| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash82788b8b26eeba7f492106ea47729bbb 823b2d3c336d11064a6b809057bed46bb65a7969 7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4015
Expires: Mon, 31 Oct 2022 11:05:22 GMT
Date: Mon, 31 Oct 2022 09:58:27 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2c936a37c0ab225115a83277467091ec d357ab9189990d3718036f67c12f467efe43552d 747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3846
Cache-Control: max-age=88604
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 09:58:27 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 10:35:11 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashde47d7f9f8d5035d5490f0386442d813 fe86a705a7540c619fddd835ba720bccd2f17cfc 1b3bb62c83f8117b31f021c532a77dfea594a33ea40b5ed62dc67a29f6d15115
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B3BB62C83F8117B31F021C532A77DFEA594A33EA40B5ED62DC67A29F6D15115"
Last-Modified: Sun, 30 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Mon, 31 Oct 2022 10:34:29 GMT
Date: Mon, 31 Oct 2022 09:58:27 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fsBWy35qTaPJ3+jSyTDU1+R1ZYJFAepB5TuHTIo5Ifu+zXNm3UMhsQIZMBip7Kj+znS8cxDncTRQbdnUVhGLpQ==
x-amz-request-id: SEBADKDSRSV0TMW5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 31 Oct 2022 09:44:52 GMT
age: 815
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 31 Oct 2022 09:58:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hofenor762.temp.swtest.ru/AG/Pr | 77.222.40.224 | 200 OK | 3.6 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/Pr IP77.222.40.224:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (15746) Hash7bfb1f6af89d729cf159f5c33bc476c4 33b90ecaaa39f309ced2e54b70f178631240b43a b9d829d4fe8517eb4e7e2ebd8ab99a94f35a63bbf8e35375388e6d68c948072f
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | | phishtank | Other | |
GET /AG/Pr HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33
Set-Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/jquery.CardValidator.js | 77.222.40.224 | 200 OK | 2.1 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/jquery.CardValidator.js IP77.222.40.224:0
Hash5e3812c918f22e125f3ea8c08bceaf76 d5e6624b80474ea77e1adb60db6b0ded24205627 31d0740c9a71776c253640a6915be5b120d3e90b6765d1d46f94c72a908b185e
Analyzer | Verdict | Alert | urlquery | | Phishing - J.P.Morgan | openphish | Credit Agricole S.A. | |
GET /AG/style/js/jquery.CardValidator.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:30 GMT
ETag: W/"6de1263-18df-5ec32aa1cb064"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/jquery.validate.min.js | 77.222.40.224 | 200 OK | 7.4 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/jquery.validate.min.js IP77.222.40.224:0
File typeUnicode text, UTF-8 text, with very long lines (22900) Hash5a81b0a98410f032075aba256389756b 3c64a5ddb2d771d9309e7b0f09fe5e7ba5fe802a 732955ec0498bf6798e97ec294933d46d3ada956d462e750eff496b21993e7c2
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/jquery.validate.min.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:33 GMT
ETag: W/"6de1267-59fe-5ec32aa54bff4"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/jquery.mask.js | 77.222.40.224 | 200 OK | 4.9 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/jquery.mask.js IP77.222.40.224:0
Hash72561daefcabe07fcd6e4a000ce2b1f9 29f4b8a00c67c6d29e8beb9cbe1fcc040bfc4bf5 3a19e4fd29ca6cd5ba35dd0f38915107a432a326280051d32ca2b16af7d668b7
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/jquery.mask.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:31 GMT
ETag: W/"6de1264-47fe-5ec32aa304034"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/style.js | 77.222.40.224 | 200 OK | 819 B |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/style.js IP77.222.40.224:0
Hashe60b04983b6d40b4343c6f5ff3c080e4 ddf865e21f7bad03990bf10072f43a760196f457 beb476c7e3a305beb253e5ac14eebd5975fc6c2e1003faf5ddc08a782d33dc20
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/style.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:34 GMT
ETag: W/"6de126e-859-5ec32aa5e60cc"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/jquery.min.js | 77.222.40.224 | 200 OK | 31 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/jquery.min.js IP77.222.40.224:0
File typeASCII text, with very long lines (65451) Hashf8a10c76294be4282d55a848bb39b30f 1d7abbd795999774bc36977cd11d56488587d4c4 0266e9b70e37bd2a3d4a5d0a9460eb7b766e9c2efa1299555217b591ac623dff
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/jquery.min.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:32 GMT
ETag: W/"6de1265-15850-5ec32aa414f64"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/css/main.css | 77.222.40.224 | 200 OK | 2.3 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/css/main.css IP77.222.40.224:0
File typeASCII text, with very long lines (10363) Hashe2f1767ba8c133485ed0de06599769c0 0f07dabddaf9270f2f94c1c554c29fc617fb29b6 dbdbcfa77b252eac505784012d171d8b1918d6729d70f152b045820399fa0655
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/css/main.css HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:07 GMT
ETag: W/"6dc15e6-287c-5ec32a8c4f833"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/popper.min.js | 77.222.40.224 | 200 OK | 7.2 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/popper.min.js IP77.222.40.224:0
File typeASCII text, with very long lines (20164) Hash099db3361d831812de10e38c51dbd0d1 908dc3f88b1adc83d9145435a9a1641ce29a3eda 3c313ab75fd2a62dd8e0f5d8873b512716a02bbf845626803c54252ee3e457cf
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/popper.min.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:34 GMT
ETag: W/"6de126d-4f70-5ec32aa629304"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/css/bootstrap.min.css | 77.222.40.224 | 200 OK | 21 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/css/bootstrap.min.css IP77.222.40.224:0
File typeASCII text, with very long lines (65324) Hash6416cbec949fa843a85c7ac285bb9245 94173c891940336570801e9c8ce3f85427d41c70 631d8a942c958f1b03cab6822d5f25b7221a24bbb2d60ec49bdf40295e1483ef
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/css/bootstrap.min.css HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:04 GMT
ETag: W/"6dc15e4-22688-5ec32a8922863"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/css/fonts.css | 77.222.40.224 | 200 OK | 272 B |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/css/fonts.css IP77.222.40.224:0
Hashce5be47f5ca6850b9d1c715ab706459d 9655056deecba7315ca72742da1de44bf4ffc7f0 4069a227b95cc542164e30fef92d995a8e8d55d62799aa88531e24b9145152be
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/css/fonts.css HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:02 GMT
ETag: W/"6dc15e3-556-5ec32a87cc3d3"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/bootstrap.min.js | 77.222.40.224 | 200 OK | 15 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/bootstrap.min.js IP77.222.40.224:0
File typeASCII text, with very long lines (59058), with no line terminators Hashee1256b5b52bb54c61a5bd830b57890e 4b5b0bf0609f18a265ee410044c1d980f0526244 0b8c25aafc1308b83d904cf9e358e8043e286d5e01f5f825e5234c305bba5bbc
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/bootstrap.min.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:28 GMT
ETag: W/"6de1260-e6b2-5ec32aa03e0d4"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/CADIF_logo_horizontal_rvb_v4.png | 77.222.40.224 | 200 OK | 19 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/CADIF_logo_horizontal_rvb_v4.png IP77.222.40.224:0
File typePNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced\012- data Hash71cb5c78702e00ffb116f88d9280896a d32b9b4f245643b1e4477f923b12a4d17d50cc3d f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/CADIF_logo_horizontal_rvb_v4.png HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: image/png
Content-Length: 18782
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Sat, 29 Oct 2022 20:59:50 GMT
ETag: "6dc15d0-495e-5ec32a7be983b"
Accept-Ranges: bytes
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash32e837c0fbe63274d45283b4a023dd6c 6f6548aab66b39153530fea54d95b20b85b24ef8 6cf1a45a66254ab7a94cf29a4ac72878c84303b214a3bf49eb637d6babbaf554
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 09:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| hofenor762.temp.swtest.ru/AG/style/js/main.js | 77.222.40.224 | 200 OK | 954 B |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/main.js IP77.222.40.224:0
File typeAlgol 68 source text\012- Pascal source, ASCII text Hasha52c0eaf80d25c193d1dabe225c29769 ccb860fa0d426bcdaff1db1a47f40080d27b4252 4b534aa4619cab7341addd7f269604234267887f6e2e5b15325499703153e1de
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/main.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:33 GMT
ETag: W/"6de126c-1092-5ec32aa4ebce4"
Content-Encoding: gzip
|
|
| hofenor762.temp.swtest.ru/AG/style/js/fontawesome.js | 77.222.40.224 | 200 OK | 387 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/fontawesome.js IP77.222.40.224:0
File typeASCII text, with very long lines (65351) Size387 kB (387142 bytes) Hash301e1321cd6a35b018619d7be6692ae5 2de256c79dd84078250476b7b13815925d3adfd1 fb0afe09ff52edab4f9d3444f0b879ccefd62622b48e9a757fbaef981b5eab26
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/fontawesome.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:30 GMT
ETag: W/"6de1261-10314a-5ec32aa26ab14"
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash32e837c0fbe63274d45283b4a023dd6c 6f6548aab66b39153530fea54d95b20b85b24ef8 6cf1a45a66254ab7a94cf29a4ac72878c84303b214a3bf49eb637d6babbaf554
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 09:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf646a3a97223c35e424ccb52d0ff73da d88c49b4ac278348e6c669792334170911fb43dd 065a4e4db1b5f7d8231afbd3cb75ce74f0a74aee63bc12a79f5a8d050f55a05b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5110
Cache-Control: max-age=171209
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 09:58:28 GMT
Etag: "635f8217-1d7"
Expires: Wed, 02 Nov 2022 09:31:57 GMT
Last-Modified: Mon, 31 Oct 2022 08:06:47 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
|
|
| hofenor762.temp.swtest.ru/AG//style/fermeture-agence-travaux-DAB_septembre2020.jpg | 77.222.40.224 | 200 OK | 165 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG//style/fermeture-agence-travaux-DAB_septembre2020.jpg IP77.222.40.224:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=19, height=3264, bps=0, compression=none, PhotometricIntepretation=RGB, description=11 d\303\251cembre 2015, manufacturer=Canon, model=Canon EOS-1D Mark IV, orientation=upper-left, width=4896], baseline, precision 8, 960x640, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 26228-27759, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 75594131500502762294377185280.000000, slope 18524499018441621041854808064.000000\012- data Size165 kB (165217 bytes) Hash9185fa780a0576f2043bb631d7b4269c 4a4da7e75f2fc8df41652d9c3ffa277c301bbf04 e07a9ccc231bfc6a4f4ef7d64b1c2df670d9ac347d0d3e4cb4ad04c2133e07f5
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG//style/fermeture-agence-travaux-DAB_septembre2020.jpg HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/style/css/main.css
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: image/jpeg
Content-Length: 165217
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Sat, 29 Oct 2022 20:59:53 GMT
ETag: "6dc15d3-28561-5ec32a7f3d523"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.195 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hofenor762.temp.swtest.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 05:42:51 GMT
expires: Fri, 27 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 360937
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 | 216.58.207.195 | 200 OK | 48 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data Hash17b406b7b8caa297435fa358e194f5a1 e2132f0e97781af56fa966c0fabb49132f2af203 84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://hofenor762.temp.swtest.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 18:59:14 GMT
expires: Tue, 24 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 572354
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5580dc56f5c8e3012864d54092c07b3a fb9997cf8b29e970213ed34a4d637bb8525a6eb0 cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 09:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| hofenor762.temp.swtest.ru/AG/style/favicon.png | 77.222.40.224 | 200 OK | 1.8 kB |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/favicon.png IP77.222.40.224:0
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data Hashed9c56116b458dfeef180879add56940 f661f922f0bfdf0d2d470aea158eb77d49b5bb26 0c6849d4541c1b5d297b7e48dc2c13d43c357610effd13e1a90929b6638205e0
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/favicon.png HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:28 GMT
Content-Type: image/png
Content-Length: 1793
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Sat, 29 Oct 2022 20:59:51 GMT
ETag: "6dc15d2-701-5ec32a7d6b803"
Accept-Ranges: bytes
|
|
| push.services.mozilla.com/ | 54.148.190.4 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.148.190.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A774EsrOOhSmUhh0YA4Ldg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4X6AP+ErOUlV5JzZyeua4aYNSRE=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0796db2947913177a820acd13c2d3db5 b7242ad5635409395392ee5e33cee0bf18daddc3 1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8340
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 09:58:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0796db2947913177a820acd13c2d3db5 b7242ad5635409395392ee5e33cee0bf18daddc3 1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8340
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 09:58:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0796db2947913177a820acd13c2d3db5 b7242ad5635409395392ee5e33cee0bf18daddc3 1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8340
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 09:58:29 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F695e40e4-d230-4612-93c8-b55320ff1cc1.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F695e40e4-d230-4612-93c8-b55320ff1cc1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6951fb1205a67c6502ad474f0310954e 3190ffe0193c0a3d00c5c420bd0a576b3dc4f8ad db1f101465f68236adba2c01f8b569c3730581beeba5a87190402e46b677593d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F695e40e4-d230-4612-93c8-b55320ff1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9151
x-amzn-requestid: e9191803-8263-4801-a316-c076cd7488a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoxvJFmKoAMF9Ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359c993-30aaa53633897d1d163f936f;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 23:58:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -C8euAH-crYs_n_u_yihmJbO6pBBaCjba57YWTGZ7UO2tL8OE1VOMA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:50:40 GMT
age: 43669
etag: "3190ffe0193c0a3d00c5c420bd0a576b3dc4f8ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48c39aca-c3f5-46cb-95f1-9a1ba435cbab.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48c39aca-c3f5-46cb-95f1-9a1ba435cbab.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashca05ccb1ac1f48e7ba1da2d46a0ac6ed d0cef5a583ebc587cbab1fb709266af5f9203c3b 771916affe5869fecd5fda3940a44f201f4638a20b545469b9cad03b736b43b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48c39aca-c3f5-46cb-95f1-9a1ba435cbab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10115
x-amzn-requestid: e2e6e6ee-a7ae-4a67-823c-4a7d49d61327
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: azplCHI3IAMFw2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635e22ec-71abd83775752d0f6365a784;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 07:08:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lDoQdQBqf_haLVpAcE0sHVXJ3iLYIsIDN3CdSUO0cioqpvf20rkPWA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 07:15:19 GMT
age: 9790
etag: "d0cef5a583ebc587cbab1fb709266af5f9203c3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4a5598b5025c779903462274690bb7e3 0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c 9b862b8885ab187323aa8f7fdd7cd712959fd7a0b02f5b74c98896be2c5eccd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9749
x-amzn-requestid: ec256f33-dd6c-42dc-976e-970755bcb610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1oYkGpmoAMFtQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635eedd0-6758a6d921b2dca27986636f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:34:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: S9PTswWNOvdqCk-YlJ3vvNPN8-34Qvhr4evopc1fiTezxEBFIRbugg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:50:43 GMT
age: 43666
etag: "0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash55f392ea73e9746f7edb30e319646c4b 09b052e39f5493c2c2b79d92e81e510aeffbfcb4 9a5b1575ed3a943be74e212f41f122178dcf4c89ef0d78eb8cc761508cd453d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9023
x-amzn-requestid: 599a15c5-bd47-4c30-91e5-b445da7e66f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwvQHCsIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e61-1d36740311e6b1e531d44767;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:08:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uchqnCPglDy6DsLjM-7A1Df4hvJ_XeKZJOyqFs7hIb27ZyP14qz-Ew==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 13:13:35 GMT
age: 74694
etag: "09b052e39f5493c2c2b79d92e81e510aeffbfcb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24535d8e-574d-4e3d-a908-ea6d2b9c97f2.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24535d8e-574d-4e3d-a908-ea6d2b9c97f2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1bbc794d3db8d7b98202b9e950350d23 8f1812480e0e9f3919a10271d0afdb1c9269910a 89f3f4fc40a3661b247e845ada9774cc0f19b27774739f11020d3a3c9ecd08b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24535d8e-574d-4e3d-a908-ea6d2b9c97f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10427
x-amzn-requestid: 08f2d907-8828-47c5-a4c4-1b08960ad075
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aixo2EBgIAMFSTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63576305-556f7df20f4ee58e7a53bd48;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 04:16:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zhU8r8sDLISgYWEVH919wxdcghjR8qTrmmqyztq6LxkD0TfKjNCWFA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:50:31 GMT
age: 43678
etag: "8f1812480e0e9f3919a10271d0afdb1c9269910a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13c58368-1bcb-4cd7-a083-bf5cea3b5392.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13c58368-1bcb-4cd7-a083-bf5cea3b5392.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2d0942807b5f2036a7a97fff427caf77 f56659656be5bfeeb31ff719dda0876b53c24045 9730880c3e01df6069888639d966470a5b353d47d69ae3e399cf31615a36b174
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13c58368-1bcb-4cd7-a083-bf5cea3b5392.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5543
x-amzn-requestid: f0da75af-99b6-44d7-9366-68a9cc472b92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: awWOcGMIoAMF0uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635cd0c2-4fef534239a2fe220102ad57;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 07:05:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9Xv7xVnJY8g1bzTRChyj3WQbXIpykez7L1751n9rJdj2YWL_D21Rbg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 07:10:41 GMT
age: 10068
etag: "f56659656be5bfeeb31ff719dda0876b53c24045"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| hofenor762.temp.swtest.ru/AG/style/js/angular.min.js | 77.222.40.224 | 200 OK | 0 B |
URL HTTP/1.1hofenor762.temp.swtest.ru/AG/style/js/angular.min.js IP77.222.40.224:0
Analyzer | Verdict | Alert | openphish | Credit Agricole S.A. | |
GET /AG/style/js/angular.min.js HTTP/1.1
Host: hofenor762.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=58ed5a95a6ad82d192961f3860edab38
HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Mon, 31 Oct 2022 09:58:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sat, 29 Oct 2022 21:00:26 GMT
ETag: W/"6de125d-28cdb-5ec32a9eb6734"
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 IP142.250.74.10:0
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://hofenor762.temp.swtest.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 31 Oct 2022 09:58:28 GMT
date: Mon, 31 Oct 2022 09:58:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|