"2fd8-61322545956fa"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| d1typd0v0mfr0u.cloudfront.net/1936/1936.js | 143.204.42.4 | 200 OK | 765 B |
URL GET HTTP/2d1typd0v0mfr0u.cloudfront.net/1936/1936.js IP143.204.42.4:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (765), with no line terminators Hashfb743cce3748b908b989eec5c9e7bc90 a3cf681eeb49a09d7960b36eaaab4a91e79d4d86 288b772c3851a06d7236acf82f278ad51da64dff9fc6dc06c972516fae39d98b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /1936/1936.js HTTP/1.1
Host: d1typd0v0mfr0u.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 765
last-modified: Mon, 15 Apr 2019 14:22:28 GMT
x-amz-meta-s3b-last-modified: 20190415T142202Z
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 03:14:01 GMT
etag: "fb743cce3748b908b989eec5c9e7bc90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hQSDgQh-9MExs_q1G8PiNQlvEm4KHO9EhplQkcFZJV0rhPw7ZD6IoA==
age: 4634
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/js/jquery-1.7.2.min.js | 206.188.192.39 | 200 OK | 39 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/js/jquery-1.7.2.min.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashb8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
GET /Labanquepostale2/fr/Certicode-Plus/js/jquery-1.7.2.min.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:53:44 GMT
ETag: W/"17278-61322544d1a2b"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| d1typd0v0mfr0u.cloudfront.net/1928/1928.js | 143.204.42.4 | 200 OK | 771 B |
URL GET HTTP/2d1typd0v0mfr0u.cloudfront.net/1928/1928.js IP143.204.42.4:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (509) Hasha2637b70441909b18037e57fa9889054 a934ef5dcdb1bba73646354db8ddbd7d7c6e40e5 c11d68f4a06808e2fa28fd43c648b16865253b8235117b26f04f471d3ab8b5a3
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /1928/1928.js HTTP/1.1
Host: d1typd0v0mfr0u.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 771
date: Sat, 04 May 2024 10:01:19 GMT
last-modified: Tue, 15 Jan 2019 14:00:44 GMT
etag: "a2637b70441909b18037e57fa9889054"
x-amz-meta-s3cmd-attrs: atime:1546860134/ctime:1547560798/gid:100/gname:users/md5:a2637b70441909b18037e57fa9889054/mode:33188/mtime:1547560798/uid:1000/uname:pgu
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gc2UueewhWLzxrqRLM0Kb6a3q_ViYPQggpxQIdI3s_S5IeGDsr0JFA==
age: 66596
X-Firefox-Spdy: h2
|
|
| d1typd0v0mfr0u.cloudfront.net/1929/1929.js | 143.204.42.4 | 200 OK | 771 B |
URL GET HTTP/2d1typd0v0mfr0u.cloudfront.net/1929/1929.js IP143.204.42.4:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (509) Hash3f25bf0a82b68e1c76f694c5a4d7e5b3 3a17a172c379a5cb302bc15b05a01bca516160b6 48d78a43e9bf99db5daedb39e7b9b06d5358d470bdb45cc6bfd98afad3ac8c83
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /1929/1929.js HTTP/1.1
Host: d1typd0v0mfr0u.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 771
last-modified: Tue, 15 Jan 2019 14:00:53 GMT
x-amz-meta-s3cmd-attrs: atime:1546860135/ctime:1547560784/gid:100/gname:users/md5:3f25bf0a82b68e1c76f694c5a4d7e5b3/mode:33188/mtime:1547560784/uid:1000/uname:pgu
accept-ranges: bytes
server: AmazonS3
date: Sun, 05 May 2024 03:14:01 GMT
etag: "3f25bf0a82b68e1c76f694c5a4d7e5b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Symb6GW9vkitNWX-qCOEbT9UMrNFP-Jc1PcogmUzFJ4RM7EuY4Fm7A==
age: 4634
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/js/val_keypad_cvvs-unifie.js | 206.188.192.39 | 200 OK | 2.5 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/js/val_keypad_cvvs-unifie.js IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (750) Hash02b62b6ed971692c3444220e7ed946db c788e957858a1edee465d5b07d60ccd39d43178f 8646606c95edd17842c81e1740c5d5b82ce0db9d85cee289e7f9f8b4f949ba34
GET /Labanquepostale2/fr/Certicode-Plus/js/val_keypad_cvvs-unifie.js HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:53:45 GMT
ETag: W/"1c31-613225460fff9"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| d1typd0v0mfr0u.cloudfront.net/1939/1939.js | 143.204.42.4 | 200 OK | 767 B |
