Report - parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

Report Overview

Submitted URL
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php
IP
87.98.154.146
ASN
#16276 OVH SAS
Submitted
2022-10-05 12:34:44
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
82

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
parquet-bordeaux.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	4.8 MB	87.98.154.146
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	21 kB	142.250.74.174
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	2.1 kB	142.250.74.163
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	872 B	104.18.11.207
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	66 kB	216.58.207.195
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	746 B	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.164.68.15
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	6.9 kB	104.17.25.14
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	90 kB	31.13.72.12
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	18.164.68.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.240.207.158

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/script.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/api.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/sdk.js(1)	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/base.1bf376f9696bfb8874af.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/14.1bf376f9696bfb8874af.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource(1).html	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/recaptcha__en.js.download	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource.html	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/components.1bf376f9696bfb8874af.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.js	Phishing
2022-10-05	medium	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed
2022-10-05	medium	parquet-bordeaux.com	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/script.js	393 B	2023-03-07	2023-08-17
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/script.js IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:23 Last Seen2023-08-17 17:35:39 Times Seen26 Hash 6a2e6dbb7e1b3f957d2cb45fb492668e f2680b4bf9b43296032575e74c6f522073c088b2 953ff524a462191b00e7966089eb722ce2f7d32334c603ebe06298b2ae5ba958 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js	93 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-11 02:12:51 Times Seen23988 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/api.js	708 B	2023-03-07	2023-08-17
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/api.js IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:24 Last Seen2023-08-17 17:35:39 Times Seen40 Hash a14455948d94f9a9ed0255ddffdc1eef cd95e227eb30c684473c1e26101bfbe1ce8f3137 e88fe96181aaff74f1fae525dab9641052853f643711f87e2307ed1cca4266b1 Loading...

	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/sdk.js(1)	3.2 kB	2023-03-07	2023-08-17
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/sdk.js(1) IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:24 Last Seen2023-08-17 17:35:39 Times Seen38 Hash bed46e0f7a43ef971658bde3da164aea d4a3512ba6112886f55def602aad237dc2709501 3f6cfb2a107314566e4293ba29234e305a8d9e35dd8670fb41cbacc78f3bf22f Loading...

	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php	603 B	2023-03-07	2023-08-17
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:24 Last Seen2023-08-17 17:35:39 Times Seen23 Hash 125f1d997065c052e3cca3c96f62370f 2f05e9985574278754d59addf2e5b10d90e316a2 d2e58df91b33affa22f9ddbd3c244d177b9ca5f1a69d25a39b0ed34d41d0b3fe Loading...

	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html	10 kB	2023-03-07	2023-08-17
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:24 Last Seen2023-08-17 17:35:39 Times Seen21 Hash c4a6c9740d64f6b1635d72e9ebf66125 653722c36a050c05acd3fa29cbd3e04c437a2e53 c44bd95de33218ef62725bebe71e05235ce9574749dcf8c7c1dc6cc0e03fb72c Loading...

	unknown	480 kB	2023-03-08	2023-03-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:03:10 Last Seen2023-03-08 06:03:10 Times Seen1 Hash 5bee88d75c779e90731675a08cdc14d3 c7bf3b9b46b26da17114571fa4b7f9663479e792 0932ef100b2f6fa6f7920a1882f90882ab2e2d2852d3fa79f9a094f479e1ad7f Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:18:51 Times Seen37534601 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/14.1bf376f9696bfb8874af.js	428 kB	2023-03-07	2023-08-17
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/14.1bf376f9696bfb8874af.js IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:24 Last Seen2023-08-17 17:35:39 Times Seen30 Hash aad95aa4e1f143d93ba02014e52d3c9c 7d84aa1b74e3d605578b92986c1521577451c773 8e0e247ed10d11af5ce8095638929b0c5e17dfece84aae65abd1cb79293a5e0b Loading...

	parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html	68 B	2023-03-07	2024-05-07
Pretty URL parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html IP 87.98.154.146 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:24 Last Seen2024-05-07 06:55:50 Times Seen42 Hash e9b901c2efdf825332443f6125ac235a 50b0a91ce79f263c8a802096158cdbacd2660474 be65c20e36b71b50d335c36ef1cddb3c181f666c3e8daf543d0bddf27b207519 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-10
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-10 19:48:26 Times Seen1646 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (62)

