Report - reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

Report Overview

Submitted URL
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/
IP
103.53.43.196
ASN
#394695 PUBLIC-DOMAIN-REGISTRY
Submitted
2023-01-30 12:39:14
Access
Website Title
Final URL
Tags
societe_generale financial phishing
urlquery detections
Phishing - Societe Generale

Detections

urlquery
37
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
reachclicks.net	112386	2018-12-17T22:47:27Z	2023-02-27T03:47:47Z	8.9 kB	523 kB	103.53.43.196
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.148.77.40
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-30 12:39:18	medium	103.53.43.196	Client IP	ET INFO 404 Response with Javascript Variable in Page
2023-01-30 12:39:23	medium	103.53.43.196	Client IP	ET INFO 404 Response with Javascript Variable in Page
2023-01-30 12:39:23	medium	103.53.43.196	Client IP	ET INFO 404 Response with Javascript Variable in Page

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js	88 kB	2023-03-07	2024-04-20
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-20 02:23:56 Times Seen95067 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 02:53:59 Times Seen36969313 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js	488 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen756 Hash cd884ffdf1f759fbdeaae54b636288d4 450ea313a0b4b250024abd0935c1f59617841134 f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js	1.3 MB	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/js.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen553 Hash 6e6c70c409456c23a09d9adbce8d2e80 0f50b6f4f4555c31e8f832b446cda4996acb4460 3957ed7a4d5b5f5c36fe0872fbc2f619b8d2d0094b134dd65d1ebd6f3352847b Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	243 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/ IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen376 Hash 71d19f7fe5d2135f268f61647dc03988 1e25ed11489509b55de05241a48d728969493458 5e5eaf8632a7264aaa23953240629b96a0709d13b1091fc9763970c2dd8a02ce Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	483 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/ IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen374 Hash d4e17ac95f6499091f5567792887b0fe 605112c6edb9f3f3aa27108cb32230deedbac7d2 e02463ed16a3d8b83b06cbc206098817ba44827c535b8a3971b78ccdb327abff Loading...

	reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/	303 B	2023-03-07	2024-04-09
Pretty URL reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/ IP 103.53.43.196 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen371 Hash df4d122557c68345696b953efe9e8f1d 664b2317e9984afa6eadd6ad13bf90b92b1e8d31 e082f41c3e3feb3e3d50eb92d57a6f04b702744fbc401dca0fdd749808e70f8c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-20 00:26:13 Times Seen347751 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 81506f6c9b74db893b121a759da430d7	1.0 kB	2023-03-07	2024-04-09
Pretty Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-09 17:54:49 Times Seen431 Hash 81506f6c9b74db893b121a759da430d7 2d4226d3b0de0217029bc6113d7489f398b5a4be a49959becff3155c2f2c2ba4684dfecdf77e055678880cbddac3c81eba11fe3c Loading...

HTTP Transactions (42)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15887
Expires: Mon, 30 Jan 2023 17:03:50 GMT
Date: Mon, 30 Jan 2023 12:39:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5014
Expires: Mon, 30 Jan 2023 14:02:37 GMT
Date: Mon, 30 Jan 2023 12:39:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 11:43:11 GMT
content-type: application/json
age: 3352
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4257
Expires: Mon, 30 Jan 2023 13:50:00 GMT
Date: Mon, 30 Jan 2023 12:39:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: St5g7+mkjactOrb3es0m9alhDDNyIhLpdQvp6zMruQuPZopfVs/HSJV46wwgMaenp30/ygDXCVE=
x-amz-request-id: ZX7J4S9QA6S07VVY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 12:21:47 GMT
age: 1036
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:39:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

103.53.43.196

200 OK

6.1 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (519)
Size
6.1 kB (6104 bytes)
Hash
4d746125f6587999980db1dbae791269
27fc5730a23e6bac4b1785fdd200ab573d83280b
f491619f309fbeea707c6a6d73c8024b6a2a49102b3fd1a729d049ad9ba08560

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/ HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:03 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Content-Length: 6104
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: MISS

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css

103.53.43.196

200 OK

319 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
319 B (319 bytes)
Hash
f40ddb3cf4b4ff6d2d4077b47d42867f
cc0bd85164b085b6dc17450107cbeb25dc562270
fa63c74bd568e45d82556fd70dbdfb05aa7241af3f61ebe9b8d5c66aae35bf08

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:39:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 319
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 11:49:04 GMT
age: 3000
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js

103.53.43.196

200 OK

248 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
248 B (248 bytes)
Hash
2b37ba4f0ac6c923da2dae3441653e1f
a64e64220c5f2058a99b84869115284e672df1db
b7679f70c6fbcd358d0e7aed87ea3a8e69e663e6ac54341f4380a094498bddd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/rules.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 16 Sep 2019 03:43:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 248
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14654
Expires: Mon, 30 Jan 2023 16:43:18 GMT
Date: Mon, 30 Jan 2023 12:39:04 GMT
Connection: keep-alive