URL GET HTTP/2d1typd0v0mfr0u.cloudfront.net/1939/1939.js IP143.204.42.4:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (765), with CRLF line terminators Hash7f1b1683addd00645575108c2474a084 edd8c440efccf1c128fbf10c33338e967ec732ca 4eb2f691ae5082b2c44254d6b9111e7838b9737851429b4d54037cbdb176bea7
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /1939/1939.js HTTP/1.1
Host: d1typd0v0mfr0u.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 767
last-modified: Mon, 06 May 2019 08:57:20 GMT
x-amz-meta-s3b-last-modified: 20190506T085424Z
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 May 2024 10:58:03 GMT
etag: "7f1b1683addd00645575108c2474a084"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z38EBV1Ato-ceMEn7AyMHJv_sAf94T47xlfb60WOS6funXptxCzfog==
age: 63192
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/favicon.png | 206.188.192.39 | 200 OK | 2.8 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/favicon.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hash95148d7f825922493ef706dd98457ff4 a0a5b1c2f52bb002000a04de5aa74d8ed25fc703 c78d2b529472912245060a36f2393b664716b51511b6bdcfa385fba224ba3811
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/etc/designs/labanquepostale/commons/clientlibs/images/bp-app/favicon.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: image/png
Content-Length: 2817
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:54:43 GMT
ETag: "b01-6132257d45c51"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/debugLauncher.chunk.js | 54.230.111.87 | 200 OK | 3.0 kB |
URL GET HTTP/2halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/debugLauncher.chunk.js IP54.230.111.87:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com FingerprintEB:81:E7:EA:EC:F0:9B:07:B5:1B:70:1B:DE:BA:CC:C0:28:E7:F3:B4 ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
Hash323954bfc4c74b6b61deb07077c1ccb1 ae37f9b9a2604c228b6d614ba1929617f5ea7c1b ed00d9e9a1f004e2271b9a5574c57870fe786c388af8ad6b12ea45aeb8c2a810
GET /static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/debugLauncher.chunk.js HTTP/1.1
Host: halc.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 30 Apr 2024 12:14:48 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-encoding: gzip
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: W/"7066dd4c14fb3f7c62735238e265d7e8"
last-modified: Mon, 29 Apr 2024 09:22:40 GMT
server: d839afa6-c29d-ee83-66ad-0cbdb049691f, AmazonS3
strict-transport-security: max-age=31536000;
x-amz-server-side-encryption: AES256
x-amz-version-id: BX18q.M1VIjAAsXsSPAf7N6MhinuIpke
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hnzMA7aRnb32LyRlsvYJSBscMCFY6deAForehtu7Y8i4bvkZCBQ73g==
age: 404186
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash430ef7693fe74bccefd408a2e567894f 58635ae707a26f43b6fe1eb051c831813c9df9b6 ba88af54b85096f51a13913cd2692a629ae190c3eb505d509675fc15aa77976e
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 05 May 2024 04:31:14 GMT
Last-Modified: Sun, 05 May 2024 03:52:57 GMT
Server: ECAcc (amb/6AA6)
X-Cache: Miss from cloudfront
Via: 1.1 ce6aa43c72ee1bea26f47b9ee0b4eafc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: lbUPVnHEj15XM5yDpL_IUkn2Btos_y2wuLCOtguXeUS3_72z2x6PmQ==
Age: 2297
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/css/cvs_all.css | 206.188.192.39 | 200 OK | 1.7 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/css/cvs_all.css IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash6eccbece982ab1ed1790ac88b618471b ff105197e911556bbaf0504be435082b8f316ebd ac4b179388e43f276ab7562431986e8acb819e986ca88a3b5bf70d645337a8f3
GET /Labanquepostale2/fr/Certicode-Plus/css/cvs_all.css HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:51:33 GMT
ETag: W/"1701-613224c7dd59b"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| api.iadvize.com/collector/ha/live/events |  3.124.234.186 | 204 No Content | 0 B |
