firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 09:06:57 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e32T9HQSmjy8nZSAdeCbcD9azPuv2IpJO8DI3NhT7ZGjgrYlwd0jiQ==
Age: 1621
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Thu, 29 Sep 2022 12:32:48 GMT
Date: Thu, 29 Sep 2022 09:33:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6209
Expires: Thu, 29 Sep 2022 11:17:27 GMT
Date: Thu, 29 Sep 2022 09:33:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5jWAf3q6vdQGb97oe384zbfw3VeQFvFZWxAc4ntM4yVP1+EsKYjLZIwmQQugC3ayzzSSftv2cYk=
x-amz-request-id: 2EANXHNNPSW535HN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 08:50:31 GMT
age: 2607
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7f771440424a038c6068daa83abaf2bc
52442d3160c35fb1e04307c3d78367da316b9b8d
418f57a86863da1a6fd185df2f453293d574aa05cd390b74b7858b60b9daba80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "418F57A86863DA1A6FD185DF2F453293D574AA05CD390B74B7858B60B9DABA80"
Last-Modified: Wed, 28 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 29 Sep 2022 15:33:58 GMT
Date: Thu, 29 Sep 2022 09:33:58 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/
37.221.65.142200 OK 8.7 kB IP 37.221.65.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2652), with CRLF line terminators
Hash 2b946eaa1b3cfd704186dbc99ee699e4
2dee2eebf40179b697ee4b82aada745eac64b32b
b22f9fbd0ff7f06d00d1c1c1179915fc636905c99ff6912f83ebf69003e7b8f3
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET / HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/html; charset=UTF-8
content-length: 8703
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.0.23, PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 10:24:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1aEYRdOHeqKelbLtaoPO5qFHon3xlSHpPlT3yIlFVof33QhbAKlwDA==
Age: 265
accountsgsecure-pass.fr/index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css
37.221.65.142200 OK 319 B URL HTTP/2 accountsgsecure-pass.fr/index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css
IP 37.221.65.142:0
File type ASCII text, with CRLF line terminators
Hash f40ddb3cf4b4ff6d2d4077b47d42867f
cc0bd85164b085b6dc17450107cbeb25dc562270
fa63c74bd568e45d82556fd70dbdfb05aa7241af3f61ebe9b8d5c66aae35bf08
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/spec56_btn_gsm_all_gcd_20190320190559.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
content-length: 319
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 19:43:21 GMT
etag: "39c-5e9c1f926145c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/logo-sg-seul.svg
37.221.65.142200 OK 3.0 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/logo-sg-seul.svg
IP 37.221.65.142:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1433), with CRLF line terminators
Hash a4905efc552b898322c256cb4d4f55c3
6ca6d615b2ebe329819a0338879c1d206ad0b90b
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /index_files/logo-sg-seul.svg HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: image/svg+xml
content-length: 3042
last-modified: Wed, 28 Sep 2022 19:43:32 GMT
etag: "6334a3e4-be2"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/rules.js.download
37.221.65.142200 OK 248 B URL HTTP/2 accountsgsecure-pass.fr/index_files/rules.js.download
IP 37.221.65.142:0
File type ASCII text, with CRLF line terminators
Hash 2b37ba4f0ac6c923da2dae3441653e1f
a64e64220c5f2058a99b84869115284e672df1db
b7679f70c6fbcd358d0e7aed87ea3a8e69e663e6ac54341f4380a094498bddd8
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /index_files/rules.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
content-length: 248
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 19:43:12 GMT
etag: "1e8-5e9c1f89c040b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/gen_ui.png
37.221.65.142200 OK 6.4 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/gen_ui.png
IP 37.221.65.142:0
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash f5f55947733314117f1109f93f826b5f
394e87fcb82200b9c108182bdc761dc6aa016467
c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/gen_ui.png HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: image/png
content-length: 6380
last-modified: Wed, 28 Sep 2022 19:43:41 GMT
etag: "6334a3ed-18ec"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/index_20190723161948.min.css
37.221.65.142200 OK 103 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/index_20190723161948.min.css
IP 37.221.65.142:0
File type ASCII text, with very long lines (310), with CRLF line terminators
Size 103 kB (103115 bytes)
Hash d404f0d7bcb594cdf70aeddeb23008a4
5d59b2f6bee8c9dcae287c9ebc5d16c3dde30ac6
0c4d4b59f5c42bc1994905cab04bc6d7a30f4c6a3847957cfa800ffc119f7fe0
