Report - cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral

Report Overview

Submitted URL
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral
IP
163.44.198.61
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.
Submitted
2022-09-01 09:43:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-07T05:09:06Z	321 B	229 B	34.117.237.239
cpanel12wh.bkk1.cloud.z.com	unknown	2019-01-20T12:57:59Z	2023-02-22T21:33:40Z	12 kB	2.4 MB	163.44.198.61
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-07T09:34:07Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-07T05:09:07Z	594 B	127 B	52.42.74.230
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-07T05:09:22Z	3.2 kB	70 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-07T05:09:06Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-07T05:09:07Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-07T05:09:06Z	401 B	5.8 kB	143.204.55.49

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-08-31	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral	Societe Generale
2022-08-05	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/	Societe Generale

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/rules.js	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery.js	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery2.js	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/js.js	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg-muet.svg	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg.svg	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg-seul.svg	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.eot	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.eot	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.eot	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.woff	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.woff	Phishing
2022-09-01	medium	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/	483 B	2023-03-07	2024-04-23
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/ IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen380 Hash d4e17ac95f6499091f5567792887b0fe 605112c6edb9f3f3aa27108cb32230deedbac7d2 e02463ed16a3d8b83b06cbc206098817ba44827c535b8a3971b78ccdb327abff Loading...

	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/	303 B	2023-03-07	2024-04-23
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/ IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen377 Hash df4d122557c68345696b953efe9e8f1d 664b2317e9984afa6eadd6ad13bf90b92b1e8d31 e082f41c3e3feb3e3d50eb92d57a6f04b702744fbc401dca0fdd749808e70f8c Loading...

	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery.js	88 kB	2023-03-07	2024-04-24
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery.js IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-24 11:09:29 Times Seen95410 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery2.js	70 kB	2023-03-07	2024-04-23
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery2.js IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen805 Hash f86b7a0e560edb5951576cf8884153e6 e5b4c5b95c79e6e42ef676ed77986db3f85223ab 74a340d2c31205e840515065e739e3d08fa169bc8fa52c66db838dbf749103c1 Loading...

	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/rules.js	488 B	2023-03-07	2024-04-23
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/rules.js IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen766 Hash cd884ffdf1f759fbdeaae54b636288d4 450ea313a0b4b250024abd0935c1f59617841134 f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d Loading...

	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/js.js	1.3 MB	2023-03-07	2024-04-23
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/js.js IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen561 Hash 6e6c70c409456c23a09d9adbce8d2e80 0f50b6f4f4555c31e8f832b446cda4996acb4460 3957ed7a4d5b5f5c36fe0872fbc2f619b8d2d0094b134dd65d1ebd6f3352847b Loading...

	cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/	243 B	2023-03-07	2024-04-23
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/ IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen382 Hash 71d19f7fe5d2135f268f61647dc03988 1e25ed11489509b55de05241a48d728969493458 5e5eaf8632a7264aaa23953240629b96a0709d13b1091fc9763970c2dd8a02ce Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-24 11:56:11 Times Seen349352 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 81506f6c9b74db893b121a759da430d7	1.0 kB	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-23 20:03:32 Times Seen437 Hash 81506f6c9b74db893b121a759da430d7 2d4226d3b0de0217029bc6113d7489f398b5a4be a49959becff3155c2f2c2ba4684dfecdf77e055678880cbddac3c81eba11fe3c Loading...

HTTP Transactions (43)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 09:31:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q-ToIUH2xavwdE_f-Jn8voSlYgZEb5ZgZCMgUCGtkehn_P2rgj6KUA==
Age: 708

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18181
Expires: Thu, 01 Sep 2022 14:46:15 GMT
Date: Thu, 01 Sep 2022 09:43:14 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TyP29wv0VwFpqYNYvAJdbiKuZhkCYghEbzLfjMSziI5WdrqYp4xuKA==
age: 30478
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 09:43:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral

163.44.198.61

301 Moved Permanently

273 B

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
273 B (273 bytes)
Hash
d65eafa4b7be19e40225ee52ab56710f
68031a7d71ab7d53d0a1b1f5354d1a8357d7976c
fd08d5a614a205a9668c15e79b2d4e2d55712782985fd8e886924160fb9c5490

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 09:43:13 GMT
Server: Apache
Location: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Content-Length: 273
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 01 Sep 2022 08:57:05 GMT
Cache-Control: max-age=3600
Expires: Thu, 01 Sep 2022 09:55:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: l4mV-E9jEleMvd28tg8tcrWa0cH6sKhgbmoWG7Hxm8MYEO7IARBvuQ==
Age: 2770

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6572
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 09:43:15 GMT
Last-Modified: Thu, 01 Sep 2022 07:53:43 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/

