200 OK 24 kB URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11078)
Hash 47166857070c36eb0161b06c1b1e7133
66d099ab3ae8aade8e586340c2265177109c25ea
47113241d653b54ef79d5bbc2a026fb1db56346a6744709dd9dce1cd1e210ffa
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
OpenPhish phishing La Banque postale
GET / HTTP/1.1
Host: cp78099.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 06 Nov 2023 13:10:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=1e74c9798e4cc15f48a3412c82b7e839; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
cp78099.tw1.ru/xzaz/jquery.min.js
200 OK 31 kB URL GET HTTP/1.1 cp78099.tw1.ru/xzaz/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
OpenPhish phishing La Banque postale
GET /xzaz/jquery.min.js HTTP/1.1
Host: cp78099.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cp78099.tw1.ru/
Cookie: PHPSESSID=1e74c9798e4cc15f48a3412c82b7e839
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 06 Nov 2023 13:10:54 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 03 Nov 2023 18:17:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6545392e-15850"
Expires: Tue, 05 Nov 2024 13:10:54 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
200 OK 32 kB URL GET HTTP/1.1 www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
IP
Certificate IssuerDigiCert Inc
Subjectwww.labanquepostale.fr
Fingerprint27:33:FE:30:05:4C:E9:FA:BA:94:E1:C1:89:D4:13:59:56:D7:4B:C6
ValidityMon, 05 Jun 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash 7ba707462d0d48589c1aedad480e55eb
553208fa505cbb2db40dd5783b05ca8a60376d93
3d9fc958c9f0d40d59c3ba0fed9130428bb540425ca4930cb4dd02d0dbf7c824
GET /etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png HTTP/1.1
Host: www.labanquepostale.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cp78099.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 06 Nov 2023 13:10:54 GMT
X-Dispatcher: dispatcher
X-Vhost: publish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Nov 2023 12:00:11 GMT
ETag: "34b3d-6097a98995126"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Cache-Control: max-age=60, public
Keep-Alive: timeout=5, max=41
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Set-Cookie: lbp_csid=NKa4aC4L0TNBMIsMYS1yHYCLRHB9qoPmqM/BLpdy6Yo=; Path=/; Domain=labanquepostale.fr; Secure; Expires=Sat, 04-May-2024 13:10:54 GMT; Httponly; SameSite=None
TS01ab80cb=01ecff8ec1e2ae3030c511db014ec72e55f6e96e69e21539980125591819c869f17e1383b57a11f60a50cb005dce86bf5ac1b7ea5c; Path=/; Secure; HTTPOnly
TS01c8070a=01ecff8ec1b72ca281ca4c6aa3bd991c2ce84a8d62e21539980125591819c869f17e1383b59639061e0cebd6030383b543ceeb0d07ef7d43c5d40627fdcaddc881cd2517d3; path=/; domain=labanquepostale.fr; HTTPonly; Secure
Content-Encoding: deflate
Content-Length: 31723
aqua-e.it//tools/htbnposta/b.css
200 OK 46 kB URL GET HTTP/2 aqua-e.it//tools/htbnposta/b.css
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3D:D1:2F:2C:2E:25:A0:24:D3:F8:40:15:56:AF:C7:D6:D3:DE:59:98
ValiditySat, 11 Mar 2023 00:00:00 GMT - Sat, 09 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 18ee03d97e307e5613c9a9f6b3992791
343ea88f5608173fe680ef6f894d61e07561cd94
8bb31c6c96080e30206dcbbe492b39d250011166b8fc63ea27a74190fad98542
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
GET //tools/htbnposta/b.css HTTP/1.1
Host: aqua-e.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cp78099.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Nov 2023 13:10:54 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 13:29:17 GMT
etag: W/"37c04-5e1f5350fe8de"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTL0STaEKjXh6qaZhOuZn%2BvL%2Ba9lxaCZCdC40aBJRTIzu6HIfCYQynhG7qAuzSbA%2FLtw2QSlFGrFp293Pqjm6GR%2FXcvhXL%2BvGm4W%2BIHnMk0vHhWiuy73MVik4Gc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 821d944e6b905699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
200 OK 8.7 kB URL GET HTTP/1.1 www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
IP
Certificate IssuerDigiCert Inc
Subjectwww.labanquepostale.fr
Fingerprint27:33:FE:30:05:4C:E9:FA:BA:94:E1:C1:89:D4:13:59:56:D7:4B:C6
ValidityMon, 05 Jun 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d0d8d8eab03bada9a2ed197e727681e
7a4e52059e11b4784fab81e8e3989cd5945e7007
c6573f8959e56e6a621715af791a527f3da7dc0c1abd9377b83f991ccc85a91c
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
GET /etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png HTTP/1.1
Host: www.labanquepostale.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cp78099.tw1.ru/
Cookie: lbp_csid=NKa4aC4L0TNBMIsMYS1yHYCLRHB9qoPmqM/BLpdy6Yo=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Dispatcher: dispatcher
X-Vhost: publish
Cache-Control: max-age=31536000, public
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Apr 2022 12:25:01 GMT
ETag: "21d8-5dc0f91208140"
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Type: image/png
Connection: Keep-Alive
Date: Mon, 06 Nov 2023 13:10:55 GMT
Age: 1
Content-Length: 8664
188.225.40.140
185.16.252.161
104.21.59.129