Report - accountsgsecure-pass.fr/

Report Overview

Submitted URL
accountsgsecure-pass.fr/
IP
37.221.65.142
ASN
#200019 Alexhost Srl
Submitted
2022-09-29 09:34:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.35.74.102
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	37 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
accountsgsecure-pass.fr	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.6 kB	731 kB	37.221.65.142

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale
2022-09-28	medium	accountsgsecure-pass.fr/	Societe Generale

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	accountsgsecure-pass.fr/	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/index_files/logo-sg-seul.svg	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/index_files/rules.js.download	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/fonts/sourcesanspro-it.woff	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/fonts/sourcesanspro-regular.woff	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/fonts/sourcesanspro-semibold.woff	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/fonts/sourcesanspro-bold.woff	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/fonts/sourcesanspro-italic.otf	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/index_files/js.js.download	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/index_files/jquery.js.download	Phishing
2022-09-29	medium	accountsgsecure-pass.fr/index_files/jquery2.js.download	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	accountsgsecure-pass.fr/index_files/jquery2.js.download	70 kB	2023-03-07	2024-04-09
Pretty URL accountsgsecure-pass.fr/index_files/jquery2.js.download IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen794 Hash f86b7a0e560edb5951576cf8884153e6 e5b4c5b95c79e6e42ef676ed77986db3f85223ab 74a340d2c31205e840515065e739e3d08fa169bc8fa52c66db838dbf749103c1 Loading...

	accountsgsecure-pass.fr/index_files/jquery.js.download	88 kB	2023-03-07	2024-04-20
Pretty URL accountsgsecure-pass.fr/index_files/jquery.js.download IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-20 02:23:56 Times Seen95067 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	accountsgsecure-pass.fr/index_files/rules.js.download	488 B	2023-03-07	2024-04-09
Pretty URL accountsgsecure-pass.fr/index_files/rules.js.download IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen756 Hash cd884ffdf1f759fbdeaae54b636288d4 450ea313a0b4b250024abd0935c1f59617841134 f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d Loading...

	accountsgsecure-pass.fr/index_files/js.js.download	1.3 MB	2023-03-07	2024-04-09
Pretty URL accountsgsecure-pass.fr/index_files/js.js.download IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen553 Hash 6e6c70c409456c23a09d9adbce8d2e80 0f50b6f4f4555c31e8f832b446cda4996acb4460 3957ed7a4d5b5f5c36fe0872fbc2f619b8d2d0094b134dd65d1ebd6f3352847b Loading...

	accountsgsecure-pass.fr/	243 B	2023-03-07	2024-04-09
Pretty URL accountsgsecure-pass.fr/ IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen376 Hash 71d19f7fe5d2135f268f61647dc03988 1e25ed11489509b55de05241a48d728969493458 5e5eaf8632a7264aaa23953240629b96a0709d13b1091fc9763970c2dd8a02ce Loading...

	accountsgsecure-pass.fr/	483 B	2023-03-07	2024-04-09
Pretty URL accountsgsecure-pass.fr/ IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen374 Hash d4e17ac95f6499091f5567792887b0fe 605112c6edb9f3f3aa27108cb32230deedbac7d2 e02463ed16a3d8b83b06cbc206098817ba44827c535b8a3971b78ccdb327abff Loading...

	accountsgsecure-pass.fr/	303 B	2023-03-07	2024-04-09
Pretty URL accountsgsecure-pass.fr/ IP 37.221.65.142 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen371 Hash df4d122557c68345696b953efe9e8f1d 664b2317e9984afa6eadd6ad13bf90b92b1e8d31 e082f41c3e3feb3e3d50eb92d57a6f04b702744fbc401dca0fdd749808e70f8c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 81506f6c9b74db893b121a759da430d7	1.0 kB	2023-03-07	2024-04-09
Pretty Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen431 Hash 81506f6c9b74db893b121a759da430d7 2d4226d3b0de0217029bc6113d7489f398b5a4be a49959becff3155c2f2c2ba4684dfecdf77e055678880cbddac3c81eba11fe3c Loading...

