urlscan.io logo urlscan.io
SecurityTrails logo

www.arc-et-senans.com Open in urlscan Pro
213.186.33.19  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Submission: On January 23 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 31 HTTP transactions. The main IP is 213.186.33.19, located in France and belongs to OVH, FR. The main domain is www.arc-et-senans.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 14th 2017. Valid for: 3 months.
This is the only time www.arc-et-senans.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NatWest (Banking)

Domain & IP information

IP Address AS Autonomous System
9 213.186.33.19 16276 (OVH)
19 38 155.136.22.4 21054 (RBSG-UK-A...)
31 3
Apex Domain
Subdomains		 Transfer
38 nwolb.com
www.nwolb.com
online.nwolb.com Failed
chat.nwolb.com Failed
200 KB
9 arc-et-senans.com
www.arc-et-senans.com
72 KB
31 2
Domain Requested by
38 www.nwolb.com 19 redirects www.arc-et-senans.com
9 www.arc-et-senans.com www.arc-et-senans.com
0 chat.nwolb.com Failed www.nwolb.com
0 online.nwolb.com Failed www.arc-et-senans.com
31 4

This site contains no links.

Subject Issuer Validity Valid
devali.fr
Let's Encrypt Authority X3		 2017-12-14 -
2018-03-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Frame ID: (BD2E2A18D4DB77CF271DBD826502D10D)
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

31
Requests

29 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

264 kB
Transfer

283 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.nwolb.com/Brands/master.css HTTP 307
  • https://www.nwolb.com/Brands/master.css
Request Chain 1
  • https://www.nwolb.com/Brands/jq_styles/datePicker.css HTTP 307
  • https://www.nwolb.com/Brands/jq_styles/datePicker.css
Request Chain 3
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css HTTP 307
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css
Request Chain 4
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css HTTP 307
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css
Request Chain 7
  • https://www.nwolb.com/brands/NWB/javascript/uf.js HTTP 307
  • https://www.nwolb.com/brands/NWB/javascript/uf.js
Request Chain 9
  • https://www.nwolb.com/brands/NWB/javascript/cco.js HTTP 307
  • https://www.nwolb.com/brands/NWB/javascript/cco.js
Request Chain 12
  • https://www.nwolb.com/brands/NWB/javascript/pa.js HTTP 307
  • https://www.nwolb.com/brands/NWB/javascript/pa.js
Request Chain 13
  • https://www.nwolb.com/brands/NWB/images/logo.png HTTP 307
  • https://www.nwolb.com/brands/NWB/images/logo.png
Request Chain 14
  • https://www.nwolb.com/Brands/RSA_js/json2.js HTTP 307
  • https://www.nwolb.com/Brands/RSA_js/json2.js
Request Chain 15
  • https://www.nwolb.com/Brands/RSA_js/fp_AA.js HTTP 307
  • https://www.nwolb.com/Brands/RSA_js/fp_AA.js
Request Chain 16
  • https://www.nwolb.com/Brands/RSA_js/AC_OETags.js HTTP 307
  • https://www.nwolb.com/Brands/RSA_js/AC_OETags.js
Request Chain 17
  • https://www.nwolb.com/Brands/RSA_js/rsaHiddenInputFieldsjs.aspx HTTP 307
  • https://www.nwolb.com/Brands/RSA_js/rsaHiddenInputFieldsjs.aspx
Request Chain 18
  • https://www.nwolb.com/Brands/RSA_js/rsaDetectAndRunFlashObjectjs.aspx HTTP 307
  • https://www.nwolb.com/Brands/RSA_js/rsaDetectAndRunFlashObjectjs.aspx
Request Chain 19
  • https://www.nwolb.com/Brands/NWB/images/error.gif HTTP 307
  • https://www.nwolb.com/Brands/NWB/images/error.gif
Request Chain 20
  • https://www.nwolb.com/Brands/NWB/css/NPC_auralstyle.css HTTP 307
  • https://www.nwolb.com/Brands/NWB/css/NPC_auralstyle.css
Request Chain 21
  • https://www.nwolb.com/Brands/master_print.css HTTP 307
  • https://www.nwolb.com/Brands/master_print.css
Request Chain 26
  • https://www.nwolb.com/Brands/NWB/images/white-lock.png HTTP 307
  • https://www.nwolb.com/Brands/NWB/images/white-lock.png
Request Chain 28
  • https://www.nwolb.com/Brands/NWB/images/backgrounds/footerBackground.png HTTP 307
  • https://www.nwolb.com/Brands/NWB/images/backgrounds/footerBackground.png
Request Chain 29
  • https://www.nwolb.com/Brands/NWB/images/down_chevron_purple_transparent.gif HTTP 307
  • https://www.nwolb.com/Brands/NWB/images/down_chevron_purple_transparent.gif

