188.225.40.140200 OK 24 kB URL User Request GET HTTP/1.1 IP 188.225.40.140:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11078)
Hash 47166857070c36eb0161b06c1b1e7133
66d099ab3ae8aade8e586340c2265177109c25ea
47113241d653b54ef79d5bbc2a026fb1db56346a6744709dd9dce1cd1e210ffa
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
OpenPhish phishing La Banque postale
GET / HTTP/1.1
Host: cb02322.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sat, 04 Nov 2023 00:07:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ce2a9323e67fd3e4a36a765a722aaa64; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
cb02322.tw1.ru/xzaz/jquery.min.js
188.225.40.140200 OK 31 kB URL GET HTTP/1.1 cb02322.tw1.ru/xzaz/jquery.min.js
IP 188.225.40.140:80
File type ASCII text, with very long lines (65451)
Hash f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
OpenPhish phishing La Banque postale
GET /xzaz/jquery.min.js HTTP/1.1
Host: cb02322.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://cb02322.tw1.ru/
Cookie: PHPSESSID=ce2a9323e67fd3e4a36a765a722aaa64
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sat, 04 Nov 2023 00:07:32 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 31 Oct 2023 17:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65413a30-15850"
Expires: Sun, 03 Nov 2024 00:07:32 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
185.16.252.161200 OK 8.7 kB URL GET HTTP/1.1 www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
IP 185.16.252.161:443
Certificate IssuerDigiCert Inc
Subjectwww.labanquepostale.fr
Fingerprint27:33:FE:30:05:4C:E9:FA:BA:94:E1:C1:89:D4:13:59:56:D7:4B:C6
ValidityMon, 05 Jun 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d0d8d8eab03bada9a2ed197e727681e
7a4e52059e11b4784fab81e8e3989cd5945e7007
c6573f8959e56e6a621715af791a527f3da7dc0c1abd9377b83f991ccc85a91c
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png HTTP/1.1
Host: www.labanquepostale.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cb02322.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Dispatcher: dispatcher
X-Vhost: publish
Cache-Control: max-age=31536000, public
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Apr 2022 12:25:01 GMT
ETag: "21d8-5dc0f91208140"
Accept-Ranges: bytes
Content-Type: image/png
Connection: Keep-Alive
Date: Sat, 04 Nov 2023 00:07:32 GMT
Age: 0
Content-Length: 8664
www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
185.16.252.161200 OK 8.7 kB URL GET HTTP/1.1 www.labanquepostale.fr/etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png
IP 185.16.252.161:443
Certificate IssuerDigiCert Inc
Subjectwww.labanquepostale.fr
Fingerprint27:33:FE:30:05:4C:E9:FA:BA:94:E1:C1:89:D4:13:59:56:D7:4B:C6
ValidityMon, 05 Jun 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d0d8d8eab03bada9a2ed197e727681e
7a4e52059e11b4784fab81e8e3989cd5945e7007
c6573f8959e56e6a621715af791a527f3da7dc0c1abd9377b83f991ccc85a91c
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /etc.clientlibs/labanquepostale/commons/clientlibs/base/resources/logo-lbp.png HTTP/1.1
Host: www.labanquepostale.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cb02322.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Dispatcher: dispatcher
X-Vhost: publish
Cache-Control: max-age=31536000, public
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Apr 2022 12:25:01 GMT
ETag: "21d8-5dc0f91208140"
Accept-Ranges: bytes
Content-Type: image/png
Connection: Keep-Alive
Date: Sat, 04 Nov 2023 00:07:33 GMT
Age: 1
Content-Length: 8664
aqua-e.it//tools/htbnposta/b.css
104.21.59.129200 OK 46 kB URL GET HTTP/2 aqua-e.it//tools/htbnposta/b.css
IP 104.21.59.129:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint3D:D1:2F:2C:2E:25:A0:24:D3:F8:40:15:56:AF:C7:D6:D3:DE:59:98
ValiditySat, 11 Mar 2023 00:00:00 GMT - Sat, 09 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 18ee03d97e307e5613c9a9f6b3992791
343ea88f5608173fe680ef6f894d61e07561cd94
8bb31c6c96080e30206dcbbe492b39d250011166b8fc63ea27a74190fad98542
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET //tools/htbnposta/b.css HTTP/1.1
Host: aqua-e.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://cb02322.tw1.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 Nov 2023 00:07:32 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 13:29:17 GMT
etag: W/"37c04-5e1f5350fe8de"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNJCEDCqtWfDvaktH%2BtUSyOsXgYf2QFtqJf5q6d1kaJdPhk6pU%2Bid02u%2BxNZX6UdP7krQGML8eP6xQPO3NpTnxtZQEga7kJkrvNG%2BAL4dyQ1ApNhk75PaUkICCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82089e0d59fa5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2