Report - reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

Report Overview

Submitted URL
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/
IP
103.53.43.196
ASN
#394695 PUBLIC-DOMAIN-REGISTRY
Submitted
2023-01-31 08:34:59
Access
Website Title
Final URL
Tags
societe_generale financial phishing
urlquery detections
Phishing - Societe Generale

Detections

urlquery
39
Network Intrusion Detection
2
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
reachclicks.net	112386	2018-12-17T22:47:27Z	2023-02-27T03:47:47Z	9.2 kB	859 kB	103.53.43.196
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.163.49.154
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 08:35:09	medium	103.53.43.196	Client IP	ET INFO 404 Response with Javascript Variable in Page
2023-01-31 08:35:09	medium	103.53.43.196	Client IP	ET INFO 404 Response with Javascript Variable in Page

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	Societe Generale

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js	88 kB	2023-03-07	2024-04-20
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-20 02:23:56 Times Seen95067 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js	70 kB	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen794 Hash f86b7a0e560edb5951576cf8884153e6 e5b4c5b95c79e6e42ef676ed77986db3f85223ab 74a340d2c31205e840515065e739e3d08fa169bc8fa52c66db838dbf749103c1 Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js	488 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen756 Hash cd884ffdf1f759fbdeaae54b636288d4 450ea313a0b4b250024abd0935c1f59617841134 f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js	1.3 MB	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen553 Hash 6e6c70c409456c23a09d9adbce8d2e80 0f50b6f4f4555c31e8f832b446cda4996acb4460 3957ed7a4d5b5f5c36fe0872fbc2f619b8d2d0094b134dd65d1ebd6f3352847b Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	243 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/ IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen376 Hash 71d19f7fe5d2135f268f61647dc03988 1e25ed11489509b55de05241a48d728969493458 5e5eaf8632a7264aaa23953240629b96a0709d13b1091fc9763970c2dd8a02ce Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	483 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/ IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen374 Hash d4e17ac95f6499091f5567792887b0fe 605112c6edb9f3f3aa27108cb32230deedbac7d2 e02463ed16a3d8b83b06cbc206098817ba44827c535b8a3971b78ccdb327abff Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	303 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/ IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen371 Hash df4d122557c68345696b953efe9e8f1d 664b2317e9984afa6eadd6ad13bf90b92b1e8d31 e082f41c3e3feb3e3d50eb92d57a6f04b702744fbc401dca0fdd749808e70f8c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-20 04:04:32 Times Seen347752 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 81506f6c9b74db893b121a759da430d7	1.0 kB	2023-03-07	2024-04-09
Pretty Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen431 Hash 81506f6c9b74db893b121a759da430d7 2d4226d3b0de0217029bc6113d7489f398b5a4be a49959becff3155c2f2c2ba4684dfecdf77e055678880cbddac3c81eba11fe3c Loading...

HTTP Transactions (43)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10201
Expires: Tue, 31 Jan 2023 11:24:49 GMT
Date: Tue, 31 Jan 2023 08:34:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10558
Expires: Tue, 31 Jan 2023 11:30:46 GMT
Date: Tue, 31 Jan 2023 08:34:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18681
Expires: Tue, 31 Jan 2023 13:46:09 GMT
Date: Tue, 31 Jan 2023 08:34:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 07:43:17 GMT
content-type: application/json
age: 3091
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BENWduCbsPY0ulJZxTyydARisBRai3NjzjOGQ5BpL6JhPtKWQN49hoH5jWxz7g3g2RshVc+ZcVwTxPqsawo+wA==
x-amz-request-id: RDJ2ZRS45HY9C4DS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 08:22:08 GMT
age: 760
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

103.53.43.196

200 OK

6.1 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (519)
Size
6.1 kB (6104 bytes)
Hash
4d746125f6587999980db1dbae791269
27fc5730a23e6bac4b1785fdd200ab573d83280b
f491619f309fbeea707c6a6d73c8024b6a2a49102b3fd1a729d049ad9ba08560

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/ HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Content-Length: 6104
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 08:34:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css