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set l0g11n4.php
www.arc-et-senans.com/HUENSG0343/WaL0eHW/ 		19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache / PHP/5.6.32
Resource Hash
edb61d454078c7b1e6f1de1662543604209ec954e6f905a7efed79e6d164f8f2

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.6.32
X-IPLB-Instance
17344
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Set-Cookie
60gpBAK=R1224195776; path=/; expires=Tue, 23-Jan-2018 13:31:53 GMT 60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:41:49 GMT
Content-Length
4379
master.css
www.nwolb.com/Brands/
Redirect Chain
  • https://www.nwolb.com/Brands/master.css
  • https://www.nwolb.com/Brands/master.css
102 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/master.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
e9d0287807d4705ef067735dec3a44ef3f097385a639100fe1e26b66d73010e8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Nov 2017 11:46:46 GMT
ETag
"0176994d05ed31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
104827
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/master.css
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
datePicker.css
www.nwolb.com/Brands/jq_styles/
Redirect Chain
  • https://www.nwolb.com/Brands/jq_styles/datePicker.css
  • https://www.nwolb.com/Brands/jq_styles/datePicker.css
2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/jq_styles/datePicker.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
14714f651128eff786763144294b0e7c67529d317ac5371632bbf8fb659866ff
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:42 GMT
ETag
"027dfdc6221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
2384
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/jq_styles/datePicker.css
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
Cookie set npc_new.css
www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash
ba004e1f088f44a5cc457c94b2dd11d9057a963c5433793ee0d52ca8ae52fbed

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2015 20:36:28 GMT
Server
Apache
X-IPLB-Instance
17344
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:47:27 GMT
Accept-Ranges
bytes
Content-Length
6806
Expires
Tue, 23 Jan 2018 12:45:43 GMT
overlayPromptMaster.css
www.nwolb.com/promptResources/templates/overlayTemplate/
Redirect Chain
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css
2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/promptResources/templates/overlayTemplate/overlayPromptMaster.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
643d4d52a1a24515822f6a30683f901bb5dd16c251d88caece27ab2713457272
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:50 GMT
ETag
"0dba3e16221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
1538
X-XSS-Protection
1; mode=block

Redirect headers

Location
/promptResources/templates/overlayTemplate/overlayPromptMaster.css
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
overlayPrompt.css
www.nwolb.com/promptResources/templates/overlayTemplate/NPC/
Redirect Chain
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css
  • https://www.nwolb.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css
76 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:50 GMT
ETag
"073df7f5a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
76
X-XSS-Protection
1; mode=block

Redirect headers

Location
/promptResources/templates/overlayTemplate/NPC/overlayPrompt.css
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
Cookie set autoTab.js
www.arc-et-senans.com/HUENSG0343/WaL0eHW/Brands/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/Brands/autoTab.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Server
Apache
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:34:30 GMT
Content-Length
234
X-IPLB-Instance
17344
Content-Type
text/html; charset=iso-8859-1
Cookie set common.aspx
www.arc-et-senans.com/Brands/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/Brands/common.aspx
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Server
Apache
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:45:18 GMT
Content-Length
216
X-IPLB-Instance
17344
Content-Type
text/html; charset=iso-8859-1
uf.js
www.nwolb.com/brands/NWB/javascript/
Redirect Chain
  • https://www.nwolb.com/brands/NWB/javascript/uf.js
  • https://www.nwolb.com/brands/NWB/javascript/uf.js
300 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/brands/NWB/javascript/uf.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
a38958b32ba95fee237f93b7ee6b7d79a3f44991b91140bb26c00b50986449fc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:36 GMT
ETag
"03887775a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
300
X-XSS-Protection
1; mode=block

Redirect headers

Location
/brands/NWB/javascript/uf.js
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
align.js
online.nwolb.com/92121272/ 		0
0
cco.js
www.nwolb.com/brands/NWB/javascript/
Redirect Chain
  • https://www.nwolb.com/brands/NWB/javascript/cco.js
  • https://www.nwolb.com/brands/NWB/javascript/cco.js
297 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/brands/NWB/javascript/cco.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
b2b4b6846b6b9a6a452e4cefd94ccc4c1ea10a7321e293a18d0189f11ffd2a73
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:36 GMT
ETag
"03887775a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
297
X-XSS-Protection
1; mode=block

Redirect headers

Location
/brands/NWB/javascript/cco.js
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
cc.js
online.nwolb.com/92121272/ 		0
0
Cookie set mm.aspx
www.arc-et-senans.com/Brands/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/Brands/mm.aspx
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Server
Apache
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:31:53 GMT
Content-Length
212
X-IPLB-Instance
17344
Content-Type
text/html; charset=iso-8859-1
pa.js
www.nwolb.com/brands/NWB/javascript/
Redirect Chain
  • https://www.nwolb.com/brands/NWB/javascript/pa.js
  • https://www.nwolb.com/brands/NWB/javascript/pa.js
333 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/brands/NWB/javascript/pa.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
c9e4522e86885da59438d09c797f1c443d96254544e1e17d01f4af1757bbf1d7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:36 GMT
ETag
"0a04bd96221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
333
X-XSS-Protection
1; mode=block

Redirect headers

Location
/brands/NWB/javascript/pa.js
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
logo.png
www.nwolb.com/brands/NWB/images/
Redirect Chain
  • https://www.nwolb.com/brands/NWB/images/logo.png
  • https://www.nwolb.com/brands/NWB/images/logo.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nwolb.com/brands/NWB/images/logo.png
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:36 GMT
ETag
"03887775a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
3053
X-XSS-Protection
1; mode=block

Redirect headers

Location
/brands/NWB/images/logo.png
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
json2.js
www.nwolb.com/Brands/RSA_js/
Redirect Chain
  • https://www.nwolb.com/Brands/RSA_js/json2.js
  • https://www.nwolb.com/Brands/RSA_js/json2.js
18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/RSA_js/json2.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
e50cc902a05bb6110e91fe68ca2ddc4514ff5f750eb5bc7a5bed41ab03ef805c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:24 GMT
ETag
"09224d26221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
18014
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/RSA_js/json2.js
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
fp_AA.js
www.nwolb.com/Brands/RSA_js/
Redirect Chain
  • https://www.nwolb.com/Brands/RSA_js/fp_AA.js
  • https://www.nwolb.com/Brands/RSA_js/fp_AA.js
36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/RSA_js/fp_AA.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
97426436d894e8f402ad4d5fc6c3653edec6dc5bcf752a5e24af0b5e47d037e0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:24 GMT
ETag
"09224d26221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
36568
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/RSA_js/fp_AA.js
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
AC_OETags.js
www.nwolb.com/Brands/RSA_js/
Redirect Chain
  • https://www.nwolb.com/Brands/RSA_js/AC_OETags.js
  • https://www.nwolb.com/Brands/RSA_js/AC_OETags.js
8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/RSA_js/AC_OETags.js
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
63b78589ca0305eca8f18cdf0e73f17cebfc346b2f0d7cd6824e90cee70a66d9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:24 GMT
ETag
"09224d26221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
7812
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/RSA_js/AC_OETags.js
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
rsaHiddenInputFieldsjs.aspx
www.nwolb.com/Brands/RSA_js/
Redirect Chain
  • https://www.nwolb.com/Brands/RSA_js/rsaHiddenInputFieldsjs.aspx
  • https://www.nwolb.com/Brands/RSA_js/rsaHiddenInputFieldsjs.aspx
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/RSA_js/rsaHiddenInputFieldsjs.aspx
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
0b3814286eb706aea1103ccddf0abcaf0e2c9ccd1e2ed228d7ce0a951a230bba
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Length
1223
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/RSA_js/rsaHiddenInputFieldsjs.aspx
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
rsaDetectAndRunFlashObjectjs.aspx
www.nwolb.com/Brands/RSA_js/
Redirect Chain
  • https://www.nwolb.com/Brands/RSA_js/rsaDetectAndRunFlashObjectjs.aspx
  • https://www.nwolb.com/Brands/RSA_js/rsaDetectAndRunFlashObjectjs.aspx
979 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/RSA_js/rsaDetectAndRunFlashObjectjs.aspx
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
2a434711c91d154b93526d8ea7baf332835c64c45fad8878af28cd5da6aea30e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
private
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Length
979
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/RSA_js/rsaDetectAndRunFlashObjectjs.aspx
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
error.gif
www.nwolb.com/Brands/NWB/images/
Redirect Chain
  • https://www.nwolb.com/Brands/NWB/images/error.gif
  • https://www.nwolb.com/Brands/NWB/images/error.gif
111 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nwolb.com/Brands/NWB/images/error.gif
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
48827d7cb1ec7b7d7eacf3d9a8285aa25a006511a29da0223da8b919b903042b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:34 GMT
ETag
"0b56765a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
111
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/NWB/images/error.gif
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
NPC_auralstyle.css
www.nwolb.com/Brands/NWB/css/
Redirect Chain
  • https://www.nwolb.com/Brands/NWB/css/NPC_auralstyle.css
  • https://www.nwolb.com/Brands/NWB/css/NPC_auralstyle.css
515 B
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/NWB/css/NPC_auralstyle.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
04c45c81e1298e703f3bde9cec27446450294330ae06bd24c9f9343b264462e9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:36 GMT
ETag
"03887775a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
515
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/NWB/css/NPC_auralstyle.css
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
master_print.css
www.nwolb.com/Brands/
Redirect Chain
  • https://www.nwolb.com/Brands/master_print.css
  • https://www.nwolb.com/Brands/master_print.css
3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nwolb.com/Brands/master_print.css
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
33986a6efe37bac6e66abe4a7cb5c75c732459013681a9bd4d81a9f2397fe85f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:48 GMT
ETag
"0ae72e06221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
3456
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/master_print.css
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
Cookie set common.aspx
www.arc-et-senans.com/Brands/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/Brands/common.aspx
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Server
Apache
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:41:49 GMT
Content-Length
216
X-IPLB-Instance
17344
Content-Type
text/html; charset=iso-8859-1
Cookie set mm.aspx
www.arc-et-senans.com/Brands/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/Brands/mm.aspx
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Server
Apache
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:45:35 GMT
Content-Length
212
X-IPLB-Instance
17344
Content-Type
text/html; charset=iso-8859-1
bottom.js
chat.nwolb.com/nwbpwebassets/ 		0
0
Cookie set RNHouseSansW01-Regular.woff
www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/fonts/RNHouseSansW01-Regular.woff
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash
faec2bd1524ea1127fb1a6fa6f9cc3af135442f296c125851d9d2398c7d1368a

Request headers

Pragma
no-cache
Origin
https://www.arc-et-senans.com
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
Origin
https://www.arc-et-senans.com

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Last-Modified
Thu, 19 Nov 2015 20:27:24 GMT
Server
Apache
X-IPLB-Instance
17344
Content-Type
application/x-font-woff
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:41:49 GMT
Accept-Ranges
bytes
Content-Length
22688
white-lock.png
www.nwolb.com/Brands/NWB/images/
Redirect Chain
  • https://www.nwolb.com/Brands/NWB/images/white-lock.png
  • https://www.nwolb.com/Brands/NWB/images/white-lock.png
285 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nwolb.com/Brands/NWB/images/white-lock.png
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 07:37:34 GMT
ETag
"0731ad86221d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
285
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/NWB/images/white-lock.png
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
Cookie set RNHouseSansW01-Bold.woff
www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/fonts/RNHouseSansW01-Bold.woff
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.ovh.net
Software
Apache /
Resource Hash
dbc1cad17ed91a5684d115f609df37622969737bc3a0db64c7e8b8c20b994e30

Request headers

Pragma
no-cache
Origin
https://www.arc-et-senans.com
Accept-Encoding
gzip, deflate
Host
www.arc-et-senans.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
Cookie
60gpBAK=R1224195776; 60gp=R4109558884
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
Origin
https://www.arc-et-senans.com