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/index_20190723161948.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:18 GMT
etag: W/"6334a3d6-41496"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/fonts/sourcesanspro-it.woff
37.221.65.142404 Not Found 389 B URL HTTP/2 accountsgsecure-pass.fr/fonts/sourcesanspro-it.woff
IP 37.221.65.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 282295904154a20a43f4115c95d51b5a
03c19129fbacb363c538682140e8396a53ce1c12
cbd5a2c3341251c7909f07bc8e086546c46aa282e8fa2b10533efe47475ede4d
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /fonts/sourcesanspro-it.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/awt-front-BDDF.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: text/html; charset=iso-8859-1
content-length: 389
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/style.css
37.221.65.142200 OK 355 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/style.css
IP 37.221.65.142:0
File type ASCII text, with very long lines (1330), with CRLF line terminators
Size 355 kB (354826 bytes)
Hash 8291808d7f157bab81e59b4f70c1de86
8baa5b3915fc083cc949399dac999f7b3d07b188
9f8e3843ff11e83caaa8d7a2ea16f456d29cf691755052749192916333db4567
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/style.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:31 GMT
etag: W/"6334a3e3-2c10f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/print_20190320190559.min.css
37.221.65.142200 OK 11 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/print_20190320190559.min.css
IP 37.221.65.142:0
File type ASCII text, with very long lines (3067), with no line terminators
Hash 3f6fb3686e191ef388dc0cd644c79784
b23f907a033e200b79ffca5fb93facf113493ae8
217a9fe5d037e4321617b81035ce34d21a1b54b01d043bf18876ea66903cb012
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/print_20190320190559.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:42 GMT
etag: W/"6334a3ee-bfb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/awt-front-BDDF.css
37.221.65.142200 OK 68 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/awt-front-BDDF.css
IP 37.221.65.142:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 532ee0151b66824f6a6d8228b0bbff12
cd201cc32f9f9cb15a99bf24158bdbd1475f4914
f222415f2fb2c246dc28ab6bf0f1ab068583a652c4dd954b1c505c605ecece9d
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/awt-front-BDDF.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:25 GMT
etag: W/"6334a3dd-1891e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/fonts/sourcesanspro-regular.woff
37.221.65.142200 OK 30 kB URL HTTP/2 accountsgsecure-pass.fr/fonts/sourcesanspro-regular.woff
IP 37.221.65.142:0
File type Web Open Font Format, TrueType, length 29936, version 1.0\012- data
Hash ee8fb2f1d98caedf1822bd94ac49592a
78342ab4847d4794808b9f1ef361c8845139cd5b
b2bd7e62939ac983fd01971920b44c1313a0d00b6f81ef80ae7a4b8ba5f20311
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /fonts/sourcesanspro-regular.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: font/woff
content-length: 29936
last-modified: Wed, 28 Sep 2022 19:43:25 GMT
etag: "6334a3dd-74f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/fonts/sourcesanspro-semibold.woff
37.221.65.142200 OK 64 kB URL HTTP/2 accountsgsecure-pass.fr/fonts/sourcesanspro-semibold.woff
IP 37.221.65.142:0
File type Web Open Font Format, TrueType, length 63896, version 1.50\012- data
Hash 66d6f332d0d93578c726f68d3a9ada3b
10ebe50154b114f97ff25d99034ce724116ee47e
ecc485cb5434c03a5990728a87f66f6b46635d3bd97fd9fd175df05e37bbb6f9
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: font/woff
content-length: 63896
last-modified: Wed, 28 Sep 2022 19:43:39 GMT
etag: "6334a3eb-f998"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/fonts/sourcesanspro-bold.woff
37.221.65.142200 OK 30 kB URL HTTP/2 accountsgsecure-pass.fr/fonts/sourcesanspro-bold.woff
IP 37.221.65.142:0
File type Web Open Font Format, TrueType, length 29688, version 1.0\012- data
Hash 8ddef052d66452862e8aef5f63fe6109
7432d98ccfc52ff401e3c37439ee2e61722c279b
10d5ee3a453be2ea83297c419182d5c32de6f46a530594fa5ec2aea8cd31c626
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /fonts/sourcesanspro-bold.woff HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: font/woff
content-length: 29688
last-modified: Wed, 28 Sep 2022 19:43:45 GMT
etag: "6334a3f1-73f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/img/favicon.ico
37.221.65.142200 OK 318 B URL HTTP/2 accountsgsecure-pass.fr/img/favicon.ico
IP 37.221.65.142:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Hash ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642
Analyzer Verdict Alert openphish Societe Generale