103.53.43.196

200 OK

319 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
319 B (319 bytes)
Hash
f40ddb3cf4b4ff6d2d4077b47d42867f
cc0bd85164b085b6dc17450107cbeb25dc562270
fa63c74bd568e45d82556fd70dbdfb05aa7241af3f61ebe9b8d5c66aae35bf08

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:39:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 319
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 07:49:04 GMT
age: 2745
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js

103.53.43.196

200 OK

248 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
248 B (248 bytes)
Hash
2b37ba4f0ac6c923da2dae3441653e1f
a64e64220c5f2058a99b84869115284e672df1db
b7679f70c6fbcd358d0e7aed87ea3a8e69e663e6ac54341f4380a094498bddd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 16 Sep 2019 03:43:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 248
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4920
Expires: Tue, 31 Jan 2023 09:56:49 GMT
Date: Tue, 31 Jan 2023 08:34:49 GMT
Connection: keep-alive

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/inbenta.css

103.53.43.196

200 OK

26 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/inbenta.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65307)
Size
26 kB (26546 bytes)
Hash
0fb388c78469421ee56ae9246214a376
bc4415827087c7a70eba44d7cd7efebc7aa485c4
99897b3721f6a658e44cd0f0dde7b58f95d77ae48fb21bc0a2ef49ff8c0300e5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/inbenta.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 15 Sep 2019 21:06:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js

103.53.43.196

200 OK

39 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65451)
Size
39 kB (38667 bytes)
Hash
efac5ec08a294b9719fa79a8452f93a2
58475b2c269b29313c16c3ee9a9e8a9bc6e80097
1d2a26f8aaf3ff0298a942711bf9b01dc2aef45e955031ec7935ca76549afc83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 16 Sep 2019 00:07:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js

103.53.43.196

200 OK

31 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (33165)
Size
31 kB (30725 bytes)
Hash
b64e963dda60bc74bf01475034e52f9a
0ed71f50c34d4327eabb7afc99f61e658d1a4d39
d8c98fcd5fa600fbc895295949124990c2322fa60f5f8d90f45a799b2117cc7a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Last-Modified: Thu, 24 Aug 2017 12:46:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

push.services.mozilla.com/

35.163.49.154

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.49.154:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UOVKR2YjpuDGi41SA3WNMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jotDbUOWkt4vN1FJEWnRiKtmD/o=

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css

103.53.43.196

200 OK

62 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (310), with CRLF line terminators
Size
62 kB (62249 bytes)
Hash
6ff6101cc135015a6b371df91be8e894
cb3452098b74f26cf02e46dfcdc8a0dd9f9d3d78
913cf58bff29ca66b25c012885f4bcb062d9ecdfdc58f51a211b86df8bbae769

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 17 Sep 2019 00:30:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

103.53.43.196

200 OK

46 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1330), with CRLF line terminators
Size
46 kB (45563 bytes)
Hash
c5952620bf3917f0c4c7d93294009340
4de304c08ac6d237efb72aa042d9dc9f6cf09949
8be877da1318cf3b7e82617aea60776ec3c771dbdc3c6905a6e068b2b86d1483