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
Last-Modified
Thu, 19 Nov 2015 20:26:26 GMT
Server
Apache
X-IPLB-Instance
17344
Content-Type
application/x-font-woff
Set-Cookie
60gp=R4109558884; path=/; expires=Tue, 23-Jan-2018 13:41:49 GMT
Accept-Ranges
bytes
Content-Length
23120
footerBackground.png
www.nwolb.com/Brands/NWB/images/backgrounds/
Redirect Chain
  • https://www.nwolb.com/Brands/NWB/images/backgrounds/footerBackground.png
  • https://www.nwolb.com/Brands/NWB/images/backgrounds/footerBackground.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nwolb.com/Brands/NWB/images/backgrounds/footerBackground.png
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
682df64974058b47f875e3e8c904ad1b28325a9b37e30b0735b7bd057b61be9a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:32 GMT
ETag
"0de24755a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
4167
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/NWB/images/backgrounds/footerBackground.png
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html
down_chevron_purple_transparent.gif
www.nwolb.com/Brands/NWB/images/
Redirect Chain
  • https://www.nwolb.com/Brands/NWB/images/down_chevron_purple_transparent.gif
  • https://www.nwolb.com/Brands/NWB/images/down_chevron_purple_transparent.gif
843 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nwolb.com/Brands/NWB/images/down_chevron_purple_transparent.gif
Requested by
Host: www.arc-et-senans.com
URL: https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/l0g11n4.php?r3=0983294528309402CFBF5&
Protocol
HTTP/1.1
Server
155.136.22.4 London, United Kingdom, ASN21054 (RBSG-UK-AS Edinburgh, GB),
Reverse DNS
Software
/
Resource Hash
58ac97186d61e424878863f9cb1258c1f04eb1016f6ab11359f97994b758955c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.arc-et-senans.com/HUENSG0343/WaL0eHW/1/npc_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Tue, 23 Jan 2018 12:30:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Aug 2017 06:37:34 GMT
ETag
"0b56765a21d31:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=900
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
843
X-XSS-Protection
1; mode=block

Redirect headers

Location
/Brands/NWB/images/down_chevron_purple_transparent.gif
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
P3P
CP="{}"
Content-Length
0
Content-Type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
online.nwolb.com
URL
https://online.nwolb.com/92121272/align.js
Domain
online.nwolb.com
URL
https://online.nwolb.com/92121272/cc.js
Domain
chat.nwolb.com
URL
https://chat.nwolb.com/nwbpwebassets/bottom.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NatWest (Banking)

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| nww function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity boolean| isIE boolean| isWin boolean| isOpera function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs string| xForwardIpAddress

2 Cookies

Domain/Path Name / Value
www.arc-et-senans.com/ Name: 60gp
Value: R4109558884
www.arc-et-senans.com/ Name: 60gpBAK
Value: R1224195776

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chat.nwolb.com
online.nwolb.com
www.arc-et-senans.com
www.nwolb.com
chat.nwolb.com
online.nwolb.com
155.136.22.4
213.186.33.19
04c45c81e1298e703f3bde9cec27446450294330ae06bd24c9f9343b264462e9
0b3814286eb706aea1103ccddf0abcaf0e2c9ccd1e2ed228d7ce0a951a230bba
14714f651128eff786763144294b0e7c67529d317ac5371632bbf8fb659866ff
2a434711c91d154b93526d8ea7baf332835c64c45fad8878af28cd5da6aea30e
33986a6efe37bac6e66abe4a7cb5c75c732459013681a9bd4d81a9f2397fe85f
48827d7cb1ec7b7d7eacf3d9a8285aa25a006511a29da0223da8b919b903042b
58ac97186d61e424878863f9cb1258c1f04eb1016f6ab11359f97994b758955c
63b78589ca0305eca8f18cdf0e73f17cebfc346b2f0d7cd6824e90cee70a66d9
643d4d52a1a24515822f6a30683f901bb5dd16c251d88caece27ab2713457272
682df64974058b47f875e3e8c904ad1b28325a9b37e30b0735b7bd057b61be9a
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50
97426436d894e8f402ad4d5fc6c3653edec6dc5bcf752a5e24af0b5e47d037e0
a38958b32ba95fee237f93b7ee6b7d79a3f44991b91140bb26c00b50986449fc
b2b4b6846b6b9a6a452e4cefd94ccc4c1ea10a7321e293a18d0189f11ffd2a73
b465d00b89619e9899ec7d618559157db09f935d318466d67deb036157fadcf2
ba004e1f088f44a5cc457c94b2dd11d9057a963c5433793ee0d52ca8ae52fbed
c9e4522e86885da59438d09c797f1c443d96254544e1e17d01f4af1757bbf1d7
dbc1cad17ed91a5684d115f609df37622969737bc3a0db64c7e8b8c20b994e30
e50cc902a05bb6110e91fe68ca2ddc4514ff5f750eb5bc7a5bed41ab03ef805c
e9d0287807d4705ef067735dec3a44ef3f097385a639100fe1e26b66d73010e8
edb61d454078c7b1e6f1de1662543604209ec954e6f905a7efed79e6d164f8f2
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
faec2bd1524ea1127fb1a6fa6f9cc3af135442f296c125851d9d2398c7d1368a