	#2 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-20 04:04:32 Times Seen347752 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

HTTP Transactions (38)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 09:06:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e32T9HQSmjy8nZSAdeCbcD9azPuv2IpJO8DI3NhT7ZGjgrYlwd0jiQ==
Age: 1621

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Thu, 29 Sep 2022 12:32:48 GMT
Date: Thu, 29 Sep 2022 09:33:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6209
Expires: Thu, 29 Sep 2022 11:17:27 GMT
Date: Thu, 29 Sep 2022 09:33:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5jWAf3q6vdQGb97oe384zbfw3VeQFvFZWxAc4ntM4yVP1+EsKYjLZIwmQQugC3ayzzSSftv2cYk=
x-amz-request-id: 2EANXHNNPSW535HN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 08:50:31 GMT
age: 2607
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7f771440424a038c6068daa83abaf2bc
52442d3160c35fb1e04307c3d78367da316b9b8d
418f57a86863da1a6fd185df2f453293d574aa05cd390b74b7858b60b9daba80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "418F57A86863DA1A6FD185DF2F453293D574AA05CD390B74B7858B60B9DABA80"
Last-Modified: Wed, 28 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 29 Sep 2022 15:33:58 GMT
Date: Thu, 29 Sep 2022 09:33:58 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/

37.221.65.142

200 OK

8.7 kB

URL HTTP/2
accountsgsecure-pass.fr/
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2652), with CRLF line terminators
Size
8.7 kB (8703 bytes)
Hash
2b946eaa1b3cfd704186dbc99ee699e4
2dee2eebf40179b697ee4b82aada745eac64b32b
b22f9fbd0ff7f06d00d1c1c1179915fc636905c99ff6912f83ebf69003e7b8f3

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/html; charset=UTF-8
content-length: 8703
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.0.23, PleskLin
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 10:24:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1aEYRdOHeqKelbLtaoPO5qFHon3xlSHpPlT3yIlFVof33QhbAKlwDA==
Age: 265

accountsgsecure-pass.fr/index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css

37.221.65.142

200 OK

319 B

URL HTTP/2
accountsgsecure-pass.fr/index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with CRLF line terminators
Size
319 B (319 bytes)
Hash
f40ddb3cf4b4ff6d2d4077b47d42867f
cc0bd85164b085b6dc17450107cbeb25dc562270
fa63c74bd568e45d82556fd70dbdfb05aa7241af3f61ebe9b8d5c66aae35bf08

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
content-length: 319
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 19:43:21 GMT
etag: "39c-5e9c1f926145c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/logo-sg-seul.svg

37.221.65.142

200 OK

3.0 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/logo-sg-seul.svg
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1433), with CRLF line terminators
Size
3.0 kB (3042 bytes)
Hash
a4905efc552b898322c256cb4d4f55c3
6ca6d615b2ebe329819a0338879c1d206ad0b90b
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /index_files/logo-sg-seul.svg HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: image/svg+xml
content-length: 3042
last-modified: Wed, 28 Sep 2022 19:43:32 GMT
etag: "6334a3e4-be2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/rules.js.download

37.221.65.142

200 OK

248 B

URL HTTP/2
accountsgsecure-pass.fr/index_files/rules.js.download
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with CRLF line terminators
Size
248 B (248 bytes)
Hash
2b37ba4f0ac6c923da2dae3441653e1f
a64e64220c5f2058a99b84869115284e672df1db
b7679f70c6fbcd358d0e7aed87ea3a8e69e663e6ac54341f4380a094498bddd8

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /index_files/rules.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
content-length: 248
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 19:43:12 GMT
etag: "1e8-5e9c1f89c040b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/gen_ui.png

37.221.65.142

200 OK

6.4 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/gen_ui.png
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6380 bytes)
Hash
f5f55947733314117f1109f93f826b5f
394e87fcb82200b9c108182bdc761dc6aa016467
c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/gen_ui.png HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: image/png
content-length: 6380
last-modified: Wed, 28 Sep 2022 19:43:41 GMT
etag: "6334a3ed-18ec"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/index_20190723161948.min.css