URL IP Response Size

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

87.98.154.146

200 OK

6.6 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1470), with CRLF line terminators
Size
6.6 kB (6643 bytes)
Hash
5e088de29cab8e4ffa106f8dcf0550c4
82f8ded8ab3abb0f17c482b5722316f5cda4b0e0
55405d6b78093b6dc176b6c2efcf83a9f82fef12797c102952966a6a5df988be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/login.php HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:30 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:5FAC_57629A92:0050_633D79D6_A1DC:1422C
x-iplb-instance: 17102

firefox.settings.services.mozilla.com/v1/

18.164.68.15

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.164.68.15:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 12:04:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fd0213744bc3f0c3b6436f635fb80a6c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: teHurBaAlTdEW5-SvvKgL-mNyPv_vlth0_qvqQAWAtDKAFknCE7gZg==
Age: 1798

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16791
Expires: Wed, 05 Oct 2022 17:14:22 GMT
Date: Wed, 05 Oct 2022 12:34:31 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

18.164.68.14

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
18.164.68.14:0
ASN
#0

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 05:39:56 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6777bbd78e2191b131d624eba7093540.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P4
x-amz-cf-id: ron9nSfUxvLvf-uczUax-DI-ZCdI9i70bTLRFW-z_NS6A73JKKyPpQ==
age: 37022
X-Firefox-Spdy: h2

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/script.js

87.98.154.146

200 OK

210 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/script.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with CRLF line terminators
Size
210 B (210 bytes)
Hash
7fc44b302d965a8942e3995ab61398f7
29ff2ae99f7cbaa592d66a08770b479ca323ea0f
101f8e0b59294b76959c7ccd61922d7d0ce1dee999368a7c5ece5265fe1e9504

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/script.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
content-length: 210
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:B0AF_57629A92:0050_633D79D6_0398:E893
x-iplb-instance: 17095

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

104.17.25.14

200 OK

5.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
5.9 kB (5884 bytes)
Hash
aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://parquet-bordeaux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 543514
expires: Mon, 25 Sep 2023 12:34:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfpoaVTW2BWltyTf0GM%2BoceH5ZwvBtmJ0cxibZ1dCocbxHpWWQjaH1dL1RkRITOAjUeSTuoenlnZ4ob4R0A%2F8s8zZx8iWmf0Whbn1sWmF08xp%2F3zRW0uSWZE7X6K8ND59jSn2Gxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75563121ac3afab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/api.js

87.98.154.146

200 OK

477 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/api.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (708), with no line terminators
Size
477 B (477 bytes)
Hash
46dd665b0ba594a9516d197417ae615c
ee09935166c1cbc3193004c8d1c554d537db3e8d
948c88110e9c152ca42ac39a9c727f1e23b011856566aaddb5fa0f706daeca76

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/api.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
content-length: 477
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:3232_57629A92:0050_633D79D7_0C3D:2520A
x-iplb-instance: 17106

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/sdk.js(1)

87.98.154.146

200 OK

3.2 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/sdk.js(1)
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (2088)
Size
3.2 kB (3224 bytes)
Hash
bed46e0f7a43ef971658bde3da164aea
d4a3512ba6112886f55def602aad237dc2709501
3f6cfb2a107314566e4293ba29234e305a8d9e35dd8670fb41cbacc78f3bf22f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/sdk.js(1) HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-length: 3224
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:B0AF_57629A92:0050_633D79D7_03A1:E893
x-iplb-instance: 17095

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/1.1bf376f9696bfb8874af.css

87.98.154.146

200 OK

505 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/1.1bf376f9696bfb8874af.css
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (741)
Size
505 B (505 bytes)
Hash
728411392aaecc12d4f6e7e25486f913
3912d707b4de8f469626cedca604f0e12cf7592d
f5d8d1120999d984080b0276602c0dec5b36534cfdf47a03233f17c99ff02e71

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/1.1bf376f9696bfb8874af.css HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/css
content-length: 505
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:3232_57629A92:0050_633D79D7_0C3F:2520A
x-iplb-instance: 17106