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:49 GMT
Server: Apache
Last-Modified: Mon, 16 Sep 2019 04:13:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10360
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:34:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10360
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:34:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10360
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:34:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10360
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 08:34:50 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:53:29 GMT
age: 24081
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9972 bytes)
Hash
d143b65b98551bde96a7f026808d4583
3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7
004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9972
x-amzn-requestid: fc482a0d-3033-492d-86bf-fedd44c7cac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFNnUHmyIAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8fc8-7091fe260abb90766f87e7cf;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:10:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GfEXQhD_Og-PS-aycWJ75R5LL1r5hJtXd5MZ3OaYc6nb-bUHo0cnSA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 23:35:46 GMT
age: 32344
etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 37887
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7334 bytes)
Hash
83d9e98a4575077e7400343c7f2038d2
6ac3ca84e97fa35afff9045f35d45499c0b34a23
da6d6d90a5ea8f5a864f3739591693b5f4b9793f2c4bb971486572f6bf2e940c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: e62c149b-ca5f-4d0c-8d2d-e8bb2a7f9d8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvSzH2soAMFiYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49278-1214fc750a312e46527b2fd7;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DHpGf24wNNYDg2RxvPCY6S011xYLiXzP1pP7O-kPNKnnP50CihUfDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:28:52 GMT
age: 18358
etag: "6ac3ca84e97fa35afff9045f35d45499c0b34a23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6c0b4d2-6327-4501-8fe0-017b08501835.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8529 bytes)
Hash
ee0e708ca11a9468634d2a7dff56510f
40d7c0f07b5218c4ceabcd7fc90af26bb3dc2cf3
e944a184377a91dae9fbc38ebc686fb95e261cb16ae09c7d69ababacffa75e57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6c0b4d2-6327-4501-8fe0-017b08501835.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8529
x-amzn-requestid: 633fc342-7b5a-4103-970e-74730c08679b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbhguFesIAMFqVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d47c6a-38e274c36d39ef4f2dd6034a;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 01:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: URqrtcPijXsHDSPMQ3K9PHbq20O0KYuk3YyO91rNW7t10zCuF3g5wg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 15:47:08 GMT
age: 60462
etag: "40d7c0f07b5218c4ceabcd7fc90af26bb3dc2cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10000 bytes)
Hash
5167f99b892b964436e3c85ec115e25d
4f35912cf744f1f8fe875ff13d333ff19a775155
8b2350b0d3cf009164143a9591e62c1fd77fa127cfe01ab6204fe8accd3d11b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c7c3dd-3b94-47e5-83e3-d08d77011a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10000
x-amzn-requestid: f4b22eb2-3e65-4b0b-bec9-b2782103cec7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcSZ6FznIAMF_AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4caa5-787125d9270792e5417f2891;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FK49pkam_xLeBPi8IFpl7d45vWeLUvq7GkSaHAhLDDM0jG8mAqTtpw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 23:45:48 GMT
age: 31742
etag: "4f35912cf744f1f8fe875ff13d333ff19a775155"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js

103.53.43.196

200 OK

336 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (805), with CRLF line terminators
Size
336 kB (335628 bytes)
Hash
a667c14687569493860e42062c6c8176
645068e295e4e6b0f77bf742cb7f05b036f4cc65
0065847db7fbe3306b102ee5ff5c890701cde58efee5fbac2aef86e3e70c277b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:48 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 16 Sep 2019 02:36:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/gen_ui.png

103.53.43.196

200 OK

6.4 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/gen_ui.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6380 bytes)
Hash
f5f55947733314117f1109f93f826b5f
394e87fcb82200b9c108182bdc761dc6aa016467
c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/gen_ui.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:52 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:50:06 GMT
Accept-Ranges: bytes
Content-Length: 6380
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg.svg

103.53.43.196

200 OK

2.7 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg.svg
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2331), with CRLF line terminators
Size
2.7 kB (2666 bytes)
Hash
10e841a89a9c667fa6b17ea44c60529e
c65e827b075418de2a04d59a29fd7875921f52ef
2e19511d9133c826bfd5555070b89ac5cb3d108828b9e49c72d2d3ddbcbfe9ab

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg.svg HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:52 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:06:12 GMT
Accept-Ranges: bytes
Content-Length: 2666
Content-Type: image/svg+xml

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-muet.svg

103.53.43.196

200 OK

402 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-muet.svg
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
402 B (402 bytes)
Hash
392bde7f3217782d2f98bff1db922a9c
ce2e5b3a064e2dfa92039cc1caa37d8c6d3e144f
38f90a05ed700e9adb2b37d23337eee3be2c658bdb1f38f258c15920b36d1676

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-muet.svg HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:52 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:06:12 GMT
Accept-Ranges: bytes
Content-Length: 402
Content-Type: image/svg+xml

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-seul.svg

103.53.43.196

200 OK

3.0 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-seul.svg
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1433), with CRLF line terminators
Size
3.0 kB (3042 bytes)
Hash
a4905efc552b898322c256cb4d4f55c3
6ca6d615b2ebe329819a0338879c1d206ad0b90b
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-seul.svg HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:52 GMT
Server: Apache
Last-Modified: Sat, 11 Apr 2020 11:33:32 GMT
Accept-Ranges: bytes
Content-Length: 3042
Content-Type: image/svg+xml

