Report - beluxrepm.followme.fr/FolloWMe/login.php/

Report Overview

Submitted URL
beluxrepm.followme.fr/FolloWMe/login.php/
IP
46.105.38.139
ASN
#16276 OVH SAS
Submitted
2024-04-26 11:53:41
Access
public
Website Title
Followme
Final URL
beluxrepm.followme.fr/FolloWMe/login.php/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
112

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
beluxrepm.followme.fr	unknown	2013-09-20	2022-01-20	2024-03-28	36 kB	312 kB	46.105.38.139

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas
2024-04-04	medium	beluxrepm.followme.fr/	BNP Paribas

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	beluxrepm.followme.fr/FolloWMe/login.php/	325 B	2024-04-26	2024-04-26
Pretty URL beluxrepm.followme.fr/FolloWMe/login.php/ IP 46.105.38.139 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 13:53:42 Last Seen2024-04-26 13:53:42 Times Seen1 Hash e5c2f966a1ed0bd17748f6c81078600d abadb87f16450f8695fb23c9559137919f5afe20 4696c77f8784a52b58dc489f483c7ed86f65ec0584e60621bf76bc03f92598a9 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5c49a13beb0d2b74be541c4655686dda	107 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 13:53:42 Last Seen2024-04-26 13:53:42 Times Seen1 Hash 5c49a13beb0d2b74be541c4655686dda c6c3536d7cf9cfaaaaff7b5731cd947164331605 7f0b96bd8d90a68209cacc868f6934f1d27d99468d96563009d5c8c6a96c2c33 Loading...

HTTP Transactions (66)

URL IP Response Size

beluxrepm.followme.fr/FolloWMe/login.php/

46.105.38.139

200 OK

3.0 kB

URL User Request GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
6be5b53e0ddcd71fa1ef42cdfad1e382
44499da6f476c91976225c17a7efbbe1f9d7dd40
8a00295e10fe31723f7f08f443fccd7b0456641981c08990711d80bb982e3ced

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/ HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:14 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-uyqOofZRA+lbB6F6ThKzQ6IzAXU=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo; path=/; secure; HttpOnly
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/websocket/websocket.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/websocket/websocket.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
fde9362135de224f1a12bcbf688951be
c4ede65f31bb975d181973242fef49b21cf3a994
6900dbd76a97ec12cd0934961aa362b6bb6180c73478766a9b1d1892dd2a3c9c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/websocket/websocket.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-Mrreem8q+5VsxiyXWUyfY10naeo=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/font-awesome-animation.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/font-awesome-animation.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
a6b78a374d1efedd4bc38443df3e746c
741d51e04adc66b26d034243a259806eaba6474e
01e4e9d7f239264b18ca207bb1340c0960c5ab374608009e9da9b3268e716d26

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/font-awesome-animation.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-7AMnm2/sDivFD4P/srot8vb6hGI=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/dist/css/skins/skin-fm1.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/dist/css/skins/skin-fm1.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
43c058a782257613c1968e66f6a72ce6
4d364690a01749242ae53b56a6af9ed3a3bf2f35
ec61dec0b0c449e9eebdba1d212322c17a3bd20fdf178684f36f02dc4e3684ea

HTTP Headers

GET /FolloWMe/login.php/dist/css/skins/skin-fm1.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-YUktU406XVreUL963wZ180E+Y2Q=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/font-awesome.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/font-awesome.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
8e2c4a623ab2f6724662947d13d19341
75090f6bb773048a10aa0303cab162e7d96e52ae
d7aae3f431d90bf02572a9153ee0d24ab1e856f1001783e0765efeb7ca70c5de

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/font-awesome.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-Jde0eLLo9lWTIZKi78nAsQ9KJTQ=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/dist/css/AdminLTE.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/dist/css/AdminLTE.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
172f7a361bf963a64798516d60ad2baf
e73dd97af0fc269d60b199ff47716d87eeba8a5c
d125ff874996e58bbdbb302dfe4fe21a92db2810202c259ab66582a9a516683a