163.44.198.61

200 OK

27 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (519)
Size
27 kB (26921 bytes)
Hash
67e81f2b567c64f8ab5bb5ec4733ee99
189445ee3e2f3aaa187ecc78b4b3704f1337b3ee
f55c3cba1c7179e76cb2e9ae41d6250e92ac9e687ca363f774b6ead1e83336c9

Detections

Analyzer	Verdict	Alert
openphish	Societe Generale
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/ HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:14 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Guj4K/F2r7TXr2XA66XTrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7EVH9BlHvztKt+jZAZR8QS9SHLw=

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css

163.44.198.61

200 OK

924 B

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with CRLF line terminators
Size
924 B (924 bytes)
Hash
64cb76b2053af4c62ffb6553bc59ce07
89f051baaeea6ec8a1a20bc63e9cf10c1035a3ec
c5a3b215632179846e4f0554b2311d1137bd37e0eee86df1efd5e8b4998fcf25

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Fri, 26 Mar 2021 05:27:02 GMT
ETag: "39c-5be69c820f580"
Accept-Ranges: bytes
Content-Length: 924
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/rules.js

163.44.198.61

200 OK

488 B

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/rules.js
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with CRLF line terminators
Size
488 B (488 bytes)
Hash
cd884ffdf1f759fbdeaae54b636288d4
450ea313a0b4b250024abd0935c1f59617841134
f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/js/rules.js HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 14:43:14 GMT
ETag: "1e8-5929881ce0480"
Accept-Ranges: bytes
Content-Length: 488
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Thu, 01 Sep 2022 10:54:59 GMT
Date: Thu, 01 Sep 2022 09:43:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Thu, 01 Sep 2022 10:54:59 GMT
Date: Thu, 01 Sep 2022 09:43:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Thu, 01 Sep 2022 10:54:59 GMT
Date: Thu, 01 Sep 2022 09:43:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Thu, 01 Sep 2022 10:54:59 GMT
Date: Thu, 01 Sep 2022 09:43:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Thu, 01 Sep 2022 10:54:59 GMT
Date: Thu, 01 Sep 2022 09:43:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10137 bytes)
Hash
ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qYh5Pc0cx8--7rIjlMt8IhDKNDMnZEpC_7xfNBIJxWllyLcG9Eh6xg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:34:41 GMT
age: 18515
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:58:03 GMT
age: 67513
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8243 bytes)
Hash
f6f2d3a00d6d7da233136a2f97288438
db7ad928f5cb3478e16a4827aa1324d5f0441aee
e52e34961bd591a719e421a2c42681ae4e7f53162e708c0e1cd23a032b8c1461

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761bec2c-917c-4d76-b30f-d952432e80ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8243
x-amzn-requestid: cf7ca552-b255-4629-8115-9dd951f9c4c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i4EKBoAMFxPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-38f269ff114135be10791fd7;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4gctfV7TlofTF8DzNbjpedJURjS8oVCK3QDciVxHoCaXPLBj1i-bVw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:31 GMT
etag: "db7ad928f5cb3478e16a4827aa1324d5f0441aee"
content-type: image/jpeg
age: 43545
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11031 bytes)
Hash
494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 43565
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16818 bytes)
Hash
12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69fDjN-ZeYA8RVO_WGTY1KQHZ1t3PNdWIwq3ax1e1wKmuPODyGCMcQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:46:29 GMT
age: 68207
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4a31025-b077-4937-93a3-a0669697b0ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8044 bytes)
Hash
043263cdba253c3eb4bfa33c95e8ca21
6d814e56d87e2579e51139759fa7dfb8195a6529
9c7cf679c9a6a0d0a2c75a85b13d8407a5e0fe2448d73fced51b45a3e701e9c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4a31025-b077-4937-93a3-a0669697b0ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8044
x-amzn-requestid: 8ea16c8b-f0aa-4ce9-a99d-8e59c51ffb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3j7Ge9IAMFQBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e5-6762d09b569221944f9b7870;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tZWKpWZnFUVhefoWK-AwAYKOsmAcMhTmPXEyWp0BJPKfhgooGpI6xQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:47:20 GMT
age: 42956
etag: "6d814e56d87e2579e51139759fa7dfb8195a6529"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery.js

163.44.198.61

200 OK

88 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery.js
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with very long lines (65451)
Size
88 kB (88145 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/js/jquery.js HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 11:07:28 GMT
ETag: "15851-592957e29bc00"
Accept-Ranges: bytes
Content-Length: 88145
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery2.js

163.44.198.61

200 OK

70 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/jquery2.js
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with very long lines (33165)
Size
70 kB (70472 bytes)
Hash
f86b7a0e560edb5951576cf8884153e6
e5b4c5b95c79e6e42ef676ed77986db3f85223ab
74a340d2c31205e840515065e739e3d08fa169bc8fa52c66db838dbf749103c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/js/jquery2.js HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Wed, 23 Aug 2017 23:46:46 GMT
ETag: "11348-5577453204580"
Accept-Ranges: bytes
Content-Length: 70472
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/index_20190723161948.min.css