URL POST HTTP/2api.iadvize.com/collector/ha/live/events IP3.124.234.186:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com Fingerprint94:85:F0:1D:C2:34:51:95:ED:1A:99:21:56:C8:BC:13:5A:7A:CF:C1 ValidityThu, 17 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /collector/ha/live/events HTTP/1.1
Host: api.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://10949ec.wcomhost.com/
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 04:31:14 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://10949ec.wcomhost.com
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
|
|
| api.iadvize.com/collector/ha/live/events | 3.124.234.186 | 204 No Content | 0 B |
URL POST HTTP/2api.iadvize.com/collector/ha/live/events IP3.124.234.186:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com Fingerprint94:85:F0:1D:C2:34:51:95:ED:1A:99:21:56:C8:BC:13:5A:7A:CF:C1 ValidityThu, 17 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collector/ha/live/events HTTP/1.1
Host: api.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 584
Origin: https://10949ec.wcomhost.com
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 May 2024 04:31:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://10949ec.wcomhost.com
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ | 206.188.192.39 | 200 OK | 49 kB |
URL User Request GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashfad4f920ed32d4d52e6263211ff1f1fe 1899635d710350f808bcec7792fa2a40faaeae52 cd801f35158b0a05d62973719ae6dd3f3ba58ea67d0e903898ae54c5d3ef7138
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | La Banque postale | | PhishTank | phishing | Other |
GET /Labanquepostale2/fr/Certicode-Plus/ HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/img/bad.png | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/img/bad.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/img/bad.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b; iadvize-4219-vuid=0e124528a36f41a79fce8aa48a3ace413032bb4327e54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/data_img/login.png | 206.188.192.39 | 200 OK | 4.6 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/data_img/login.png IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typePNG image data, 252 x 189, 8-bit/color RGBA, non-interlaced Hashf15fa1ab7e9b92de16afd30b37b508e2 2b696bed74c16be32cc5fc6c2d78cbe6d9ff1f48 fb04604a9152cc57920f51513c860c699b2c71551334e5986b12ecc560b4ed2e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/data_img/login.png HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b; iadvize-4219-vuid=0e124528a36f41a79fce8aa48a3ace413032bb4327e54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: image/png
Content-Length: 4635
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:51:38 GMT
ETag: "121b-613224ccf54fb"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1928&cb=promoUpdate&output=js |  83.150.244.138 | 200 OK | 0 B |
URL GET HTTP/1.1tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1928&cb=promoUpdate&output=js IP83.150.244.138:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerLet's Encrypt Subject*.mmtro.com FingerprintDF:8D:81:3A:B2:3E:31:F7:A9:45:24:3F:6F:2F:88:F5:45:DE:D2:8F ValiditySat, 16 Mar 2024 13:12:26 GMT - Fri, 14 Jun 2024 13:12:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1928&cb=promoUpdate&output=js HTTP/1.1
Host: tgt.mmtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 05 May 2024 04:31:14 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="http://mmtro.com/w3c/p3p.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
expires: Wed, 23 Feb 2000 00:00:01 GMT
x-rid: 66370b926e2284a68c298c9e
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 11
server: envoy
|
|
| tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1938&cb=promoUpdate&output=js | 83.150.244.138 | 200 OK | 0 B |
URL GET HTTP/1.1tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1938&cb=promoUpdate&output=js IP83.150.244.138:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerLet's Encrypt Subject*.mmtro.com FingerprintDF:8D:81:3A:B2:3E:31:F7:A9:45:24:3F:6F:2F:88:F5:45:DE:D2:8F ValiditySat, 16 Mar 2024 13:12:26 GMT - Fri, 14 Jun 2024 13:12:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1938&cb=promoUpdate&output=js HTTP/1.1