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.css

87.98.154.146

200 OK

200 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.css
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
200 B (200 bytes)
Hash
c4f781837ac655ab868f76ebd0aa001c
1d792cae3ea99a6ccfc76761672ecac9f6ce47c3
2982815644bab9c7ebbec9a3e5adb18288054b91ca05e85c189f5e592778ea5a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.css HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/css
content-length: 200
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:3232_57629A92:0050_633D79D7_0C40:2520A
x-iplb-instance: 17106

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/base.1bf376f9696bfb8874af.js

87.98.154.146

200 OK

224 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/base.1bf376f9696bfb8874af.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (57168)
Size
224 kB (224032 bytes)
Hash
ef911797cabc3aea74bf896f4bf965fe
d36a8da6a68dd1e0404fefea90622bad4f9c7133
a8bb4a7114d3ac309167ee8183d440ce8c4e01785fd5616bcb7a434445b9dd32

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/base.1bf376f9696bfb8874af.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:C5E2_57629A92:0050_633D79D7_A20A:1422C
x-iplb-instance: 17102

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.css

87.98.154.146

200 OK

680 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.css
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (3822)
Size
680 B (680 bytes)
Hash
8f497d424c58298907a2a7654b87f113
8755f92cbf5bdbefd767382b17922e05bfa50f9f
1fd3df798d205c39b40c3de2ad945501c1a38b119d5e9dcbd3a41766f30a4e94

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.css HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/css
content-length: 680
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:C5E2_57629A92:0050_633D79D7_A211:1422C
x-iplb-instance: 17102

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/14.1bf376f9696bfb8874af.js

87.98.154.146

200 OK

101 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/14.1bf376f9696bfb8874af.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (38258)
Size
101 kB (101248 bytes)
Hash
adce3602de6cc5400042843a7ec47a11
32a73f9352523442918914e43d618e37f3b71da8
02b5e510ed1709166ad4901be0b8c39932a2b836af134a3f8d66e6794286a1d6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/14.1bf376f9696bfb8874af.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:B0AF_57629A92:0050_633D79D7_03A3:E893
x-iplb-instance: 17095

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/style.css

87.98.154.146

404 Not Found

63 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/style.css
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16709)
Size
63 kB (63072 bytes)
Hash
7973418ae4f1cd3225dad1a5cfef7499
bffbdc327a8e406db901cfbb9b7efe95d6daea98
d8fb2bdeeeba695565c67e08f26e7a7f4d17d9b49b8a23dc7a341187e8ff40f3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/style.css HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 404 Not Found
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <http://parquet-bordeaux.com/wp-json/>; rel="https://api.w.org/"
x-iplb-request-id: 5B5A2A9A:5FAC_57629A92:0050_633D79D6_A1DD:1422C
x-iplb-instance: 17102

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.164.68.15

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.164.68.15:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 12:32:55 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 12:44:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d7a09e17a9797d15006b403215eeebe6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 9crHqXGs5m2z5rsnYHSKjKLhM6jkqLPCWYSzjCP8dXUVsjrGcOqvnA==
Age: 98

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/6c52619633aaf102bd2a577e2688fa86.png

87.98.154.146

200 OK

7.1 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/6c52619633aaf102bd2a577e2688fa86.png
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
PNG image data, 140 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7050 bytes)
Hash
6c52619633aaf102bd2a577e2688fa86
83296c14c2b7c884714936baf650d47325aaf894
032cf6c781dfb488e0e19248594759087e8c2d9a18d356b977b8da35a7b20649

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/6c52619633aaf102bd2a577e2688fa86.png HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: image/png
content-length: 7050
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
x-iplb-request-id: 5B5A2A9A:FD52_57629A92:0050_633D79D7_E9BD:1422D
x-iplb-instance: 17102

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png

87.98.154.146

200 OK

21 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
PNG image data, 1200 x 368, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20846 bytes)
Hash
70f65465e7c6d090d9277be5ce120b45
8ce111118f53f497079d066a4216f61b72347b87
2e916e6e4167cd80e0f126a9d67f8c4f40af081e5d28e56516fbe492700f5fc8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: image/png
content-length: 20846
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
x-iplb-request-id: 5B5A2A9A:C5E2_57629A92:0050_633D79D7_A228:1422C
x-iplb-instance: 17102