37.221.65.142

200 OK

103 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/index_20190723161948.min.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (310), with CRLF line terminators
Size
103 kB (103115 bytes)
Hash
d404f0d7bcb594cdf70aeddeb23008a4
5d59b2f6bee8c9dcae287c9ebc5d16c3dde30ac6
0c4d4b59f5c42bc1994905cab04bc6d7a30f4c6a3847957cfa800ffc119f7fe0

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/index_20190723161948.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:18 GMT
etag: W/"6334a3d6-41496"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/fonts/sourcesanspro-it.woff

37.221.65.142

404 Not Found

389 B

URL HTTP/2
accountsgsecure-pass.fr/fonts/sourcesanspro-it.woff
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
389 B (389 bytes)
Hash
282295904154a20a43f4115c95d51b5a
03c19129fbacb363c538682140e8396a53ce1c12
cbd5a2c3341251c7909f07bc8e086546c46aa282e8fa2b10533efe47475ede4d

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /fonts/sourcesanspro-it.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/awt-front-BDDF.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: text/html; charset=iso-8859-1
content-length: 389
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/style.css

37.221.65.142

200 OK

355 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/style.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (1330), with CRLF line terminators
Size
355 kB (354826 bytes)
Hash
8291808d7f157bab81e59b4f70c1de86
8baa5b3915fc083cc949399dac999f7b3d07b188
9f8e3843ff11e83caaa8d7a2ea16f456d29cf691755052749192916333db4567

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/style.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:31 GMT
etag: W/"6334a3e3-2c10f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/print_20190320190559.min.css

37.221.65.142

200 OK

11 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/print_20190320190559.min.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (3067), with no line terminators
Size
11 kB (10733 bytes)
Hash
3f6fb3686e191ef388dc0cd644c79784
b23f907a033e200b79ffca5fb93facf113493ae8
217a9fe5d037e4321617b81035ce34d21a1b54b01d043bf18876ea66903cb012

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/print_20190320190559.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:42 GMT
etag: W/"6334a3ee-bfb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/awt-front-BDDF.css

37.221.65.142

200 OK

68 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/awt-front-BDDF.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (65536), with no line terminators
Size
68 kB (67659 bytes)
Hash
532ee0151b66824f6a6d8228b0bbff12
cd201cc32f9f9cb15a99bf24158bdbd1475f4914
f222415f2fb2c246dc28ab6bf0f1ab068583a652c4dd954b1c505c605ecece9d

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/awt-front-BDDF.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:25 GMT
etag: W/"6334a3dd-1891e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/fonts/sourcesanspro-regular.woff

37.221.65.142

200 OK

30 kB

URL HTTP/2
accountsgsecure-pass.fr/fonts/sourcesanspro-regular.woff
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format, TrueType, length 29936, version 1.0\012- data
Size
30 kB (29936 bytes)
Hash
ee8fb2f1d98caedf1822bd94ac49592a
78342ab4847d4794808b9f1ef361c8845139cd5b
b2bd7e62939ac983fd01971920b44c1313a0d00b6f81ef80ae7a4b8ba5f20311

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /fonts/sourcesanspro-regular.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: font/woff
content-length: 29936
last-modified: Wed, 28 Sep 2022 19:43:25 GMT
etag: "6334a3dd-74f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/fonts/sourcesanspro-semibold.woff

37.221.65.142

200 OK

64 kB

URL HTTP/2
accountsgsecure-pass.fr/fonts/sourcesanspro-semibold.woff
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format, TrueType, length 63896, version 1.50\012- data
Size
64 kB (63896 bytes)
Hash
66d6f332d0d93578c726f68d3a9ada3b
10ebe50154b114f97ff25d99034ce724116ee47e
ecc485cb5434c03a5990728a87f66f6b46635d3bd97fd9fd175df05e37bbb6f9

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: font/woff
content-length: 63896
last-modified: Wed, 28 Sep 2022 19:43:39 GMT
etag: "6334a3eb-f998"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/fonts/sourcesanspro-bold.woff

37.221.65.142

200 OK

30 kB

URL HTTP/2
accountsgsecure-pass.fr/fonts/sourcesanspro-bold.woff
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format, TrueType, length 29688, version 1.0\012- data
Size
30 kB (29688 bytes)
Hash
8ddef052d66452862e8aef5f63fe6109
7432d98ccfc52ff401e3c37439ee2e61722c279b
10d5ee3a453be2ea83297c419182d5c32de6f46a530594fa5ec2aea8cd31c626