HTTP Headers

GET /FolloWMe/login.php/dist/css/AdminLTE.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-nmAxi+w9xwscPclNMc+dC67hwsM=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/plugins/bootstrap/3.4.1/css/bootstrap.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/plugins/bootstrap/3.4.1/css/bootstrap.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
5f9fc8ffed5b0b9b7ca9771d853acc38
1d5703c16eda5cca353a847d8c3ec6fb565f3037
f615139e5536e7435870a63d484efac4b09c05f4e233fa25b5d0a80e240c706f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/plugins/bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-jVf4gVofkQXaYAD8Z5K1YxT4MG4=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/index.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/index.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3044 bytes)
Hash
7f2963acfc73009bc77cc202fa1f0e88
30b95ef72b2358b6c2b8534f43211f2595cf03d8
83977577b77ae07b4d654c8ae44bd7dab9d1e10d5f1c86fb7a62a8bf4e11f61e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/index.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-sxvfn0tweiacuN5QhcEsUkedJpc=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3044
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/ckeditor5/build/ckeditor.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/ckeditor5/build/ckeditor.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
4a6be517b8228da746c010d0ec4c91c9
e0052f4dc00c207154ab049b07281712d2b48297
af3e53aa6168487024de70a03eb82ff3fe639b36882023440f3d4fc180dc0c4f

HTTP Headers

GET /FolloWMe/login.php/plugins/ckeditor5/build/ckeditor.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-bxmQt79RgF+aa+i1haDCXqtVBa4=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/animate.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/animate.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
c3003030b6761f082a68bb356efae715
55b48c0ebf33f74fe3f53cd95bdd97327b3319db
b9269524bac6797e540b844e5e14ef9f8aa004d39e937ddcad91c388a44f0911

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/animate.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-9Iin2yfwe+PQuNOoxdGzcsta1sQ=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/threedots.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/threedots.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
b5400085cf15ea2d162b5ddd1a5eda75
c621fa233340187a2a79b7925839d2a3b33de8c2
971bd3c094aa8da6342fe6919eb3cf6509b1638a4003bb5fdf4f3000ee9d25e6

HTTP Headers

GET /FolloWMe/login.php/lib/css/threedots.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-ALBHIUGt09vHN4lqfzRsOI2/FqY=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/loading.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/loading.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
f0bd1aa585c8566a04f8fd12ac66731b
54dd542a43736695042763022d5510953c5cabb7
16bd5fffe9f3e130aa4c3b5320d685c57eab9ac92ff4fa537c4637d92d528327

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/loading.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-EG8DqFB1xgiW+SwtdLYg+CntUi4=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/define_statesmission.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/define_statesmission.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
7f97ede2d5d06680ece23ccbfbc1c214
306c77528395dfef32ab8ff4b11e315be0deea61
1321a6cf83dd91ed769ba39c4fa3f5655daab7509445d22c79546decdeea813b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/define_statesmission.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-hnB/s7SEqwmCeEj90hbWspE9/wQ=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/plugins/bootstrap-select/1.13.14/css/bootstrap-select.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/plugins/bootstrap-select/1.13.14/css/bootstrap-select.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
cffdcaae8726d6e15be6f11b243b56ab
53567b1fdb8e886087817806d28ffc079a423a27
5795f93d52998482e855640c4873fe606a7c88fcf82fe1aaddc60f8c242fa7d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/plugins/bootstrap-select/1.13.14/css/bootstrap-select.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-YjgxK9iv5r9tPHIpNnuw+DOYtsI=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/define_events.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/define_events.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
1f5e6d3e0400bb445adb39cc24955b8e
209ce90fa7074949af476d5c2354ac8c9102e108
05515b7038e3a63d57186da4066bf87ddd0846ff3ea350cba4d0cfa24ab29f55