163.44.198.61

200 OK

267 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/index_20190723161948.min.css
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with very long lines (310), with CRLF line terminators
Size
267 kB (267414 bytes)
Hash
1600dd0aea2d8360b233096291773246
52e6057c66d55a003f540b8703ae701a91436017
543ab7885ffa69bd57ff0c19488c7325c94eedfb7bcabee897f7c5d29ec14891

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/css/index_20190723161948.min.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:14 GMT
Server: Apache
Last-Modified: Fri, 26 Mar 2021 05:25:04 GMT
ETag: "41496-5be69c1186c00"
Accept-Ranges: bytes
Content-Length: 267414
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/inbenta.css

163.44.198.61

200 OK

141 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/inbenta.css
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with very long lines (65307)
Size
141 kB (140938 bytes)
Hash
6bcf45a2db74a36e21ca3e85900b2a09
6b368ba62fb76a0766c13a492454b2e30c5a0708
89b52a840ba8e0d38d1a839304d6140782c86d35210c8eced23f37e9159ccb95

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/css/inbenta.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Fri, 26 Mar 2021 05:23:18 GMT
ETag: "2268a-5be69bac6fd80"
Accept-Ranges: bytes
Content-Length: 140938
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css

163.44.198.61

200 OK

180 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with very long lines (1330), with CRLF line terminators
Size
180 kB (180495 bytes)
Hash
b1b8ab421e98fe7fa44981e1c1fa5e9d
0dc6c3d1e02e8c5765a0265d8330ac164502defc
4a2aade6c700fc79670eaf144975ed69e81f099b6a5f8b0b99f5cf1c71431cb8

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/css/style.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Fri, 26 Mar 2021 05:19:22 GMT
ETag: "2c10f-5be69acb5ea80"
Accept-Ranges: bytes
Content-Length: 180495
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/js.js

163.44.198.61

200 OK

1.3 MB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/js/js.js
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (805), with CRLF line terminators
Size
1.3 MB (1264576 bytes)
Hash
6e6c70c409456c23a09d9adbce8d2e80
0f50b6f4f4555c31e8f832b446cda4996acb4460
3957ed7a4d5b5f5c36fe0872fbc2f619b8d2d0094b134dd65d1ebd6f3352847b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/js/js.js HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:15 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 13:36:42 GMT
ETag: "134bc0-5929793dcee80"
Accept-Ranges: bytes
Content-Length: 1264576
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/print_20190320190559.min.css

163.44.198.61

200 OK

3.1 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/print_20190320190559.min.css
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
ASCII text, with very long lines (3067), with no line terminators
Size
3.1 kB (3067 bytes)
Hash
e4d358e525d052a0377f57af7a5f5a82
f1dc2890a644a2bd2daba774933381739698c036
cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/css/print_20190320190559.min.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:06:10 GMT
ETag: "bfb-59292f5c8a080"
Accept-Ranges: bytes
Content-Length: 3067
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg-muet.svg

163.44.198.61

200 OK

402 B

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg-muet.svg
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
402 B (402 bytes)
Hash
392bde7f3217782d2f98bff1db922a9c
ce2e5b3a064e2dfa92039cc1caa37d8c6d3e144f
38f90a05ed700e9adb2b37d23337eee3be2c658bdb1f38f258c15920b36d1676

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/logo-sg-muet.svg HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:06:12 GMT
ETag: "192-59292f5e72500"
Accept-Ranges: bytes
Content-Length: 402
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/gen_ui.png

163.44.198.61

200 OK

6.4 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/gen_ui.png
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6380 bytes)
Hash
f5f55947733314117f1109f93f826b5f
394e87fcb82200b9c108182bdc761dc6aa016467
c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/gen_ui.png HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:50:06 GMT
ETag: "18ec-5929392e6cb80"
Accept-Ranges: bytes
Content-Length: 6380
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg.svg

163.44.198.61

200 OK

2.7 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg.svg
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2331), with CRLF line terminators
Size
2.7 kB (2666 bytes)
Hash
10e841a89a9c667fa6b17ea44c60529e
c65e827b075418de2a04d59a29fd7875921f52ef
2e19511d9133c826bfd5555070b89ac5cb3d108828b9e49c72d2d3ddbcbfe9ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/logo-sg.svg HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:06:12 GMT
ETag: "a6a-59292f5e72500"
Accept-Ranges: bytes
Content-Length: 2666
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/trame.png

163.44.198.61

200 OK

208 B

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/trame.png
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
f9dc6373846a99bfe761d3427d50632d
685843d14882374bcf6b0798ab60bbecc84567a8
d41b3311daa52ffdfb112169926c6b68fee615ea6c72abac25fa1dbe799131d5