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/77bcca0a353436ad0ea0.png

87.98.154.146

200 OK

84 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/77bcca0a353436ad0ea0.png
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
PNG image data, 3509 x 2482, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (84281 bytes)
Hash
b64412453cb5996f63de49d397617504
d908c3f17df3c7c1287438c1f2690e43dd3e91d5
98beb0e665f5d2724b955f00a4b80a0c5db2ba5bb8830054482a75c4384eedaa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/77bcca0a353436ad0ea0.png HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: image/png
content-length: 84281
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
x-iplb-request-id: 5B5A2A9A:BA56_57629A92:0050_633D79D7_0CC0:1AE05
x-iplb-instance: 17097

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5713
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Last-Modified: Wed, 05 Oct 2022 10:59:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.240.207.158

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.207.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rO/GuloKbvaYeLnOQVi6vg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QAwqux63h/3mRawNCRFzPvQLTnU=

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html

87.98.154.146

200 OK

9.8 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10169)
Size
9.8 kB (9754 bytes)
Hash
11a17050b89dd812fe29f5c3c973081a
eec8122840759b1037d5a93be304fb8aa7e3431c
0755e5452a877151eeaf0c6163657c974532f32229e5cf10df3c8f683af48585

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:32 GMT
content-type: text/html
content-length: 9754
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:BA56_57629A92:0050_633D79D7_0CC7:1AE05
x-iplb-instance: 17097

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource(1).html

87.98.154.146

200 OK

148 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource(1).html
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
148 B (148 bytes)
Hash
2e564a3905e8c87687ee0bd0b05ee76a
41e908564ec62189439e245c46b4e3efc2eebd5c
25125843e939ebb13040693deab070e1301d8cd4cbb364fef81d99788bc800c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource(1).html HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:32 GMT
content-type: text/html
content-length: 148
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:FD52_57629A92:0050_633D79D7_EA1C:1422D
x-iplb-instance: 17102

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://parquet-bordeaux.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 579624
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://parquet-bordeaux.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 579624
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/styles__ltr.css

87.98.154.146

200 OK

26 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/styles__ltr.css
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (50696), with no line terminators
Size
26 kB (25550 bytes)
Hash
ca5350ed9a4d4472bdbc0f04b81094e4
c33e8ed8a0c934225f54a0782750289082e060fb
3377025fa55128ffe598611154e05d0cab872cf792c8a1f5bd8ccdd7c15c9ce4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/styles__ltr.css HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:32 GMT
content-type: text/css
content-length: 25550
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:32 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:BA56_57629A92:0050_633D79D8_0CCA:1AE05
x-iplb-instance: 17097

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.css

87.98.154.146

200 OK

471 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.css
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
data
Size
471 B (471 bytes)
Hash
195d162678034c3ab84daffa4c4a5723
85fab036e8ab318c51b5c05ff33f2388e5716acd
03e8ce6aa80a44c5f2abf860c3bbf25d8e56fc49458a3f8c11fbe2130b71bb6c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.css HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/css
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:B0AF_57629A92:0050_633D79D7_03A2:E893
x-iplb-instance: 17095

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/background.png

87.98.154.146

200 OK

4.0 MB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/background.png
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
PNG image data, 2054 x 1297, 8-bit/color RGB, non-interlaced\012- data
Size
4.0 MB (4034936 bytes)
Hash
b96ca6c086ae1da6eb5a5d1de5e0f3ad
a122544b2c6afd43e071ea3590cc4b37c05316b8
6aa4661e2ad0927c9c8bcadea3e57a5642798572f44a7bd411d12a4b3815be30

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/background.png HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:32 GMT
content-type: image/png
content-length: 4034936
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:32 GMT
x-iplb-request-id: 5B5A2A9A:C5E2_57629A92:0050_633D79D7_A25A:1422C
x-iplb-instance: 17102

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3bc65ffbec7f4295cf1d9cc6bef4e3de
23459eda8229eaebd9c87c4443529f5e746178a4
e56db65b09e8073623e32be83f02b8b3cb436aaa06db8dd19657045e48eef0ad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Last-Modified: Wed, 05 Oct 2022 11:45:28 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a

