| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 | 162.241.217.21 | 200 OK | 6.1 kB |
URL User Request GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (467), with CRLF line terminators Hashe852c9107f317a43719a1df6e3d8bf8a 1e370961f99b466b4d0b55ea52b13a626d5c4a41 1ea6e69b2c59b4c6fe2116553bbfd678a27a24c19ac52db043b87845afce3623
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 10:40:47 GMT
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
content-length: 6075
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
set-cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877; path=/
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js | 104.17.24.14 | 200 OK | 3.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js IP104.17.24.14:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (542) Hashcc290e6c3aeecf5021dd82ad8df2512a fb983aecd3940e8ebbfe5e74c8099cee9223c957 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
GET /ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 10:40:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 3074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-2087"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1140608
expires: Mon, 14 Apr 2025 10:40:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zIU9B19eAFsDbC7cvMHhBkBV1q3QFfZy2iPZ7mCcfJkSavqLWyh31iMsF5dW8SkAQq132l12Ry3DooIGcp1zTPnmZK%2Fy7q3laF5uUkoDVLKTQSI0adPC8HZNXHyGd77rT9h6k1l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87957a2c5cb75691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js | 104.17.24.14 | 200 OK | 418 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/js/all.min.js IP104.17.24.14:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65317) Size418 kB (418541 bytes) Hashd5beb8fa265f90be5ccadd6b32b8672f 7bdc23c06b51e7e42c05de486680a3c18aa5ce5a 6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
GET /ajax/libs/font-awesome/6.2.0/js/all.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 10:40:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 418541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-662ed"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 751905
expires: Mon, 14 Apr 2025 10:40:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pyu5LDfPS1Vx0geFf8XJsrFF2gkwIDJyTEwBGdvxMAvN%2BZtJwozHRnK21cfMKBLLzCPiZLquyhq3vLRitpu4DR53sbToTd0qbRR9XpXLLulkeCTPTXPRBrSAzQGMaHoKbPXkWhyh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87957a2c5cb95691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css | 151.101.193.229 | 200 OK | 25 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css IP151.101.193.229:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65306) Hashabe91756d18b7cd60871a2f47c1e8192 7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 10:40:48 GMT
age: 27478488
x-served-by: cache-fra-eddf8230097-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.1.min.js | 151.101.130.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.1.min.js IP151.101.130.137:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15e40"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 10:40:48 GMT
age: 14571734
x-served-by: cache-lga13629-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 11, 276675
x-timer: S1713955248.124772,VS0,VE0
vary: Accept-Encoding
content-length: 30957
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/css/style.css | 162.241.217.21 | 200 OK | 3.4 kB |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/css/style.css IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeASCII text, with very long lines (13602), with CRLF line terminators Hash40b17062b9cda861703bda1a57b5750b 7c06b323958c1f9e2163c8c5f0b176316883775a b40699bc5bc3f28b10cb7f4fdd8240e1609535e2a1e9d49d98e0e3d3e5d4f2cd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/css/style.css HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 11:16:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 24 May 2024 10:40:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3416
content-type: text/css
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js | 151.101.193.229 | 200 OK | 24 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP151.101.193.229:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 10:40:48 GMT
age: 169830
x-served-by: cache-fra-eddf8230080-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/css/helpers.css | 162.241.217.21 | 200 OK | 5.6 kB |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/css/helpers.css IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeASCII text, with very long lines (41897), with CRLF line terminators Hash726c60fc192383fbcf04e19677ad0959 e2e966c2b6164806392449ced617227c27d36ab8 1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/css/helpers.css HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 24 May 2024 10:40:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5552
content-type: text/css
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/new-account.png | 162.241.217.21 | 200 OK | 2.5 kB |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/new-account.png IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typePNG image data, 171 x 44, 8-bit/color RGB, non-interlaced Hashb622349d9f97e5c39d581e873857edf2 a37280d3e63eb4cf4ae734f2e08e5dd61025bb80 12151d5190ac2f09ed928c16b833c8f4ab3daab155cf9c7c00fcd2466b6012bd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/new-account.png HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:58 GMT
accept-ranges: bytes
content-length: 2487
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/remember.jpg | 162.241.217.21 | 200 OK | 3.3 kB |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/remember.jpg IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:41:22], baseline, precision 8, 232x26, components 3 Hash749caf8b2ee7d53e19e9aefc264f1edd 6e47816ee429dce1b7bc90d3c4e7077f7717abef 523f01e171ebf63770e025487bdcfe986841d4ec2da50c1486d2632066eacd5f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/remember.jpg HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:58 GMT
accept-ranges: bytes
content-length: 3349
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/valider.png | 162.241.217.21 | 200 OK | 1.8 kB |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/valider.png IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typePNG image data, 230 x 44, 8-bit/color RGB, non-interlaced Hash25513691f92b8ccb0190e5c2dfbb48e9 d5251fab777fe48e33cd5fdd59467b7a0af7acd7 23882f29cd743d1e0058ac22d2a791196952dab003f83df83d186e94b175119d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/valider.png HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:58 GMT
accept-ranges: bytes
content-length: 1808
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/comments.png | 162.241.217.21 | 200 OK | 783 B |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/comments.png IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typePNG image data, 37 x 30, 8-bit/color RGB, non-interlaced Hash070453f410cd3a6b918b37950f9e80ce 013f9ece6eb2430d8b6ed86638f614548c3e10ad ed956ce0d8100ac843bf85fb49362ccad13c98bbecdb24768968dc8deff6d6e0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/comments.png HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:56 GMT
accept-ranges: bytes
content-length: 783
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/marker.png | 162.241.217.21 | 200 OK | 675 B |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/marker.png IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typePNG image data, 25 x 31, 8-bit/color RGB, non-interlaced Hash0817bcebab16317cc84aa572ecf2aa8e 3917cd28d2528d286dad78bae8151a56cce9b919 aa39a33b5032c599052363d19ada053b116b2b8185e58cce440178f62b3bd82a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/marker.png HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:58 GMT
accept-ranges: bytes
content-length: 675
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/arrow.png | 162.241.217.21 | 200 OK | 199 B |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/arrow.png IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typePNG image data, 8 x 9, 8-bit/color RGB, non-interlaced Hashc50af955c72395d40f3e756bbbdf9204 c7f44da7e825a94b7fab77950b93abd2fcd29fb4 034d52b5025461d4dc4786e7a4047e6ddddb023cd8ded716dc3ae55ed9fc1781
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/arrow.png HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:56 GMT
accept-ranges: bytes
content-length: 199
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/footer-logo.svg | 162.241.217.21 | 200 OK | 3.0 kB |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/footer-logo.svg IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeSVG Scalable Vector Graphics image Hasha4905efc552b898322c256cb4d4f55c3 6ca6d615b2ebe329819a0338879c1d206ad0b90b 4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/footer-logo.svg HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:58 GMT
accept-ranges: bytes
content-length: 3042
cache-control: max-age=21600
expires: Wed, 24 Apr 2024 16:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/js/js.js | 162.241.217.21 | 200 OK | 865 B |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/js/js.js IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash748d58197b2649d37fc3bf10b1286de7 ef1eb236d8c106fba7d42d9c43ded0c2a9816b19 6eb8324a41fa9968ca906042e4f540884ea84bbb93d7f2d7d94dfdca944d9d02
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/js/js.js HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 08:05:58 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Wed, 24 Apr 2024 16:40:48 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 865
content-type: application/javascript
date: Wed, 24 Apr 2024 10:40:48 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meh.lsw.mybluehost.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 547548
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meh.lsw.mybluehost.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 547548
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meh.lsw.mybluehost.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 547548
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/ff.ico | 162.241.217.21 | 200 OK | 318 B |
URL GET HTTP/2meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/media/imgs/ff.ico IP162.241.217.21:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerLet's Encrypt Subjectwww.meh.lsw.mybluehost.me Fingerprint5A:CA:61:2E:B2:48:F3:1A:92:F1:FE:40:B8:8E:EF:4B:61:F9:99:8B ValidityThu, 04 Apr 2024 21:19:16 GMT - Wed, 03 Jul 2024 21:19:15 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors Hashca10c09aeaf43460d3760f50c608eb51 f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Societe Generale |
GET /.well-known/FR/societefrance/auth/media/imgs/ff.ico HTTP/1.1
Host: meh.lsw.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615
Cookie: PHPSESSID=53af98e60d09f5a1e41fd7af5e19f877
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 10:40:48 GMT
server: nginx/1.21.6
content-type: image/x-icon
content-length: 318
last-modified: Fri, 27 Jan 2023 08:05:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000
expires: Thu, 24 Apr 2025 10:40:48 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-newfold-cache-level: 2
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap | 142.250.74.106 | 200 OK | 18 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap IP142.250.74.106:443
Requested byhttps://meh.lsw.mybluehost.me/.well-known/FR/societefrance/auth/g9GHv2/login.php?id=31126615 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hash71b2730c1cecf7a0768725bd944422c5 8dfa323cb988538bce8556a99bb5bd556e3593d1 851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meh.lsw.mybluehost.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 10:40:48 GMT
date: Wed, 24 Apr 2024 10:40:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|