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css

103.53.43.196

200 OK

62 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (310), with CRLF line terminators
Size
62 kB (62249 bytes)
Hash
6ff6101cc135015a6b371df91be8e894
cb3452098b74f26cf02e46dfcdc8a0dd9f9d3d78
913cf58bff29ca66b25c012885f4bcb062d9ecdfdc58f51a211b86df8bbae769

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 17 Sep 2019 00:30:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/inbenta.css

103.53.43.196

200 OK

26 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/inbenta.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65307)
Size
26 kB (26546 bytes)
Hash
0fb388c78469421ee56ae9246214a376
bc4415827087c7a70eba44d7cd7efebc7aa485c4
99897b3721f6a658e44cd0f0dde7b58f95d77ae48fb21bc0a2ef49ff8c0300e5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/inbenta.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 15 Sep 2019 21:06:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js

103.53.43.196

200 OK

39 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65451)
Size
39 kB (38667 bytes)
Hash
efac5ec08a294b9719fa79a8452f93a2
58475b2c269b29313c16c3ee9a9e8a9bc6e80097
1d2a26f8aaf3ff0298a942711bf9b01dc2aef45e955031ec7935ca76549afc83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Last-Modified: Mon, 16 Sep 2019 00:07:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js

103.53.43.196

200 OK

31 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (33165)
Size
31 kB (30725 bytes)
Hash
b64e963dda60bc74bf01475034e52f9a
0ed71f50c34d4327eabb7afc99f61e658d1a4d39
d8c98fcd5fa600fbc895295949124990c2322fa60f5f8d90f45a799b2117cc7a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/js/jquery2.js HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 24 Aug 2017 12:46:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

push.services.mozilla.com/

54.148.77.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.77.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8GDJH3oAO2LThnv2unimGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vprq8L6DL2pO39ADgZx6K1l7a3w=

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

103.53.43.196

200 OK

46 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1330), with CRLF line terminators
Size
46 kB (45563 bytes)
Hash
c5952620bf3917f0c4c7d93294009340
4de304c08ac6d237efb72aa042d9dc9f6cf09949
8be877da1318cf3b7e82617aea60776ec3c771dbdc3c6905a6e068b2b86d1483

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 16 Sep 2019 04:13:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-muet.svg

103.53.43.196

200 OK

402 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-muet.svg
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
402 B (402 bytes)
Hash
392bde7f3217782d2f98bff1db922a9c
ce2e5b3a064e2dfa92039cc1caa37d8c6d3e144f
38f90a05ed700e9adb2b37d23337eee3be2c658bdb1f38f258c15920b36d1676

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-muet.svg HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:05 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:06:12 GMT
Accept-Ranges: bytes
Content-Length: 402
Content-Type: image/svg+xml

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/print_20190320190559.min.css

103.53.43.196

200 OK

969 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/print_20190320190559.min.css
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (3067), with no line terminators
Size
969 B (969 bytes)
Hash
eac7dfcfbffb9a227f7f9e423d487fcb
3ea61c656a668925d8793684d6d6377ce81edc9f
2e34da33fda618bbe150ab52fe51e169b4d9e8881f30a0681091c07efb16309a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/css/print_20190320190559.min.css HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:05 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:06:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 969
Content-Type: text/css

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg.svg

103.53.43.196

200 OK

2.7 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg.svg
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2331), with CRLF line terminators
Size
2.7 kB (2666 bytes)
Hash
10e841a89a9c667fa6b17ea44c60529e
c65e827b075418de2a04d59a29fd7875921f52ef
2e19511d9133c826bfd5555070b89ac5cb3d108828b9e49c72d2d3ddbcbfe9ab

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg.svg HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:05 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:06:12 GMT
Accept-Ranges: bytes
Content-Length: 2666
Content-Type: image/svg+xml

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-seul.svg

103.53.43.196

200 OK

3.0 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-seul.svg
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1433), with CRLF line terminators
Size
3.0 kB (3042 bytes)
Hash
a4905efc552b898322c256cb4d4f55c3
6ca6d615b2ebe329819a0338879c1d206ad0b90b
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/logo-sg-seul.svg HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:05 GMT
Server: Apache
Last-Modified: Sat, 11 Apr 2020 11:33:32 GMT
Accept-Ranges: bytes
Content-Length: 3042
Content-Type: image/svg+xml

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/gen_ui.png

103.53.43.196

200 OK

6.4 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/gen_ui.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6380 bytes)
Hash
f5f55947733314117f1109f93f826b5f
394e87fcb82200b9c108182bdc761dc6aa016467
c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/gen_ui.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:05 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:50:06 GMT
Accept-Ranges: bytes
Content-Length: 6380
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8389
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:39:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8389
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:39:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8389
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:39:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8389
Expires: Mon, 30 Jan 2023 14:58:55 GMT
Date: Mon, 30 Jan 2023 12:39:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 53264
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7333 bytes)
Hash
01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: 7563c72f-e40d-4e96-a73f-8aa404ae0b25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFK8IAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-7eb009311701187873f05b20;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -npeyE-5ETAaI6cs7oewWxVe4ZUrtmhvCNC4tMWT_3ab3hZ3tw060w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 53264
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10997 bytes)
Hash
65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 52209
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7538 bytes)
Hash
131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyA7JoIHpcBuMaoGjSH3XdUZ0PmHYITS4606WbOLHitdOmLbIPpxJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 15:39:26 GMT
age: 75580
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 51549
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 52779
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/trame.png

103.53.43.196

200 OK

208 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/trame.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
f9dc6373846a99bfe761d3427d50632d
685843d14882374bcf6b0798ab60bbecc84567a8
d41b3311daa52ffdfb112169926c6b68fee615ea6c72abac25fa1dbe799131d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/trame.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/index_20190723161948.min.css

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:47:34 GMT
Accept-Ranges: bytes
Content-Length: 208
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/new_sprite.png

103.53.43.196

200 OK

10 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/new_sprite.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 312 x 104, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (9961 bytes)
Hash
675d3d69bb78ed155d9d443bef4cccd8
8266846da238de6218a75a11744f35f821baff74
0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/new_sprite.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:54:28 GMT
Accept-Ranges: bytes
Content-Length: 9961
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.eot

103.53.43.196

404 Not Found

355 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.eot
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO 404 Response with Javascript Variable in Page

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.eot HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 404 Not Found
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 355
Last-Modified: Thu, 20 May 2021 09:45:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.eot

103.53.43.196

404 Not Found

355 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.eot
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO 404 Response with Javascript Variable in Page

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.eot HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 404 Not Found
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 355
Last-Modified: Thu, 20 May 2021 09:45:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/spriteV4.png

103.53.43.196

200 OK

56 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/spriteV4.png
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 880 x 650, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (56012 bytes)
Hash
2489b1de4b742de1d025c2751296143e
ca790ae20b4603ce6595ab1a0384dd217105306c
fdffcd1a92a88cf374901faf2ec466c6d16c0baa8b1f92426a24424743b65ab4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/spriteV4.png HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 21:54:18 GMT
Accept-Ranges: bytes
Content-Length: 56012
Content-Type: image/png

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.eot

103.53.43.196

404 Not Found

355 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.eot
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
355 B (355 bytes)
Hash
cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO 404 Response with Javascript Variable in Page

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.eot HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 404 Not Found
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: nginx/1.17.6
Content-Type: text/html
Content-Length: 355
Last-Modified: Thu, 20 May 2021 09:45:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.woff

103.53.43.196

200 OK

75 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.woff
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 75420, version 0.0\012- data
Size
75 kB (75420 bytes)
Hash
52f5045b30343cd0e0a5acbd215a50e9
dc37d3ef1b5939ad6a5dfae601ae183c503095f2
f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-regular.woff HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 22:07:02 GMT
Accept-Ranges: bytes
Content-Length: 75420
Content-Type: font/woff

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.woff

103.53.43.196

200 OK

75 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.woff
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 74996, version 0.0\012- data
Size
75 kB (74996 bytes)
Hash
f079be3e96761bf618ea2a5b314eb014
2aad9b3d874cdd21ee8496738af5f5b94c7382a0
b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 22:06:50 GMT
Accept-Ranges: bytes
Content-Length: 74996
Content-Type: font/woff

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.woff

103.53.43.196

200 OK

76 kB

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.woff
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format, CFF, length 76236, version 0.0\012- data
Size
76 kB (76236 bytes)
Hash
3e7af4d251f183a9ea98bfd812016274
231ff1575fa3fdcde1fe985786c3622719653d8b
f33d4ed699473243d3304fb2ee9435043ead92e092e76c04656a6745cf00e8d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/fonts/sourcesanspro-bold.woff HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/css/style.css

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: Apache
Last-Modified: Sun, 15 Sep 2019 22:06:40 GMT
Accept-Ranges: bytes
Content-Length: 76236
Content-Type: font/woff

reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/favicon.ico

103.53.43.196

200 OK

318 B

URL HTTP/1.1
reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/files/img/favicon.ico
IP
103.53.43.196:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
318 B (318 bytes)
Hash
ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /sg/SGFRfAICH/SGFRAICH/cv4/files/img/favicon.ico HTTP/1.1
Host: reachclicks.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://reachclicks.net/sg/SGFRfAICH/SGFRAICH/cv4/

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 12:39:06 GMT
Server: nginx/1.17.6
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Sun, 15 Sep 2019 21:12:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Mon, 06 Feb 2023 12:39:06 GMT
X-Server-Cache: true
X-Proxy-Cache: MISS

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (42)

URL HTTP/1.1

IP

ASN