31.13.72.12

200 OK

89 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18598)
Size
89 kB (88834 bytes)
Hash
3a05a8ee67e449b92dc3c2bc445ea48f
e1273508ca6c51f9eb01b89df94427a6edd72774
1d6bc14108ab29cd508b2ed629e69154e397f885d01f1ac6f5f0cf71d0c114e1

HTTP Headers

GET /en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://parquet-bordeaux.com
Connection: keep-alive
Referer: http://parquet-bordeaux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 1b3a82483652a3d70ec45adabedd4fd2
etag: "b50448198a1c58fb1c9e489e615b2781"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 29 Sep 2023 04:17:47 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: OgWo7mfkSbktw8K8RF6kjw==
x-fb-debug: 3/aSrDdbbRtH9hOsbvOhDT4aryaOvocNf5uSMIzKMwiav/e3EGw8dXGKTy8GCEXQYYfLffJQqwhjV4IM1cl7Mw==
content-length: 88834
x-fb-trip-id: 2074150462
date: Wed, 05 Oct 2022 12:34:32 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://parquet-bordeaux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 10:41:09 GMT
expires: Wed, 05 Oct 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 6803
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 12:34:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js

142.250.74.163

404 Not Found

1.6 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
4926634f3217cdd97e97202504c0c3b7
f7ea00d740096e4e17e8d884b177d47004bea11e
4dc4be86e5dfd0ab45d7c2235760fe07f49bbfabf1c108c8ddae955aa5760a91

HTTP Headers

GET /recaptcha/releases/QVh-Tz10ahidjrORgXOS1oB0/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://parquet-bordeaux.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 12:34:32 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/recaptcha__en.js.download

87.98.154.146

404 Not Found

63 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/recaptcha__en.js.download
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16709)
Size
63 kB (63072 bytes)
Hash
7973418ae4f1cd3225dad1a5cfef7499
bffbdc327a8e406db901cfbb9b7efe95d6daea98
d8fb2bdeeeba695565c67e08f26e7a7f4d17d9b49b8a23dc7a341187e8ff40f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/recaptcha__en.js.download HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html

HTTP/1.1 404 Not Found
date: Wed, 05 Oct 2022 12:34:33 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <http://parquet-bordeaux.com/wp-json/>; rel="https://api.w.org/"
x-iplb-request-id: 5B5A2A9A:FD52_57629A92:0050_633D79D8_EA70:1422D
x-iplb-instance: 17102

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download

87.98.154.146

404 Not Found

63 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16709)
Size
63 kB (63072 bytes)
Hash
7973418ae4f1cd3225dad1a5cfef7499
bffbdc327a8e406db901cfbb9b7efe95d6daea98
d8fb2bdeeeba695565c67e08f26e7a7f4d17d9b49b8a23dc7a341187e8ff40f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html

HTTP/1.1 404 Not Found
date: Wed, 05 Oct 2022 12:34:33 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <http://parquet-bordeaux.com/wp-json/>; rel="https://api.w.org/"
x-iplb-request-id: 5B5A2A9A:B0AF_57629A92:0050_633D79D7_03A9:E893
x-iplb-instance: 17095

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/favicon.ico

87.98.154.146

404 Not Found

63 kB

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/favicon.ico
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16709)
Size
63 kB (63072 bytes)
Hash
7973418ae4f1cd3225dad1a5cfef7499
bffbdc327a8e406db901cfbb9b7efe95d6daea98
d8fb2bdeeeba695565c67e08f26e7a7f4d17d9b49b8a23dc7a341187e8ff40f3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/favicon.ico HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 404 Not Found
date: Wed, 05 Oct 2022 12:34:33 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <http://parquet-bordeaux.com/wp-json/>; rel="https://api.w.org/"
x-iplb-request-id: 5B5A2A9A:BA56_57629A92:0050_633D79D8_0CCB:1AE05
x-iplb-instance: 17097