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/print_20190320190559.min.css

103.53.43.196

200 OK

969 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/print_20190320190559.min.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (3067), with no line terminators
Size
969 B (969 bytes)
Hash
eac7dfcfbffb9a227f7f9e423d487fcb
3ea61c656a668925d8793684d6d6377ce81edc9f
2e34da33fda618bbe150ab52fe51e169b4d9e8881f30a0681091c07efb16309a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/print_20190320190559.min.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:52 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:06:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 969
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/trame.png

103.53.43.196

200 OK

208 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/trame.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
f9dc6373846a99bfe761d3427d50632d
685843d14882374bcf6b0798ab60bbecc84567a8
d41b3311daa52ffdfb112169926c6b68fee615ea6c72abac25fa1dbe799131d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/trame.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:47:34 GMT
Accept-Ranges: bytes
Content-Length: 208
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.eot

103.53.43.196

404 Not Found

355 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.eot
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO 404 Response with Javascript Variable in Page

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.eot HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 404 Not Found
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 355
Last-Modified: Thu, 20 May 2021 09:45:04 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/new_sprite.png

103.53.43.196

200 OK

10 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/new_sprite.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 312 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9961 bytes)
Hash
675d3d69bb78ed155d9d443bef4cccd8
8266846da238de6218a75a11744f35f821baff74
0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/new_sprite.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:54:28 GMT
Accept-Ranges: bytes
Content-Length: 9961
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.eot

103.53.43.196

404 Not Found

355 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.eot
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO 404 Response with Javascript Variable in Page

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.eot HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 404 Not Found
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 355
Last-Modified: Thu, 20 May 2021 09:45:04 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.eot

103.53.43.196

404 Not Found

355 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.eot
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.eot HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 404 Not Found
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 355
Last-Modified: Thu, 20 May 2021 09:45:04 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/favicon.ico

103.53.43.196

200 OK

318 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/favicon.ico
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
318 B (318 bytes)
Hash
ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/favicon.ico HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: nginx/1.17.6
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Sun, 15 Sep 2019 21:12:02 GMT
Cache-Control: max-age=604800
Expires: Tue, 07 Feb 2023 05:59:22 GMT
X-Server-Cache: true
X-Proxy-Cache: HIT
Accept-Ranges: bytes

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.woff

103.53.43.196

200 OK

75 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.woff
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 75420, version 0.0\012- data
Size
75 kB (75420 bytes)
Hash
52f5045b30343cd0e0a5acbd215a50e9
dc37d3ef1b5939ad6a5dfae601ae183c503095f2
f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.woff HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 22:07:02 GMT
Accept-Ranges: bytes
Content-Length: 75420
Content-Type: font/woff

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.woff

103.53.43.196

200 OK

75 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.woff
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 74996, version 0.0\012- data
Size
75 kB (74996 bytes)
Hash
f079be3e96761bf618ea2a5b314eb014
2aad9b3d874cdd21ee8496738af5f5b94c7382a0
b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 22:06:50 GMT
Accept-Ranges: bytes
Content-Length: 74996
Content-Type: font/woff

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/spriteV4.png

103.53.43.196

200 OK

56 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/spriteV4.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 880 x 650, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (56012 bytes)
Hash
2489b1de4b742de1d025c2751296143e
ca790ae20b4603ce6595ab1a0384dd217105306c
fdffcd1a92a88cf374901faf2ec466c6d16c0baa8b1f92426a24424743b65ab4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/spriteV4.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:54:18 GMT
Accept-Ranges: bytes
Content-Length: 56012
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.woff

103.53.43.196

200 OK

76 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.woff
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 76236, version 0.0\012- data
Size
76 kB (76236 bytes)
Hash
3e7af4d251f183a9ea98bfd812016274
231ff1575fa3fdcde1fe985786c3622719653d8b
f33d4ed699473243d3304fb2ee9435043ead92e092e76c04656a6745cf00e8d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.woff HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 08:34:53 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 22:06:40 GMT
Accept-Ranges: bytes
Content-Length: 76236
Content-Type: font/woff

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (43)