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /fonts/sourcesanspro-bold.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: font/woff
content-length: 29688
last-modified: Wed, 28 Sep 2022 19:43:45 GMT
etag: "6334a3f1-73f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/img/favicon.ico

37.221.65.142

200 OK

318 B

URL HTTP/2
accountsgsecure-pass.fr/img/favicon.ico
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
318 B (318 bytes)
Hash
ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: image/vnd.microsoft.icon
content-length: 318
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 19:43:15 GMT
etag: "13e-5e9c1f8cfa701"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:33:59 GMT
Last-Modified: Thu, 29 Sep 2022 08:18:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

accountsgsecure-pass.fr/fonts/sourcesanspro-italic.otf

37.221.65.142

404 Not Found

623 B

URL HTTP/2
accountsgsecure-pass.fr/fonts/sourcesanspro-italic.otf
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
623 B (623 bytes)
Hash
16f4c32d7dd5a02d7587459aa7d9e181
78cb24c8e229d0c5380684d39975ec0fa2ceb0e6
64cd88c1e8042259e4856dab17b5c11906ce6dd1d86d757cb12de247175723ab

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /fonts/sourcesanspro-italic.otf HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/index_pri_20201013141424.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.35.74.102

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.74.102:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m3ebKFqihFSDWDIqi28A/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lkt7v3MCGZf54qoqnVOjLctUae8=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9654 bytes)
Hash
36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 21951
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10023 bytes)
Hash
f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
age: 42797
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/index_pri_20201013141424.min.css

37.221.65.142

200 OK

46 kB

URL HTTP/2
accountsgsecure-pass.fr/index_files/index_pri_20201013141424.min.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (65536), with no line terminators
Size
46 kB (45969 bytes)
Hash
f5a3c44449c0b773b6cf2daf626eb54f
f36c7c2e61103c696e8c4262eebe4cfa7c7a9f16
99f83990be9e8854b0b54d53082312880c9413da40f09b7466b561406036f55e

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/index_pri_20201013141424.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:29 GMT
etag: W/"6334a3e1-3655e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4235 bytes)
Hash
30471179bd7cdeecea2fa4ea98701aef
2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:46 GMT
age: 42794
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3332 bytes)
Hash
6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: 34214e89-7232-4fd5-9257-adf231670681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDb3vGkOIAMFVhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314031-3056111d48a5027a2062ad1b;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 06:01:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VosALWNOhCfUDfo2bXgYE0Cx2duyHRaLb5DCn9IydXtoIsYyg9vWhA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:13 GMT
age: 42287
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4093 bytes)
Hash
aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 4275d743-8507-4fbe-83d1-cc0da2adef7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoPHCMIAMF7wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be34-5ddb717430e7b38e3ee53657;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H713oiiX6wslZytV_P5NblH5vT7KZ2fv1G3DLKLrH5nw0lHOquia4w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:48 GMT
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
age: 42792
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/js.js.download

37.221.65.142

200 OK

0 B

URL HTTP/2
accountsgsecure-pass.fr/index_files/js.js.download
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /index_files/js.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 19:43:26 GMT
etag: W/"6334a3de-134bc0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/jquery.js.download

37.221.65.142

200 OK

0 B

URL HTTP/2
accountsgsecure-pass.fr/index_files/jquery.js.download
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /index_files/jquery.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 19:43:40 GMT
etag: W/"6334a3ec-15851"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/inbenta.css

37.221.65.142

200 OK

0 B

URL HTTP/2
accountsgsecure-pass.fr/index_files/inbenta.css
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /index_files/inbenta.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:23 GMT
etag: W/"6334a3db-2268a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

accountsgsecure-pass.fr/index_files/jquery2.js.download

37.221.65.142

200 OK

0 B

URL HTTP/2
accountsgsecure-pass.fr/index_files/jquery2.js.download
IP
37.221.65.142:0
ASN
#200019 Alexhost Srl

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /index_files/jquery2.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 19:43:23 GMT
etag: W/"6334a3db-11348"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (38)

URL HTTP/1.1