GET /img/favicon.ico HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: image/vnd.microsoft.icon
content-length: 318
x-accel-version: 0.01
last-modified: Wed, 28 Sep 2022 19:43:15 GMT
etag: "13e-5e9c1f8cfa701"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 09:33:59 GMT
Last-Modified: Thu, 29 Sep 2022 08:18:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
accountsgsecure-pass.fr/fonts/sourcesanspro-italic.otf
37.221.65.142404 Not Found 623 B URL HTTP/2 accountsgsecure-pass.fr/fonts/sourcesanspro-italic.otf
IP 37.221.65.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 16f4c32d7dd5a02d7587459aa7d9e181
78cb24c8e229d0c5380684d39975ec0fa2ceb0e6
64cd88c1e8042259e4856dab17b5c11906ce6dd1d86d757cb12de247175723ab
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /fonts/sourcesanspro-italic.otf HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/index_files/index_pri_20201013141424.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 29 Sep 2022 09:33:59 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m3ebKFqihFSDWDIqi28A/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lkt7v3MCGZf54qoqnVOjLctUae8=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16812
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 09:34:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 21951
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
age: 42797
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/index_pri_20201013141424.min.css
37.221.65.142200 OK 46 kB URL HTTP/2 accountsgsecure-pass.fr/index_files/index_pri_20201013141424.min.css
IP 37.221.65.142:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f5a3c44449c0b773b6cf2daf626eb54f
f36c7c2e61103c696e8c4262eebe4cfa7c7a9f16
99f83990be9e8854b0b54d53082312880c9413da40f09b7466b561406036f55e
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/index_pri_20201013141424.min.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:29 GMT
etag: W/"6334a3e1-3655e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30471179bd7cdeecea2fa4ea98701aef
2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:46 GMT
age: 42794
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: 34214e89-7232-4fd5-9257-adf231670681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDb3vGkOIAMFVhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314031-3056111d48a5027a2062ad1b;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 06:01:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VosALWNOhCfUDfo2bXgYE0Cx2duyHRaLb5DCn9IydXtoIsYyg9vWhA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:13 GMT
age: 42287
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 4275d743-8507-4fbe-83d1-cc0da2adef7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoPHCMIAMF7wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be34-5ddb717430e7b38e3ee53657;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H713oiiX6wslZytV_P5NblH5vT7KZ2fv1G3DLKLrH5nw0lHOquia4w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:48 GMT
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
age: 42792
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/js.js.download
37.221.65.142200 OK 0 B URL HTTP/2 accountsgsecure-pass.fr/index_files/js.js.download
IP 37.221.65.142:0
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /index_files/js.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 19:43:26 GMT
etag: W/"6334a3de-134bc0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/jquery.js.download
37.221.65.142200 OK 0 B URL HTTP/2 accountsgsecure-pass.fr/index_files/jquery.js.download
IP 37.221.65.142:0
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /index_files/jquery.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 19:43:40 GMT
etag: W/"6334a3ec-15851"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/inbenta.css
37.221.65.142200 OK 0 B URL HTTP/2 accountsgsecure-pass.fr/index_files/inbenta.css
IP 37.221.65.142:0
Analyzer Verdict Alert openphish Societe Generale
GET /index_files/inbenta.css HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: text/css
last-modified: Wed, 28 Sep 2022 19:43:23 GMT
etag: W/"6334a3db-2268a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
accountsgsecure-pass.fr/index_files/jquery2.js.download
37.221.65.142200 OK 0 B URL HTTP/2 accountsgsecure-pass.fr/index_files/jquery2.js.download
IP 37.221.65.142:0
Analyzer Verdict Alert openphish Societe Generale
fortinet Phishing
GET /index_files/jquery2.js.download HTTP/1.1
Host: accountsgsecure-pass.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accountsgsecure-pass.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 09:33:58 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 19:43:23 GMT
etag: W/"6334a3db-11348"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2