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/trame.png HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/index_20190723161948.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:47:34 GMT
ETag: "d0-5929389d77580"
Accept-Ranges: bytes
Content-Length: 208
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/new_sprite.png

163.44.198.61

200 OK

10 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/new_sprite.png
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
PNG image data, 312 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9961 bytes)
Hash
675d3d69bb78ed155d9d443bef4cccd8
8266846da238de6218a75a11744f35f821baff74
0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/new_sprite.png HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:54:28 GMT
ETag: "26e9-59293a2849900"
Accept-Ranges: bytes
Content-Length: 9961
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg-seul.svg

163.44.198.61

200 OK

3.0 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/logo-sg-seul.svg
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1433), with CRLF line terminators
Size
3.0 kB (3042 bytes)
Hash
a4905efc552b898322c256cb4d4f55c3
6ca6d615b2ebe329819a0338879c1d206ad0b90b
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/logo-sg-seul.svg HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Fri, 10 Apr 2020 22:33:32 GMT
ETag: "be2-5a2f752b88700"
Accept-Ranges: bytes
Content-Length: 3042
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.eot

163.44.198.61

404 Not Found

10 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.eot
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10229 bytes)
Hash
b62b234a4eddaed3f0c7fcbd67129fa5
075e0556a2662f7c0ab9d97dfdfec95145f09787
8571d7bd322a35e7500e3bfa41044b38d6bedf84cb71ad890b3e0ad296216193

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.eot HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.eot

163.44.198.61

404 Not Found

10 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.eot
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10231 bytes)
Hash
713cb722577e41cb028c92b5c79c8278
06c1a24c7602b1f9783565095e66fbd14eb89eac
80e9eb2083c37c8d8b4588eeb094a5422b3b4b8e43bd0a5d1e3f2c7dd0256097

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.eot HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.eot

163.44.198.61

404 Not Found

10 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.eot
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10223 bytes)
Hash
3c2774d9f66b9042397dabeaff96da06
772bad3348ef2a25831f072c1df3f3cd590eb195
6f6e8911cf8048c0a9a04a683eb66be5735d72d58750438feff5fad68336f65e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.eot HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/spriteV4.png

163.44.198.61

200 OK

56 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/spriteV4.png
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
PNG image data, 880 x 650, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (56012 bytes)
Hash
2489b1de4b742de1d025c2751296143e
ca790ae20b4603ce6595ab1a0384dd217105306c
fdffcd1a92a88cf374901faf2ec466c6d16c0baa8b1f92426a24424743b65ab4

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/spriteV4.png HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:54:18 GMT
ETag: "dacc-59293a1ec0280"
Accept-Ranges: bytes
Content-Length: 56012
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.woff

163.44.198.61

200 OK

75 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.woff
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
Web Open Font Format, CFF, length 74996, version 0.0\012- data
Size
75 kB (74996 bytes)
Hash
f079be3e96761bf618ea2a5b314eb014
2aad9b3d874cdd21ee8496738af5f5b94c7382a0
b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 09:06:50 GMT
ETag: "124f4-59293cebe9e80"
Accept-Ranges: bytes
Content-Length: 74996
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/favicon.ico

163.44.198.61

200 OK

318 B

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/img/favicon.ico
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
318 B (318 bytes)
Hash
ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/img/favicon.ico HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:19 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 08:12:02 GMT
ETag: "13e-592930ac3b880"
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.woff

163.44.198.61

200 OK

76 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.woff
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
Web Open Font Format, CFF, length 76236, version 0.0\012- data
Size
76 kB (76236 bytes)
Hash
3e7af4d251f183a9ea98bfd812016274
231ff1575fa3fdcde1fe985786c3622719653d8b
f33d4ed699473243d3304fb2ee9435043ead92e092e76c04656a6745cf00e8d4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-bold.woff HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:19 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 09:06:40 GMT
ETag: "129cc-59293ce260800"
Accept-Ranges: bytes
Content-Length: 76236
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff

cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.woff

163.44.198.61

200 OK

75 kB

URL HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.woff
IP
163.44.198.61:0
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

File type
Web Open Font Format, CFF, length 75420, version 0.0\012- data
Size
75 kB (75420 bytes)
Hash
52f5045b30343cd0e0a5acbd215a50e9
dc37d3ef1b5939ad6a5dfae601ae183c503095f2
f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /~cp120902/cgi/societegeneral/files/fonts/sourcesanspro-regular.woff HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp120902/cgi/societegeneral/files/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 09:43:18 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 09:07:02 GMT
ETag: "1269c-59293cf75b980"
Accept-Ranges: bytes
Content-Length: 75420
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (43)

URL HTTP/1.1