Host: tgt.mmtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 05 May 2024 04:31:14 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="http://mmtro.com/w3c/p3p.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
expires: Wed, 23 Feb 2000 00:00:01 GMT
x-rid: 66370b921e5076ea58be5524
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 21
server: envoy
|
|
| tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1939&cb=promoUpdate&output=js | 83.150.244.138 | 200 OK | 123 B |
URL GET HTTP/1.1tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1939&cb=promoUpdate&output=js IP83.150.244.138:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerLet's Encrypt Subject*.mmtro.com FingerprintDF:8D:81:3A:B2:3E:31:F7:A9:45:24:3F:6F:2F:88:F5:45:DE:D2:8F ValiditySat, 16 Mar 2024 13:12:26 GMT - Fri, 14 Jun 2024 13:12:25 GMT
File typeASCII text, with no line terminators Hash5ee534707304552314b3c66eddc2b57b 950075116fd9c74a0d427f90cc9cd2b06d61fe30 7c7f33af26a8e7f0cb23088bae68ea9bba0e7a9a20ddbaab76198444a39c5b95
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1939&cb=promoUpdate&output=js HTTP/1.1
Host: tgt.mmtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 05 May 2024 04:31:14 GMT
content-type: text/javascript
content-length: 123
access-control-allow-origin: *
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="http://mmtro.com/w3c/p3p.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
expires: Wed, 23 Feb 2000 00:00:01 GMT
x-rid: 66370b924edfc252c8c7d0b4
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 13
server: envoy
|
|
| tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1929&cb=promoUpdate&output=js | 83.150.244.138 | 200 OK | 0 B |
URL GET HTTP/1.1tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1929&cb=promoUpdate&output=js IP83.150.244.138:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerLet's Encrypt Subject*.mmtro.com FingerprintDF:8D:81:3A:B2:3E:31:F7:A9:45:24:3F:6F:2F:88:F5:45:DE:D2:8F ValiditySat, 16 Mar 2024 13:12:26 GMT - Fri, 14 Jun 2024 13:12:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1929&cb=promoUpdate&output=js HTTP/1.1
Host: tgt.mmtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 05 May 2024 04:31:14 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="http://mmtro.com/w3c/p3p.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
expires: Wed, 23 Feb 2000 00:00:01 GMT
x-rid: 66370b927c452754ebdfa3bf
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 15
server: envoy
|
|
| tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1936&cb=promoUpdate&output=js | 83.150.244.138 | 200 OK | 119 B |
URL GET HTTP/1.1tgt.mmtro.com/t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1936&cb=promoUpdate&output=js IP83.150.244.138:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerLet's Encrypt Subject*.mmtro.com FingerprintDF:8D:81:3A:B2:3E:31:F7:A9:45:24:3F:6F:2F:88:F5:45:DE:D2:8F ValiditySat, 16 Mar 2024 13:12:26 GMT - Fri, 14 Jun 2024 13:12:25 GMT
File typeASCII text, with no line terminators Hashdbd9c90d97f5fc4c96f258c81ed000d8 eefe8497ffc6da8d27650960016ca322f015f854 90c9b2a7344d64ae34e001bac831ddebda176cb974a4d86e6214e5b74c84a40b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /t?&tagid=6550672-db22507a7e49c14c1eb9aa1ea269b70a&zid=1936&cb=promoUpdate&output=js HTTP/1.1
Host: tgt.mmtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 05 May 2024 04:31:14 GMT
content-type: text/javascript
content-length: 119
access-control-allow-origin: *
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="http://mmtro.com/w3c/p3p.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
expires: Wed, 23 Feb 2000 00:00:01 GMT
x-rid: 66370b921e5076ea58be5525
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 30
server: envoy
|
|
| www.youtube.com/s/player/7d1f7724/www-widgetapi.vflset/www-widgetapi.js | 216.58.207.206 | 200 OK | 68 kB |
URL GET HTTP/3www.youtube.com/s/player/7d1f7724/www-widgetapi.vflset/www-widgetapi.js IP216.58.207.206:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (531) Hash8080c0a634fc96ca149c690e0cc9480e e078e62210355236a2e877095e7a700158f48176 4fab1dbe30e8ff5b2b88f3175638cee6011f8c5ec952a555216436ca3045cd5b
GET /s/player/7d1f7724/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 68202
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:10:08 GMT
expires: Fri, 02 May 2025 22:10:08 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 May 2024 04:13:58 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 195666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 10949ec.wcomhost.com/content/campaigns/1939/projet-immo-defaut.html/jcr:content.html | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/content/campaigns/1939/projet-immo-defaut.html/jcr:content.html IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /content/campaigns/1939/projet-immo-defaut.html/jcr:content.html HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b; iadvize-4219-vuid=0e124528a36f41a79fce8aa48a3ace413032bb4327e54
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| 10949ec.wcomhost.com/content/campaigns/1936/famille-defaut.html/jcr:content.html | 206.188.192.39 | 404 Not Found | 575 B |
URL GET HTTP/1.110949ec.wcomhost.com/content/campaigns/1936/famille-defaut.html/jcr:content.html IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Hash4546cec9cc9f33afaa19f1e81c7278fb 1b389a6d4d910de0f991a27487f1e1cd8b1223df 54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /content/campaigns/1936/famille-defaut.html/jcr:content.html HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b; iadvize-4219-vuid=0e124528a36f41a79fce8aa48a3ace413032bb4327e54
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:15 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2011 15:41:30 GMT
ETag: "23f-4ae8f0ab47e80"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
|
|
| fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&subset=latin-ext | 142.250.74.106 | 200 OK | 5.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&subset=latin-ext IP142.250.74.106:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5932), with no line terminators Hash9fa4579f8b61d74303c4d025f5dfc3fd ade34b23d8e8bb10cdbf80b286193e6e4bf8246c 4670ccaa0c3ab7608d16cd793807fb0d4bfed7c53c71f674dc25884c6906582c
GET /css?family=Lato:300,300i,400,400i,700,700i,900,900i&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 04:31:12 GMT
date: Sun, 05 May 2024 04:31:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/images/transparent.gif | 206.188.192.39 | 200 OK | 42 B |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/images/transparent.gif IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - La Banque postale |
GET /Labanquepostale2/fr/Certicode-Plus/images/transparent.gif HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Fri, 08 Mar 2024 08:53:39 GMT
ETag: "2a-613225406c61c"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/css/cvs_portable.css | 206.188.192.39 | 200 OK | 1.0 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/css/cvs_portable.css IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (1040), with no line terminators Hash5f2856f6002467e1d6614b988d874102 3f668aa800bf557061c82fc31102a03aadbcad34 b4befe678bd6cdd518c2f826fef7c0b79e0588af7e9669ef89cfc58cd95e7e8b
GET /Labanquepostale2/fr/Certicode-Plus/css/cvs_portable.css HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/new.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9ca729ecec85b88e71e16fb4e5302a7b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:14 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 08:51:35 GMT
ETag: W/"3e9-613224c96dbef"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|
| halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/light-mode.chunk.js | 54.230.111.87 | 200 OK | 22 kB |
URL GET HTTP/2halc.iadvize.com/static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/light-mode.chunk.js IP54.230.111.87:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subject*.iadvize.com FingerprintEB:81:E7:EA:EC:F0:9B:07:B5:1B:70:1B:DE:BA:CC:C0:28:E7:F3:B4 ValidityMon, 20 Nov 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21972) Hash313bd2d39a052a6b54ac670d64f078ad efa705ead60d03c4ec0d7cdb4499f36b85c8e9b8 5d0f0a3148ec27e15cf829c0b025c8333745a405e926e18c8a88cfdf4ec21f47
GET /static/livechat/93f0806b4b49e51eac2e24d3f5563eb7ef857d6a/light-mode.chunk.js HTTP/1.1
Host: halc.iadvize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 30 Apr 2024 12:14:48 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-encoding: gzip
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: W/"313bd2d39a052a6b54ac670d64f078ad"
last-modified: Mon, 29 Apr 2024 09:22:40 GMT
server: 40f66c61-875f-2079-eb86-6463bc91fd95, AmazonS3
strict-transport-security: max-age=31536000;
x-amz-server-side-encryption: AES256
x-amz-version-id: 1xWDQByN_upMTOfz8Z01HPCCIYkd0rg4
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: efZOkRlXB8uVv9HVJQ-boXPor9HonSr1ZQ517QEzOINtitEKTFVa3A==
age: 404186
X-Firefox-Spdy: h2
|
|
| www.youtube.com/iframe_api | 216.58.207.206 | 200 OK | 1.1 kB |
URL GET HTTP/2www.youtube.com/iframe_api IP216.58.207.206:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (1087), with no line terminators Hash8de02ec997c9abaf7a3c589b8f04393b b9000cdc2bae3321d416aad9586769ceb04b5be6 e239896d7642e883ff950cd758e0cee3926103e1c73ab2caa9e47b28bbe2c7ac
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 05 May 2024 04:31:14 GMT
date: Sun, 05 May 2024 04:31:14 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=5MAWVjaCLN8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=IIKr42TBy-s; Domain=.youtube.com; Expires=Fri, 01-Nov-2024 04:31:14 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIFk%3D; Domain=.youtube.com; Expires=Fri, 01-Nov-2024 04:31:14 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.dmcdn.net/all.js | 3.164.230.11 | 200 OK | 31 kB |
IP3.164.230.11:443
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerAmazon Subjectapi.dmcdn.net FingerprintFC:6F:E9:68:F5:88:DD:1B:1A:B7:87:97:57:BE:69:6F:29:FE:F0:18 ValidityTue, 02 Apr 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (30704) Hash588ebacf7e438711e397b563c19e6483 34cd8a6c8ca149cc04f7ecf81c41c0a401edc742 e99996e87b1e8652ecd2a6a4c7b99b0d76bba09ad544b7f94837e9f4c0f2abc9
GET /all.js HTTP/1.1
Host: api.dmcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://10949ec.wcomhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
server: DMS/1.0.42
content-encoding: gzip
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 02 Apr 2024 07:30:21 GMT
date: Sun, 05 May 2024 03:41:09 GMT
cache-control: max-age=43200, s-maxage=3600
expires: Sun, 05 May 2024 15:41:07 GMT
etag: W/"660bb40d-7821"
x-cache: Hit from cloudfront
via: 1.1 e2b910126831841c6bf3d6563742ab92.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: sD6nB_o_n-9kOuP0G5yiaoxwttD_PC7X5rFlHqERNCTiYaofxF3RZA==
age: 3006
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| 10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ | 206.188.192.39 | 200 OK | 139 kB |
URL GET HTTP/1.110949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ IP206.188.192.39:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/ CertificateIssuerSectigo Limited Subject*.wcomhost.com Fingerprint51:AB:0A:BC:9C:FF:EB:AA:DF:DD:1E:D8:D0:CE:A2:F8:FC:5F:B9:3A ValidityThu, 14 Sep 2023 00:00:00 GMT - Mon, 19 Aug 2024 23:59:59 GMT
Size139 kB (139154 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | La Banque postale | | PhishTank | phishing | Other |
GET /Labanquepostale2/fr/Certicode-Plus/ HTTP/1.1
Host: 10949ec.wcomhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10949ec.wcomhost.com/Labanquepostale2/fr/Certicode-Plus/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 05 May 2024 04:31:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip
|
|