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/define_events.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-JEEj6UA/L9OBqZEKvO0aBbBYs3Y=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/datetimepicker/bootstrap-datetimepicker.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/datetimepicker/bootstrap-datetimepicker.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
4587c4eac81277cf05941c982f6ac07d
c462747bbf0913ce89fea63c49c61ca1bf8f08cd
acc995050a22ea302cb0fd5dca71f10a5f86bf8294767927a83d1e2819d5cf8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/datetimepicker/bootstrap-datetimepicker.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-5C3bj+LzygthkMd+qdF0WMvt6qY=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/timepicker/jquery.ui.timepicker.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/timepicker/jquery.ui.timepicker.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
fc3bb9d58102007336ee5484ec0b2292
055480b78b883c4190116d18297f9f6e98bd8234
4e7eb0d06da4fbfaad9127696450fd7a9b1d2d7f46e9dafb433d28fedbe2ffce

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/timepicker/jquery.ui.timepicker.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-enhwJDFXAtiHDN3AHLsQlU32Jzw=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/bootstrap-switch/bootstrap-switch.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/bootstrap-switch/bootstrap-switch.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
de1ff5c31722cc48ba4e79c215f6d894
099d4f458395251313567df44ae38e4c26e687e4
854939f0e0f644c53175aa3634358c304b62dd35b3631dd1a5f7b95b54ddc834

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/bootstrap-switch/bootstrap-switch.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-L6IbZ50B3qvov7gKjm6z3c1jjcs=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/daterangepicker/daterangepicker.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/daterangepicker/daterangepicker.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
6996907e9fcdc0cce3da3b6d9b422adf
fbb131885b58586d37fbf0b171eb427a68706cfb
aae9eb87ad7a4047cf81ee97fb5d667676945c1784bd1d65d136a8d197320318

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/daterangepicker/daterangepicker.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-NECdscijPPRCFc256uc2dRGJG6o=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/effects.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/effects.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
13db290e1220a5c02fb6b48d644d6da0
d4d09289bf0ed03fb39100559165649334e86cb1
83f08719b85b1554656fc34cdb80077373114ac6abaeabe00ab8eb1825bfa173

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/effects.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-6vlJMA6zsVRBt6rJKKEg56tQeuk=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/taggle/taggle.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/taggle/taggle.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
6e8001a22a9b2330a9b373b639d698ed
1f12daf88b5a25fee7002ab90851eca5dd93bb54
3863100eeff6001a41c61d5c7547ec8ab79790a90bca4888228584fd459d2e3c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/taggle/taggle.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-ftGNXRCrlK5JKt2NFqmM0yUjmW8=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/toggle/bootstrap-toggle.min.css

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/toggle/bootstrap-toggle.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
3fad5be062f046ddd39e9be92a8ead94
c778c5e73bb4b9f7e215e8e6e9b31868eab55324
6bac132cc6f69fe2d0d55e015e406f025ed34c4a89162c64cd9fe5e8a4ceab3f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/toggle/bootstrap-toggle.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-XDEATOwFgUYo6pDWXEijSCmkCQQ=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/IntlInputPhone/css/intlTelInput.min.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/IntlInputPhone/css/intlTelInput.min.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
6b8feed07829b16ee1d32cf0c6619bfc
0c9ced2781a7edc35d2138ab43c20f80cf7d7a03
dcad7fd953d317fecdcb084053ee54cb6a1d09d5bc11cd5862f0e0ef7b29c49f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/IntlInputPhone/css/intlTelInput.min.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-jie2DatnrtRpw8M1oIGMEV8Ktnc=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/blueimp-gallery/blueimp-gallery.min.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/blueimp-gallery/blueimp-gallery.min.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
ac89bc002e3906764a37dc8731aaf07a
93ba705e5e6b5f2b524c8138773347ed418378a2
73815af08c6d7efe95ddccb77d52990ffb70713728cf4b59861e6f25badaa262

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/blueimp-gallery/blueimp-gallery.min.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-v+KGpl1aovi17Tw0c6iJE/YN7Y0=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/ion.rangeslider/ion.rangeSlider.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/ion.rangeslider/ion.rangeSlider.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
e3f9d03f198a12781c567421a7f71777
b497a4301d8b2f053f55f110e3fb0509b6103a85
d4ad00e7700b9344a1bb724e2d4bef064ffeb860704994db85f0cb8e98f87512

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/ion.rangeslider/ion.rangeSlider.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-RLMswTRSOnMxCnRvov6HhIPynMk=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/star-rating/star-rating.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/star-rating/star-rating.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3043 bytes)
Hash
c77a2e76580f2d83773b3ee05b59d2c0
eb51f8887e29b621912af8eea62579b0dd2f242a
88dabf5f296aa9eab293c4093134502afc990ceb635f4c932011541a9f872a39

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/star-rating/star-rating.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-b4rs4MM4tzsOvSbvicu1D/Tq1n0=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3043
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/datatables/dataTables.bootstrap.css

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/datatables/dataTables.bootstrap.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
1b72a145a1eda8cbcd19ceff97d49117
2772ed977845a7af8ff1dacbdb499ee387c4ec9b
92be5433f6b39fdbd9d96c12ed4991b876d700057d073c9d49fa0ac5d209053c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/datatables/dataTables.bootstrap.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-g6EXU0YnMnEIozS7bCSJqL57Czg=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/fullcalendar/fullcalendar.min.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/fullcalendar/fullcalendar.min.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
7714dd8081a3b52fe37434e2eb406062
143f3eef92616a79a4ccf166289efddcf9639f73
66748c88cf3ed9e57d591c03c86a33a446b2aac459f742d89bd4e4517058a14c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/fullcalendar/fullcalendar.min.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-A7FuEKttmDaATPZOcOhvHkctLhs=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/leaflet/L.Icon.Pulse.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/leaflet/L.Icon.Pulse.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
31e7223b9eab75e94a1478eff2dfca5b
fb7fbb3ec2e9e214636f1ce0e12ffc031ab4245a
95431a5bf4965ef9188499cab8887332d7fbdd360517d1508d331171d4832b8d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/leaflet/L.Icon.Pulse.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-UfHeq+Q0JvISYklOIv0K8Ot8SbU=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/ion.rangeslider/ion.rangeSlider.skinHTML5.css

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/ion.rangeslider/ion.rangeSlider.skinHTML5.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
2a2e2be7e830078123d3f4882bb7a17b
d27de609c56161b7eec4d55aa911e19e85ac3b60
a2e6c440d03cccf315c02e27144dfcd5bf686a44364960323ecfb64d9a107a97

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/ion.rangeslider/ion.rangeSlider.skinHTML5.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-pd5LodGTy4QZJq5/IoxX0WVgWVw=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/jQueryFileUpload/css/jquery.fileupload-ui.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/jQueryFileUpload/css/jquery.fileupload-ui.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
7db97f1db3272b5380792d6a434692cd
388a2b1a74b134b421a437fd9f76bbadaa7bb1f1
c98f43422e7330c31ac7ceac59a0debcbd5fb5fa7b9f304e8fb041029b248281

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/jQueryFileUpload/css/jquery.fileupload-ui.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-F57YzGeHY3rRj1D8aqCAXgKlpe4=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/iCheck/all.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/iCheck/all.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
e2fd4fcc3788b4f131a797385dc68f02
228de2b9b9a1ed6401de2635c81dbb3edc7a0dcc
33b618bdb92dc174d5ddd04e1f2e16a088aa336314331edfffcd7293f401edef

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/iCheck/all.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-A29Q9CKPagPZhS/aZFqdWSYDbas=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/touchspin/jquery.bootstrap-touchspin.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/touchspin/jquery.bootstrap-touchspin.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
251d7287a9576e730f287698e6753edf
17edbd8196c282b3e853879d1e8b1e1f282359df
3ceca40225c825953f296ffe155371d71e1f38d7440b1ff1337b716d5cbb13ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/touchspin/jquery.bootstrap-touchspin.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-5N1woDZTz/5p2H3IRcvkhzYt3G8=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/leaflet/leaflet.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/leaflet/leaflet.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
9c72e29a060d494871d3853ac0250385
a163e0e34e543dc19620fc9d43619b4df08c3c04
b16f37ea3229ecbc931bdc0ede2e41aae2d5536445bbfaaca6f2ed18bfaf8d40

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/leaflet/leaflet.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-rx4Fn/ghg6f5D8QCfDKsjWU/IMU=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/selectize/selectize.css

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/selectize/selectize.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
d469830155b405719076fff5a121e759
471e75fb6c7326756d7c4f7b9a8f602d0d9771b1
21b520d0025c9a946e752516fc9a1d6f9f74d679741cd617e78576a297aaa3cd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/selectize/selectize.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-idBaNjhQQVqYGoAz33OkODqZMcM=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/jQueryFileUpload/css/jquery.fileupload.css

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/jQueryFileUpload/css/jquery.fileupload.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
2ff6a9320312016eca760c013131c129
20b9b4bbc932ebebed0f61f84189ef616a21f347
a997269242f4da41d8c48ab10f120d269b20bc335cbec9e63b158c5c33336b0a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/jQueryFileUpload/css/jquery.fileupload.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-GAn1+J7lAd6kg8NCHqXGgNZeWcQ=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/bootstrap-slider/slider.css

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/bootstrap-slider/slider.css
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
4ad683c245a07ed99aa2f6b1d36de2db
636170c431bfb7c2a17fbfe9346bd4e3ec4eaecf
de06e1317dffde98011b68f44e0bab84361f35b5e789303d32be4f108000a2c1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/bootstrap-slider/slider.css HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-PaaTD77MpgY0ZKrbefGsQKCxIdE=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/sites.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/sites.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
70f7dac6a67f68f28aa3d93eeb3e5563
6c9ef4a9fc23b203b9f9d927cbb44345df9e4d92
9c5e56f8df40f06237cf84a8151d2e7d6f55f5ebfab0f182323668ece9fe3d71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/sites.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-kCAKwEMdyqyfSGNB/y8SzBlakdA=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/missions.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/missions.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
620dba72b8a985c67b33e756dc00db46
fee304ca48557d7cd0e66915bc501cb1195a6cb2
d63371b5a9097c06bf8ceb3a4de5e14b4fae3d7a3819c799efdad8d991a44fbf

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/missions.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-Q8+vqYlOTtYIJgoJWwdIjFXieqU=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/filters.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/filters.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
8523f40abf506d07a0837ea97c69d8fb
ac36b8d83d827b0a531a665b2a0c7988cb6bb00a
cae26d679fe038e686aead0ca791f2055eab6619d0ac204816d254247cb892ea

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/filters.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-3udb7euyJTM8+z+DcJwC/OkxUWU=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMeShareDocs/societies/logos/beluxrepm.png?v=20240426135314

46.105.38.139

200 OK

10 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMeShareDocs/societies/logos/beluxrepm.png?v=20240426135314
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
PNG image data, 726 x 204, 8-bit/color RGBA, non-interlaced
Size
10 kB (10015 bytes)
Hash
64b4304845b379b2d39ab1dab92b3ff5
38aa865dd7507dd60339ebbcb80a05be2602507a
55c96ce78e28d16eb6546f3fd46d14c8399fc8617ba24246f047cb6acdb9af88

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMeShareDocs/societies/logos/beluxrepm.png?v=20240426135314 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
last-modified: Thu, 20 Jan 2022 09:50:12 GMT
accept-ranges: bytes
content-length: 10015
cache-control: max-age=2592000
expires: Sun, 26 May 2024 11:53:15 GMT
content-type: image/png
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/Encryption.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/Encryption.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
bc926ed22611f3772f9f66da00563edd
eedce19dbfe6352b2a8714744b8f8174bb3eab8f
395b5aceedd38f57cd6389c06960ee51a8cf498ae83ec0c27dcf8a0e36a32054

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/Encryption.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-8dmW1O8v9S+6M2nSBWMFdDhAdMg=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/faqs.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/faqs.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
e18ab54e624de9ac3a01c17c75aa0e15
f35635e77ab250e9bdf08d71630eb287bd5c2af9
5510109c6df72481553d1379f8524bba8ae0109f6030b13a95228648e8bb84bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/faqs.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-Zcw+5PuXIsbVDFfYnRQPZtrHzDY=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery.min.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery.min.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
508b16a97774013718feb7bc1d97aee0
8187c04d34c5d5c8e930c95fdd138cb4d0d420c2
38ce69bccf5b1d8fb3679d35a5a25672b95fc4480ebedb0e8fdfbafab452bfd2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/jQuery/jquery.min.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-HINF1pQftNSe2Yh1p62H026QS0c=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/individuals.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/individuals.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
dca534a5d12fc90a8d651940e79f283e
8aa3dfc3b474386b3687a9b903ba3781e859afd8
b8c96d0e7aace490f174081f680f3e66e7e6cbb1f2430c87109a126b83f4b57e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/individuals.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-Lim6GIdyPzqWY6MrfG5/3bWV/aE=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/bootstrap.min.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/bootstrap.min.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
e008683d91a30629f59b54c94c3bc275
5854702c6969ff6014b2914cfef2c34e81172758
2da0573119e5959b2b69a0c4124895ec48436d95f591afd49f2005bb78d0c054

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/bootstrap.min.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-xsS6fp1CGrI2N5ibmtlrfq0AFgQ=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/reactions/css/reaction.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/reactions/css/reaction.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
88971d23175c92b431046dadb7b6ce95
cac80fd979b54b4c81c2e3ece2e225b460425d86
cae5b0faacd624de6bbf96d0bd75792f493fc63f002c9aaf3e5a51558d6af738

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/reactions/css/reaction.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-qXj1KM4wex3t6ntxAJhaoOjzAKg=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/openai.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/openai.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
fa1d011527f7d5cec26ff391cab7ea00
c66b6b9146de1c3a3b33beb50dce40e51e16619a
1189cca918f8666842c5684692c72129be0875d6aa7e09f037a8558dbde217db

HTTP Headers

GET /FolloWMe/login.php/lib/css/openai.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-1Bfqyhlv/pgKsbMcyL1sZopKcUg=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/design2.0/design2.0.css?v=202404

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/design2.0/design2.0.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
c888ca744175336ab45a04cccc82b6cd
8c23ed4faf286e9308ef5339ecf5ea03cd132341
f3d9eb2390c52997d989bfeddddbb0e46390e384b052e1c7291e09392e600a2c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/design2.0/design2.0.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-gWKATQrADOnZRqxUHtUsZWLwx/Q=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/events.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/events.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
dabb848db71a62d447596f6325f1c271
a0df52857daddebe3b0525cb4af64d029129efc9
a8446d55b0f19565225fab330b9b267230d158218c9b77125a68cd6ff328577d

HTTP Headers

GET /FolloWMe/login.php/lib/css/events.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-ggrnCmAgaRS86Ld2cENUXzwGWTo=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/login.js?v=20240426135314

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/login.js?v=20240426135314
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
ecdf2f58bff6ad8c9b7f6758f16df442
f253b717a1d3ed0e334c4e2989e23f7b2638899a
d945413b0c4fb88ba514b030aadae2390df7c947598ebc1bd75a8f5fef5d52c9

HTTP Headers

GET /FolloWMe/login.php/lib/js/login.js?v=20240426135314 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-rLdAw0iOCzSebt9WX1vMem/yMUo=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/blogs.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/blogs.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
7ff5af6366088dbfa63417254d882013
3665b97a4abcce18b41902e1956e3746add4148b
94aa28dbafd6a733cf2dd0ace0db42afe485d819c90d28891927ba729da37805

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/css/blogs.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-CURL9VtegnWkjS8tMiPOoIe4uXo=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/ajax.js?v=20240426135314

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/ajax.js?v=20240426135314
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
ae012e5eb2d728769400ae2f9dd03ef1
1fb3c4f18a8d8392e47c7ad6c8de93d8cbcbd772
09cda6121899a03952bd1a566b0f618b16faa62054bba2caa3065a2f8ade0b1c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/ajax.js?v=20240426135314 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-k1CLfuaFoGo7IxQXZ1bGq4wksNc=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/reactions/php/reaction.php

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/reactions/php/reaction.php
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
7e518dff7e1424d602749ee037a0e54b
2ccfed7012322785296a1fb517c2b4cf867f3364
a56eb437081e3b64c5a09b5b704d23ae3ffb02397f8478c2e5f508eec8f81da1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/reactions/php/reaction.php HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-FVSYjalxBcXpS0GIY976zccGeI4=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/css/docs_manager.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/css/docs_manager.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
4c7cd7901801f2f154b1e4158c1f3620
0b8635c782873c11a5fdfe812b787b57164f544c
a0bdf144d4a0068f819c1784a2076c4b9332d4c20621109a86d67557886a4cb9

HTTP Headers

GET /FolloWMe/login.php/lib/css/docs_manager.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-zqzKaLsVu5l9HxBUJlPg3qg49ic=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/crypto-js.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/crypto-js.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3046 bytes)
Hash
6f1e443c23963407b962c8d993ef2278
800ac2ce6bc3d3b1fd82916b3f2a775eb8df1bc8
8f73f1bb2c3a43eea168a33014b50b698a5fb981fb3f52d1fc4987dc123e19a0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/crypto-js.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-Sy0GGMW/Xu05sBeWgc0/Ts/0dc4=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3046
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery-ui.min.js

46.105.38.139

200 OK

3.1 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery-ui.min.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.1 kB (3050 bytes)
Hash
83adcb5f2c552f22b5b0ff1938ca2b0d
7a0d791ff411ed9401e368e44aaebc81d78bcaca
d77028692eda064ae3b30a5725a229b3f9dd354d10819e87587ed6fcc08c87dd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/jQuery/jquery-ui.min.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-fejB5ZYhK8yQ8kZmpZRN9DhliJ8=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3050
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/Encryption.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/Encryption.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
0dab7684c548801e19e97dff4a4d75cc
a70e2b48655e449ca662fd85af76d4ff7ba9351b
32e830fee606fb9c1318dc92861bc654b9c9d2a9cf2374206e0a5d2cd1fc98ac

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/Encryption.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-EnOfZrE901XiQn6iIWrKzn0WjVY=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/plugins/fullcalendar/fullcalendar.print.min.css?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/plugins/fullcalendar/fullcalendar.print.min.css?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
f6a76b39f80dc36dffc669f7199b3bd3
f7b22c4a4f99472b1bfe63102da4ae17a23805f7
4c73bcd96487659735b59d1aa472d49f7505156638e8cd46e24d2113ffd8b6e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/plugins/fullcalendar/fullcalendar.print.min.css?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-bb9UnrKPOPGcs5qpz2Jdw6JjRWA=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery.min.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery.min.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
c150b07f6c3b672af7adf97c45a184ee
5dfeda2cfd71fef96b87645dd3313258530a1dde
bddc56ca526fb5b0e7e31b8882541fb0fd78850f2ab8b5607230e0fbeae3ea85

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/jQuery/jquery.min.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-5IDhTAhzJlSYM8bYM37tLkh1UaA=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery-ui.min.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/jQuery/jquery-ui.min.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
08b57412092ebf7d92efa8f84247d832
2db1b4c27ac8c55dec07ecbe06c1f3b29a00e9d4
f9386070237bad5b526f065531eba7c630dfffae1b7fe313af526b7a74ffa9ab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/jQuery/jquery-ui.min.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-SCe70Q7zJNMfyJ9paTJTg9lg1o8=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/bootstrap.min.js

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/bootstrap.min.js
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
9d77718a56c68f4ca945228cfba2bc12
76672e49c370415b6f3f02d67079a2d2174ec78c
c55fde437009322310aca8d02df0fd94c5d9407ffc4409ef4b884b77c308791b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/bootstrap.min.js HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-z6flch7nk4TUr5rEJp0SI8ODImg=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/translations/translations_catalog_en.js?v=202404

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/translations/translations_catalog_en.js?v=202404
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3049 bytes)
Hash
0c9f725ed81d911a1fdb8d7dde506709
46ae4f67c55c4fa4c8e5bc39590fbb2f0554b195
50803712c5cf0839d67f8e94dcadd9b31a33d4081dcd42ec093f311d8e413c4b

HTTP Headers

GET /FolloWMe/login.php/translations/translations_catalog_en.js?v=202404 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-YXX5NC6u0bH3zUpDOWtgTro2hUE=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3049
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/ajax.js?v=20240426135314

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/ajax.js?v=20240426135314
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3048 bytes)
Hash
ea99ff8ea3bad99deeeae44fbac51711
755856985895a2c484ece850c241ac892e9b7f91
3bb26da570ad00cc7faa11e73f2c6acf282138389c6f8b4164b7c1c54aa995fd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/lib/js/ajax.js?v=20240426135314 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-To9EP8EQDkyuAC6F4lnUCpCRB8w=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3048
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/lib/js/login.js?v=20240426135314

46.105.38.139

200 OK

3.0 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/lib/js/login.js?v=20240426135314
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
HTML document, ASCII text
Size
3.0 kB (3047 bytes)
Hash
d8c73477ed004d9c65493502b9bb5def
c0360b15c29dea220bb831affed9e2bbb1cdbeb1
78bfaff9ee82c3abefdec34e7ac9154a0463e2c01aeb75c6e0b20dab84e7bb9f

HTTP Headers

GET /FolloWMe/login.php/lib/js/login.js?v=20240426135314 HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-DvsMOKuXDhliO09Q7AQ4+4VakMs=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3047
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

beluxrepm.followme.fr/FolloWMe/login.php/favicon.png

46.105.38.139

200 OK

14 kB

URL GET HTTP/2
beluxrepm.followme.fr/FolloWMe/login.php/favicon.png
IP
46.105.38.139:443
ASN
#16276 OVH SAS

Requested by
https://beluxrepm.followme.fr/FolloWMe/login.php/
Certificate
IssuerLet's Encrypt
Subject*.followme.fr
FingerprintD4:D0:29:A9:63:95:E0:48:6A:B4:18:89:91:6B:A8:EA:FD:2D:E0:6C
ValidityWed, 10 Apr 2024 19:31:36 GMT - Tue, 09 Jul 2024 19:31:35 GMT

File type
gzip compressed data, from Unix
Size
14 kB (14482 bytes)
Hash
d52eb7d4b86794ac914a6e2aff10f37d
54cecd8fae4345e195b6775b8cafb6fd43bbe046
6aac0b5635d2ec4a79580bcb5276314176c445ac52635388e1927c18c670bbd8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BNP Paribas

HTTP Headers

GET /FolloWMe/login.php/favicon.png HTTP/1.1
Host: beluxrepm.followme.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://beluxrepm.followme.fr/FolloWMe/login.php/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ujno2n22g2c995n9nqs851fveo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Apr 2024 11:53:15 GMT
server: Apache
content-security-policy: default-src 'self';connect-src 'self' http: ws: ;script-src 'nonce-NUZXmuOkiQByPVJ+mNUFbMihzUE=' 'strict-dynamic' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com;media-src 'self' blob: https: data: ;img-src 'self' blob: https: data: ;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(*), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), layout-animations=(self), legacy-image-formats=(self), magnetometer=(self), microphone=(*), midi=(), notifications=(self), oversized-images=(self), payment=(), picture-in-picture=(), publickey-credentials-get=(), push=(self), speaker=(self), sync-xhr=(self), usb=(), vibrate=(), wake-lock=(self), xr-spatial-tracking=()
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (66)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type