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource.html

87.98.154.146

200 OK

148 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource.html
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
148 B (148 bytes)
Hash
2e564a3905e8c87687ee0bd0b05ee76a
41e908564ec62189439e245c46b4e3efc2eebd5c
25125843e939ebb13040693deab070e1301d8cd4cbb364fef81d99788bc800c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/saved_resource.html HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/anchor.html
Cookie: _ga=GA1.2.869227070.1664973273; _gid=GA1.2.1252411106.1664973273
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:33 GMT
content-type: text/html
content-length: 148
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:C5E2_57629A92:0050_633D79D8_A28E:1422C
x-iplb-instance: 17102

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://parquet-bordeaux.com
Connection: keep-alive
Referer: http://parquet-bordeaux.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 03 Oct 2022 20:06:33 GMT
Expires: Tue, 03 Oct 2023 20:06:33 GMT
Cache-Control: public, max-age=31536000
Age: 145680
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://parquet-bordeaux.com
Connection: keep-alive
Referer: http://parquet-bordeaux.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 30 Sep 2022 16:42:22 GMT
Expires: Sat, 30 Sep 2023 16:42:22 GMT
Cache-Control: public, max-age=31536000
Age: 417131
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15780
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:34:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15780
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:34:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15780
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:34:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15780
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:34:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15780
Expires: Wed, 05 Oct 2022 16:57:33 GMT
Date: Wed, 05 Oct 2022 12:34:33 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 53519
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 53519
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 18301
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (17279 bytes)
Hash
420f8420af76fa258690bb842ff38db7
a37e39e4429d869abcf95cf3cb2c74675e174040
1d45d4f188ff54b5f66cd3c828affdd5d90b621c875c58a9fa6cd265f456d622

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07ed6d4e-f8d6-4fa4-a7da-a497e3667e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 17279
x-amzn-requestid: 381c1622-0b7a-407a-a98e-ad5e10b67a33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1ExxoAMFsAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4ed02978326aebf338ccd998;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CIZCBfsULoj_hm3G56Um57QTYuGUjN63x_H1Bb3xPKeacmsrTLqLYw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 53519
etag: "a37e39e4429d869abcf95cf3cb2c74675e174040"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 30544
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9907 bytes)
Hash
1bc04f249ff8da1e71ebd8bc5dfda85d
da3f9add6816af819df6aac08796dc7478dd0517
9f4a02cde38c7d61352f390a8d91cf9028652395ad55a3a49966df4a63642a85

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727060c5-cdba-4c73-92c7-eb01c35aff59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9907
x-amzn-requestid: b1b9a896-c745-496a-89df-b253d458f903
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWRm_EkKoAMF4cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338c95f-3330e14379849de85eb3dda4;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:12:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DkZ7D4ZQQ9VTWjHqGhSVAFfIsn2mpzB8ZVCSBE1zvytS96oJAmDL2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 49927
etag: "da3f9add6816af819df6aac08796dc7478dd0517"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/components.1bf376f9696bfb8874af.js

87.98.154.146

200 OK

0 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/components.1bf376f9696bfb8874af.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/components.1bf376f9696bfb8874af.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:BA56_57629A92:0050_633D79D7_0CBE:1AE05
x-iplb-instance: 17097

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.js

87.98.154.146

200 OK

0 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/bundle.1bf376f9696bfb8874af.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:FD52_57629A92:0050_633D79D7_E9B1:1422D
x-iplb-instance: 17102

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.js

87.98.154.146

200 OK

0 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/12.1bf376f9696bfb8874af.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:3232_57629A92:0050_633D79D7_0C43:2520A
x-iplb-instance: 17106

fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:400,700|Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://parquet-bordeaux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 12:34:31 GMT
date: Wed, 05 Oct 2022 12:34:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.js

87.98.154.146

200 OK

0 B

URL HTTP/1.1
parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.js
IP
87.98.154.146:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /expressaccountunitinformation/files/reboot/login/unionbank_files/7.1bf376f9696bfb8874af.js HTTP/1.1
Host: parquet-bordeaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://parquet-bordeaux.com/expressaccountunitinformation/files/reboot/login/login.php

HTTP/1.1 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Tue, 04 Oct 2022 12:10:01 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 05 Oct 2022 12:49:31 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:BA56_57629A92:0050_633D79D7_0CBF:1AE05
x-iplb-instance: 17097

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://parquet-bordeaux.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 12:34:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 14284078
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755631246971b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML