Report - 111e371.netsolhost.com/

Report Overview

Visited public
2024-09-29 07:51:29
Tags
government tax france phishing
Submit Tags
URL
111e371.netsolhost.com/
Finishing URL
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
IP / ASN
206.188.192.34
#19871 NETWORK-SOLUTIONS-HOSTING
Title
Particuliers | authentification
Phishing - France Tax Agency

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
111e371.netsolhost.com	unknown	unknown	No data	No data	12 kB	81 kB	206.188.192.34
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-09-27 18:15:34	650 B	1.4 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-09-28 11:43:41	566 B	20 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-28 11:00:58	455 B	6.4 kB	142.250.74.106
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-27 18:12:10	327 B	888 B	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/	ScriptElement	710 B	2023-03-07	2025-03-04
Pretty URL 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/ IP 206.188.192.34 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:24 Last Seen2025-03-04 17:24 Times Seen525 Hash 6da2330e50018148f42e1fb7e8e47dad 28ac7ea3559965a806655018c2cc8a1e6bf6d1c7 18cd7a93a7612b222b9832b318e83b9f0a35895d3167742c6fdd57ae2af77306 Loading...

	111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/	ScriptElement	6.8 kB	2023-03-07	2025-03-04
Pretty URL 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/ IP 206.188.192.34 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:24 Last Seen2025-03-04 17:24 Times Seen525 Hash 9f371c89d17e7ad05e1ce67882eb0fda 9c16ec6fd92046ee68576d4fd3e00be78fd2ac31 b166a16c30827716afa9ed6c6f3fc7077cf6baf80bf8e6e6c539a956ef16f961 Loading...

	111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/	ScriptElement	381 B	2023-03-07	2025-03-04
Pretty URL 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/ IP 206.188.192.34 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:24 Last Seen2025-03-04 17:24 Times Seen525 Hash f5b59d10829e9edbb8218fcc82b7d2a7 c46956ffbc3dcd365bdb84169ec0a413be480e41 548daef0d8939fae1cdcaf43b06abf565c2f43fa637b9ae905f841218fe4cfbf Loading...

	111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/	ScriptElement	4.4 kB	2023-04-19	2025-03-04
Pretty URL 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/ IP 206.188.192.34 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 23:36 Last Seen2025-03-04 17:24 Times Seen525 Hash 067b9b1b29e53e986844ba5cd5963c18 bb29266fb6313dcab39fef5f7e1bcfadf5fb27d5 3bbea63d4981c67f90092e680a01716d4bcba035ab17940cdb03d53c3232687e Loading...

HTTP Transactions (28)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
beb9514dd5039f056420be97de2e8462
84d707ea13f9ebd73282b46ca1907bf273e8b441
aca60b59444da84471fdcaa5ee39b4f93b50ec54cc3c4056646a89b4b632bf3e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "ACA60B59444DA84471FDCAA5EE39B4F93B50EC54CC3C4056646A89B4B632BF3E"
Last-Modified: Sat, 28 Sep 2024 18:50:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17878
Expires: Sun, 29 Sep 2024 12:48:57 GMT
Date: Sun, 29 Sep 2024 07:50:59 GMT
Connection: keep-alive

GET 111e371.netsolhost.com/

206.188.192.34

302 Found

0 B

URL User Request GET HTTP/1.1
111e371.netsolhost.com/
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET / HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:50:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
location: service
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS

GET 111e371.netsolhost.com/service

206.188.192.34

301 Moved Permanently

246 B

URL User Request GET HTTP/1.1
111e371.netsolhost.com/service
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
246 B (246 bytes)
Hash
0746fcf0c196d1cc18f51387b3daed6c
a1de8cd3427706e9cf27d0a0f29c5797a356750e
3c7ea3076a6fb5ea21b8c76add2d987700eeabc89abfd96604b23e294d3ffb54

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Connection: keep-alive
Location: http://111e371.netsolhost.com/service/
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS

GET 111e371.netsolhost.com/service/

206.188.192.34

302 Found

0 B

URL User Request GET HTTP/1.1
111e371.netsolhost.com/service/
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/ HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
location: f61fd409a2e99648e22f7d45bd81803c
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c

206.188.192.34

301 Moved Permanently

279 B

URL User Request GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
279 B (279 bytes)
Hash
706b909b7f38ece4f1feaafc71ff8769
8da29ca37c167ca263ccccea35c3572e8722fec7
b1fb2df3b6ae3c0a9f48b632f64bba1864e914be2143654c53cf46fd8b44d439

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Connection: keep-alive
Location: http://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/

206.188.192.34

200 OK

11 kB

URL User Request GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (439)
Size
11 kB (11153 bytes)
Hash
3b9a325bd3ef9b1de35d28c7b36f877f
a121d1931bffe6d41a49996d5b5394f332ad6a44
be7fac6a07f833feee1a738ddfef86cf06624e15f5d9b2a0914b0d43fefa3d07

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/ HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 Sep 2024 07:51:00 GMT
ETag: W/"a5e6-6233d5967c3cf"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/bootstrap.min.css

206.188.192.34

200 OK

23 kB

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/bootstrap.min.css
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (64976)
Size
23 kB (22592 bytes)
Hash
a04c20e9d8e971c005c10a25372cb7c3
e42875a7c13d6f766ece94b27b636549edff7fe7
1831874c5d0edf9deec31365a40c7aa7a5e271717109bdb345390daef315735c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/bootstrap.min.css HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 Sep 2024 07:51:00 GMT
ETag: W/"1a442-6233d59693ec2"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip

GET 111e371.netsolhost.com/templates/js/urls.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/urls.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/urls.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/templates/js/configuration.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/configuration.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/configuration.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css

206.188.192.34

200 OK

2.8 kB

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (406)
Size
2.8 kB (2761 bytes)
Hash
ec13674c71d7e942e269f0dc31b97b38
deab1b674c9ec72ae03abfc2a8d620bc7822fc4c
e8d463b5fcadbca6523ddbaea0b3b4f37efc2faac9fa27509f2a554aa620e7be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 29 Sep 2024 07:51:00 GMT
ETag: W/"20cb-6233d5969330c"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip

GET 111e371.netsolhost.com/templates/js/jquery.min.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/jquery.min.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/jquery.min.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/dac.css

206.188.192.34

200 OK

446 B

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/dac.css
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
446 B (446 bytes)
Hash
284e8f406a5364325274086dacae98d2
05aa1308b3c9fd418f4cdf3196eea5592027f15c
e5cb4d4266e0709a96e0097e77c2da7fbee9a613fbc373e801e675bb95f33ad5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/dac.css HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/css
Content-Length: 446
Connection: keep-alive
Last-Modified: Sun, 29 Sep 2024 07:51:00 GMT
ETag: "1be-6233d59694a74"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes

GET 111e371.netsolhost.com/templates/js/bootstrap.min.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/bootstrap.min.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/bootstrap.min.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/templates/js/auth2018.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/auth2018.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/auth2018.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/templates/js/franceConnect.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/franceConnect.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/franceConnect.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
88296bbf038fb007332e95ffd2bc0cb8
b67dc3668b4a960b641373849c77ef5bb34d4438
7f2f2560e851c2ec8be7331af2413250a3096770752d567819651f60e3e31da4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Sep 2024 07:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET 111e371.netsolhost.com/templates/images/logo-fc.svg

206.188.192.34

200 OK

20 kB

URL GET HTTP/1.1
111e371.netsolhost.com/templates/images/logo-fc.svg
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
20 kB (19554 bytes)
Hash
414ffb810fa83b5bd7427465433c2fb2
4f2118c05aeb4707d3b2afbf219bb813ec371a04
33689955abdaec87c8d7c647771e44cd75deb3071667e2fddeabd95f123d6648

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/images/logo-fc.svg HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: image/svg+xml
Content-Length: 19554
Connection: keep-alive
Last-Modified: Sat, 28 Sep 2024 13:29:07 GMT
ETag: "4c62-6232df4c6bbc2"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes

GET 111e371.netsolhost.com/templates/js/urls.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/urls.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/urls.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
88296bbf038fb007332e95ffd2bc0cb8
b67dc3668b4a960b641373849c77ef5bb34d4438
7f2f2560e851c2ec8be7331af2413250a3096770752d567819651f60e3e31da4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Sep 2024 07:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintEA:6A:C6:A3:F6:90:16:40:23:03:8F:A5:6F:71:11:F6:FA:B7:5F:C3
ValidityMon, 26 Aug 2024 07:12:45 GMT - Mon, 18 Nov 2024 07:12:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://111e371.netsolhost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Sep 2024 15:12:43 GMT
expires: Fri, 26 Sep 2025 15:12:43 GMT
cache-control: public, max-age=31536000
age: 232698
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/images/logo.svg

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/images/logo.svg
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/images/logo.svg HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/images/Cadenas.svg

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/images/Cadenas.svg
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/images/Cadenas.svg HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/polices/dgfip_dgfipicons.ttf

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/polices/dgfip_dgfipicons.ttf
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/polices/dgfip_dgfipicons.ttf HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/templates/js/configuration.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/configuration.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/configuration.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/polices/dgfip_dgfipicons.woff

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/polices/dgfip_dgfipicons.woff
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/polices/dgfip_dgfipicons.woff HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/commun.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:01 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/templates/js/franceConnect.js

206.188.192.34

404 Not Found

575 B

URL GET HTTP/1.1
111e371.netsolhost.com/templates/js/franceConnect.js
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
ASCII text
Size
575 B (575 bytes)
Hash
4546cec9cc9f33afaa19f1e81c7278fb
1b389a6d4d910de0f991a27487f1e1cd8b1223df
54998b618c0740e80bd07e3b28870fd68ce831df08dc73a8e3e3a261efdfb720

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /templates/js/franceConnect.js HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:02 GMT
Content-Type: text/html
Content-Length: 575
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 19:16:49 GMT
ETag: "23f-617cde9496008"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade

GET 111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/logoimpo.png

206.188.192.34

200 OK

6.1 kB

URL GET HTTP/1.1
111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/logoimpo.png
IP
206.188.192.34:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint86:A8:76:C0:39:80:04:0E:58:A1:27:6B:8C:F6:92:FB:30:77:A8:E8
ValidityTue, 23 Jul 2024 00:00:00 GMT - Wed, 23 Jul 2025 23:59:59 GMT

File type
PNG image data, 293 x 172, 8-bit colormap, non-interlaced
Size
6.1 kB (6056 bytes)
Hash
90b33a18a02522bb5530e9eca8af649e
d56d87c513d01b37132be876acdadc3845b51af4
950d34941976150e0d4e8da55e590da622754812226a454cab5199b2c7f2a22c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - France Tax Agency

HTTP Headers

GET /service/f61fd409a2e99648e22f7d45bd81803c/laaaarbi/logoimpo.png HTTP/1.1
Host: 111e371.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
DNT: 1
Connection: keep-alive
Cookie: essai=cookie
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.25.3.1
Date: Sun, 29 Sep 2024 07:51:02 GMT
Content-Type: image/png
Content-Length: 6056
Connection: keep-alive
Last-Modified: Sun, 29 Sep 2024 07:51:00 GMT
ETag: "17a8-6233d596942bb"
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: "1; mode=block"
Referrer-Policy: no-referrer-when-downgrade
X-Webcom-Cache-Status: BYPASS
Accept-Ranges: bytes

GET fonts.googleapis.com/css?family=Open+Sans&subset=latin-ext

142.250.74.106

200 OK

5.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans&subset=latin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://111e371.netsolhost.com/service/f61fd409a2e99648e22f7d45bd81803c/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC6:E8:36:27:AB:3A:34:33:0B:85:2C:D8:6C:0A:74:34:71:6A:F5:62
ValidityMon, 26 Aug 2024 07:12:45 GMT - Mon, 18 Nov 2024 07:12:44 GMT

File type
ASCII text, with very long lines (5866), with no line terminators
Size
5.8 kB (5776 bytes)
Hash
9a9a7fec0410c78b8c7601306b9fa182
7d736470060c2cbab18d2a59c043202c2d3dbaac
6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0

HTTP Headers

GET /css?family=Open+Sans&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://111e371.netsolhost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Sep 2024 07:51:01 GMT
date: Sun, 29 Sep 2024 07:51:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate