midpack.airfrance.fr Open in urlscan Pro
193.57.218.45 Public Scan

Software

Resource Hash

f76bfb310f6e929c7fe09d228c5edcfab454c0fec4fd6c351b7ab8fee4528ca8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Host: corpoweb.airfrance.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ASID_static_tls-b2c_um=rd3o00000000000000000000ffff0a46461co8080; CLID_static_tls_b2c_=y5nemOGDYGkTCiZrEAE3FdmpSNoS0rIn1B7BZqagul7qLF96E3ocCTAOkd4Td1HjmBzD9YhutQAAAAE=; AFKL_VISITOR_ID=2912784797564514
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:00 GMT
Last-Modified: Wed, 14 Jun 2017 12:26:33 GMT
ETag: "457-551eaa9971040"
Accept-Ranges: bytes
Content-Length: 715
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
X-AFKL-Origin: back
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Sat, 27 Jun 2020 20:08:00 GMT
Location: http://corpoweb.airfrance.fr/redirect/
Content-Length: 246
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: ASID_static_tls-b2c_um=rd3o00000000000000000000ffff0a46461co8080; path=/; Httponly CLID_static_tls_b2c_=y5nemOGDYGkTCiZrEAE3FdmpSNoS0rIn1B7BZqagul7qLF96E3ocCTAOkd4Td1HjmBzD9YhutQAAAAE=;Path=/;Httponly AFKL_VISITOR_ID=2912784797564514;Path=/;Domain=.airfrance.fr;Httponly
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
X-AFKL-Origin: back
Vary: Accept-Encoding

GET
H/1.1 200
OK all-ae3de5333b.css
corpoweb.airfrance.fr/redirect/css/ 157 KB
37 KB 107ms
106ms Stylesheet
text/css 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://corpoweb.airfrance.fr/redirect/css/all-ae3de5333b.css
Requested by: Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol: HTTP/1.1
Server: 193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: akis.airfrance.fr
Software: /
Resource Hash: 358a7057f4a54939027b1a4d911e777bb6243a5e7e7db278d7b1819b8fb2289d

Request headers

Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:00 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:24 GMT
ETag: "27514-551eaa90dbc00"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 37778
X-AFKL-Origin: back
Expires: Sun, 28 Jun 2020 02:08:00 GMT

GET
H/1.1 200
OK prod-64bae8f110.js Show response
corpoweb.airfrance.fr/redirect/libs/ 589 KB
226 KB 200ms
185ms Script
application/x-javascript 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Requested by: Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol: HTTP/1.1
Server: 193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: akis.airfrance.fr
Software: /
Resource Hash: 2d9d53b14c424fa3abf37c444e9b2ceb90b45fef886a476b553419318402781e

Request headers

Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:00 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:33 GMT
ETag: "93275-551eaa9971040"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Transfer-Encoding: chunked
X-AFKL-Origin: back
Keep-Alive: timeout=15
Expires: Sun, 28 Jun 2020 02:08:00 GMT

GET
H/1.1 200
OK en.json Show response
corpoweb.airfrance.fr/redirect/languages/ 710 B
1 KB 55ms
54ms XHR
application/json 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://corpoweb.airfrance.fr/redirect/languages/en.json
Requested by: Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol: HTTP/1.1
Server: 193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: akis.airfrance.fr
Software: /
Resource Hash: 6bcb144ce52278e26ecda4de7da3c114a93519a449965de6550c92f574c498a2

Request headers

Accept: application/json, text/plain, */*
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:00 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "2c6-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=21600
X-AFKL-Site: tls
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 710
X-AFKL-Origin: back

GET
H/1.1 200
OK fake.html Show response
corpoweb.airfrance.fr/redirect/html/views/ 42 B
572 B 55ms
55ms XHR
text/html 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://corpoweb.airfrance.fr/redirect/html/views/fake.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Server

193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

92e1e18b00e7d217470b37aaee6fef1e9a912b1fec8b39f5feadf4c4ebedc9c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept: text/html
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:00 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "2a-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: text/html
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 42
X-AFKL-Origin: back

GET
H/1.1 200
OK home.html Show response
corpoweb.airfrance.fr/redirect/html/views/ 1 KB
963 B 98ms
83ms XHR
text/html 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://corpoweb.airfrance.fr/redirect/html/views/home.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Server

193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

91faf20ad4f61d576c93c06fc762b63fc5122b165d3f28746e384fad5547cd62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept: text/html
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:01 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "47a-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: text/html
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 407
X-AFKL-Origin: back

GET
H/1.1 200
OK rightMenu.html Show response
corpoweb.airfrance.fr/redirect/html/views/ 1012 B
2 KB 98ms
83ms XHR
text/html 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://corpoweb.airfrance.fr/redirect/html/views/rightMenu.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Server

193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

eea2afed0b4ee2168de491c565e71d328dab6e6a0a59a2722363fc48983d05a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept: text/html
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Jun 2020 20:08:01 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "3f4-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: text/html
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1012
X-AFKL-Origin: back

PUT
H2 500 clickEmailLink Show response
phishing.airfrance.fr/resources/stats/1/2/ 319 B
563 B 89ms
89ms XHR
application/json 193.57.219.101
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.airfrance.fr/resources/stats/1/2/clickEmailLink

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.101 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

svihm.airfrance.fr

Software

Resource Hash

9cc0a6b0fdafed8ca6fc0fb0869e4dea42349031ae8d422d34bef992a7199efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:01 GMT
via: 1.1 RT_PU, 1.1 RT_PU
status: 500
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-cnection: close, close
x-afkl-site: tls
strict-transport-security: max-age=31536000
content-encoding: gzip
content-length: 226
x-afkl-origin: back

GET
H2 200 PhishingV1.html Show response
phishing.airfrance.fr/Phishing/en/public/g_standard_page/ 197 B
683 B 243ms
119ms Document
text/html 193.57.219.101
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.101 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

svihm.airfrance.fr

Software

Resource Hash

b24fb373e001165e71ba76d3b2eae6a01d7b9b60a4158cdc7abbabc4bdce73f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://phishing.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: phishing.airfrance.fr
:scheme: https
:path: /Phishing/en/public/g_standard_page/PhishingV1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://corpoweb.airfrance.fr/redirect/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AFKL_VISITOR_ID=2912784797564514
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://corpoweb.airfrance.fr/redirect/

Response headers

status: 200
date: Sat, 27 Jun 2020 20:08:01 GMT
accept-ranges: bytes
etag: W/"197-1560515137000"
last-modified: Fri, 14 Jun 2019 12:25:37 GMT
content-type: text/html
via: 1.1 RT_PU, 1.1 RT_PU
x-afkl-site: tls
content-security-policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://phishing.airfrance.fr/csp-report ;
x-afkl-origin: back
vary: Accept-Encoding
content-encoding: gzip
set-cookie: ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; path=/; Httponly;Secure CLID_phishing_main_=YXyonCS1izdWwsqVmVqN5JYYcnMPoAxE+ZYrStV7ik0cepTxWWs9ONj89hEzuFCkAUMnXiZCAAAAAQ==;Path=/;Httponly;Secure
strict-transport-security: max-age=31536000

GET
H2 200 Primary Request PhishingVictim.html Show response
midpack.airfrance.fr/phishingvictim/en/pageStandard/ 15 KB
6 KB 162ms
54ms Document
text/html 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

acdf439961305b05113802387f3ae242494265a0af00e5e9f6a99584f18d579a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: midpack.airfrance.fr
:scheme: https
:path: /phishingvictim/en/pageStandard/PhishingVictim.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AFKL_VISITOR_ID=2912784797564514
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html

Response headers

status: 200
date: Sat, 27 Jun 2020 20:08:02 GMT
last-modified: Wed, 24 Jun 2020 11:07:40 GMT
etag: "3d55-5a8d27c00823e"
accept-ranges: bytes
content-type: text/html
via: 1.1 RT_PU, 1.1 RT_PU
x-afkl-site: tls
content-security-policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
x-afkl-origin: back
vary: Accept-Encoding
content-encoding: gzip
set-cookie: targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr; secure; HttpOnly
strict-transport-security: max-age=31536000

GET
H2 200 bootstrap.css
midpack.airfrance.fr/referentiel/dist/css/ 204 KB
50 KB 60ms
55ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

e70df6b6057381125311672369cb8fc6c3f8fa93ea2b4075ee79228cc2c5cb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 30 Nov 2017 11:20:37 GMT
etag: "330dd-55f3170f9ab40"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 languages.js Show response
midpack.airfrance.fr/referentiel/js/ 2 KB
1 KB 74ms
69ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/languages.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

7c5c46d9f726406838a6e4aff33682d7c27e5b45046c4c288005086a2c20acd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 28 Dec 2017 10:22:51 GMT
etag: "997-56163e5f134c0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 jquery.min.js Show response
midpack.airfrance.fr/referentiel/dist/js/ 95 KB
46 KB 79ms
74ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Fri, 09 Mar 2018 08:33:44 GMT
etag: "17b8b-566f6a6718a00"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 jquery-ui.min.js Show response
midpack.airfrance.fr/referentiel/libs/jquery-ui/ 248 KB
100 KB 95ms
90ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/jquery-ui/jquery-ui.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 09 Nov 2017 14:48:45 GMT
etag: "3dee5-55d8de6a68d40"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 jquery-ui.min.css
midpack.airfrance.fr/referentiel/libs/jquery-ui/ 31 KB
11 KB 67ms
63ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/jquery-ui/jquery-ui.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 09 Nov 2017 14:48:44 GMT
etag: "7d4c-55d8de6974b00"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 bootstrap.min.js Show response
midpack.airfrance.fr/referentiel/dist/js/ 36 KB
14 KB 146ms
141ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/js/bootstrap.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Fri, 06 Oct 2017 08:29:06 GMT
etag: "90b5-55adca24fd880"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 video.min.js Show response
midpack.airfrance.fr/referentiel/libs/video-js/ 180 KB
71 KB 144ms
140ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/video-js/video.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

6662011df1df6595275e73ff6c7c8b29bd1142df10a9c211cf34f20090dcabad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 09 Nov 2017 14:04:37 GMT
etag: "2d042-55d8d48d14740"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 video-js.min.css
midpack.airfrance.fr/referentiel/libs/video-js/ 45 KB
18 KB 68ms
64ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/video-js/video-js.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 09 Nov 2017 14:04:36 GMT
etag: "b2ce-55d8d48c20500"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
465 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c641585cda99a8eb716625c70422a47d1ed8ce72b87370678175515bb2c465b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Jun 2020 20:08:02 GMT
server: ESF
date: Sat, 27 Jun 2020 20:08:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jun 2020 20:08:02 GMT

GET
H2 200 new_search.css
midpack.airfrance.fr/referentiel/css/ 2 KB
948 B 74ms
70ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/new_search.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fe837fb86c23c607c9abf14e8c2606554cd844bbdf4d0a815409d91303a765d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 30 Mar 2017 09:01:27 GMT
etag: "6a7-54beef027e7c0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 font-awesome.min.css
midpack.airfrance.fr/referentiel/dist/font-awesome/css/ 30 KB
10 KB 58ms
53ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/font-awesome/css/font-awesome.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Mon, 16 Oct 2017 11:05:43 GMT
etag: "7918-55ba7fcd46fc0"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 comment.min.css
cmstools.airfrance.fr/cmstoolsWeb/ 469 B
777 B 108ms
92ms Stylesheet
text/css 193.57.219.101
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cmstools.airfrance.fr/cmstoolsWeb/comment.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.101 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

svihm.airfrance.fr

Software

Resource Hash

acec9cb106f25d56f1f4a51286916ce11c71fd1a1c5b858513b2bcb44e90820e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:01 GMT
via: 1.1 RT_PU, 1.1 RT_PU
vary: Accept-Encoding
x-afkl-site: tls
status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 12:03:40 GMT
etag: W/"469-1591963420000"
access-control-max-age: 0
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache, max-age=21600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: x-requested-with, X-HTTP-Method-Override, content-type, content-length
x-afkl-origin: back

GET
H2 200 lang.js Show response
midpack.airfrance.fr/referentiel/js/ 403 B
372 B 115ms
111ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/lang.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

087d6815b1745ea3ca35339960085360bca07df64e2e86e272e7a33ae553f3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Fri, 09 Mar 2018 08:36:35 GMT
etag: "193-566f6b0a2cac0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 menuFunctions.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 6 KB
3 KB 145ms
141ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuFunctions.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

b86f1fac88fec6f052df0ec00fd3eee232ec7dc826ecc48caa1efb7e9370a5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Mon, 07 Jan 2019 10:39:22 GMT
etag: "1642-57edbd7804a80"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 comTraceurAF_v4.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 3 KB
2 KB 145ms
141ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/comTraceurAF_v4.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

b2304c750b41680f87f5aadb41fd402a42c748d1bbaf7d0a06ce2ed7f921d153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Mon, 07 Jan 2019 10:39:24 GMT
etag: "c44-57edbd79ecf00"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 menuHorizontal.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 4 KB
2 KB 120ms
116ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuHorizontal.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

eb5067d2e9b6d189fbd8053004f434942b87bf053bd2b946c1a087fbeffba697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 23 May 2019 09:05:27 GMT
etag: "e1f-5898a620c03c0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 footer.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 13 KB
4 KB 119ms
116ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/footer.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

159303dc67235469965d6118de1267a7e0e4428f2ed53f28bad2f622e058df6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Mon, 05 Dec 2016 17:06:15 GMT
etag: "3206-542ec4e2f6fc0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 menuVertical.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 6 KB
2 KB 145ms
141ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuVertical.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

829235960bbf253f6f0ea077e0a9fcf766afe58a3659d4e7c906ef11ca63a57b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 23 May 2019 09:05:30 GMT
etag: "169b-5898a6239ca80"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 listeActus.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 14 KB
5 KB 145ms
142ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/listeActus.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

2e028af461233fae5b28d7e5677c2e90f6ed34eee5996cd0698e684fc526690e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Tue, 10 Dec 2019 08:24:52 GMT
etag: "3830-599553f033d00"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 fullscreenVideoFix.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 553 B
544 B 143ms
140ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/fullscreenVideoFix.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

8ea74172b8b7fc42565c55b14b104131766cf692d88656d1b3266bbe1d6f6892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 13 Aug 2015 15:09:59 GMT
etag: "229-51d32ba8e1fc0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 jquery.rwdImageMaps.min.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 1 KB
952 B 143ms
140ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/jquery.rwdImageMaps.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 31 Jan 2018 12:46:22 GMT
etag: "468-56411ddcd6380"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 myBox.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 8 KB
4 KB 145ms
81ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/myBox.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

9e611daeeffa38f4f35827ef6e6cd29826cf0164669882841e50efd65389048f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Mon, 09 Dec 2019 08:09:59 GMT
etag: "2058-59940ebf1c3c0"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 jQueryBootstrapColumnsSameHeight.js Show response
midpack.airfrance.fr/referentiel/js/ 7 KB
3 KB 145ms
79ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/jQueryBootstrapColumnsSameHeight.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

4f82510c7f92b1c9b9aff411591e7db7d0319a9def55b6d813196e1403eb1c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Tue, 20 Feb 2018 09:02:18 GMT
etag: "1b61-565a1114dba80"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 new_search.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 12 KB
6 KB 149ms
75ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/new_search.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

c17ada310c55a5a82434193b6175e872745e6ff8f84b52694622e5b43859fe1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 05 Mar 2020 07:51:36 GMT
etag: "31fa-5a016ce64f200"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 fold_to_ascii.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 12 KB
6 KB 149ms
75ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/fold_to_ascii.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

4b464f1461669aa6a5d7e2105f8b1a9188ef35678ed871feaaa3c86d1c10ce72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Mon, 27 Feb 2017 15:16:18 GMT
etag: "313d-549848fa4b480"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H/1.1

200
OK

SSO.saml2 Show response
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain

https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/URI.min.js
https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLNTsMwEITvPEXkext3KWlrtZWgvRQBFS3ipxdknI1iGtvB6wDl6UlKBBwACR98WI1nvh15fFyF3K7wqUIK0by...

0
0

280ms
85ms

Script
text/html

193.57.219.95
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLNTsMwEITvPEXkext3KWlrtZWgvRQBFS3ipxdknI1iGtvB6wDl6UlKBBwACR98WI1nvh15fFyF3K7wqUIK0by%2BtJVBOztheQgliTjOMM2rh67UPvPSKuxmPtZpGePuFBQU28Wj0%2BntabU0xVbNyxdlLpO7m81uaU%2FM0qwCmm1yB%2FmzvLkoFpbH6%2FWyS9IUwKLFfMLuR4AyGx4hHPYSNer3eS%2FpDfsPMMigP8LsCNThoJYSVbiwFKQNEwYceIcnHRhcARd8KDhsWHSNnvbo0OUsejWFpQmrvBVOkiZhpUESQYn18fmZqDWi9C445Qo2PYjqM7bUE%2Fsg%2F%2FFa1IO%2FHSQR%2BqYvNm1kVNaeqZCZF2REat70OP4ybVPatjHddz9zNuBriGbOlNJraviNttpUpsVq0UB818%2BKOnqF2Sco%2FAv0V5kSqnGux7PcaYUN%2F8%2FJ7Tbxj%2BtMD8bx9681fQc%3D&RelayState=fdbee1e35e8e28da6815a4a8fd976c4a162ce943&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Shv7OUTFofhX%2FvFhJs70T7SzVNtck7Y4shoNxFrQAY01eEnkLW5tKztZRi5oJQQFzcLTbFVBC67rEbhvVrj6kaIsf6XCxUwCZ0n6SfZA%2BzfWxfZme5plJ6W8JRr3c1sLNPWQAX1GBFYvR9S%2FXKE5YmNiKt52wzOcI26%2BTJkjISCeHODE8BsmYNHyZt1SHfS0F%2BATW7TqcJv%2FMFsYgrPne4xHTxi8pdfpWbMKAz3hHD5YWdMkz1ZIbrWaFQ%2BkNUBeluCdw0eHL7Fm1%2FU0R%2BcHdpb%2BPpuDLun5jDXkotKetTZATky82fNONc6GCz%2FKQlpkjg6CFb0pVaMBSBVcHfnT7Q%3D%3D
Requested by: Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.57.219.95 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: fedhub.airfrance.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLNTsMwEITvPEXkext3KWlrtZWgvRQBFS3ipxdknI1iGtvB6wDl6UlKBBwACR98WI1nvh15fFyF3K7wqUIK0by%2BtJVBOztheQgliTjOMM2rh67UPvPSKuxmPtZpGePuFBQU28Wj0%2BntabU0xVbNyxdlLpO7m81uaU%2FM0qwCmm1yB%2FmzvLkoFpbH6%2FWyS9IUwKLFfMLuR4AyGx4hHPYSNer3eS%2FpDfsPMMigP8LsCNThoJYSVbiwFKQNEwYceIcnHRhcARd8KDhsWHSNnvbo0OUsejWFpQmrvBVOkiZhpUESQYn18fmZqDWi9C445Qo2PYjqM7bUE%2Fsg%2F%2FFa1IO%2FHSQR%2BqYvNm1kVNaeqZCZF2REat70OP4ybVPatjHddz9zNuBriGbOlNJraviNttpUpsVq0UB818%2BKOnqF2Sco%2FAv0V5kSqnGux7PcaYUN%2F8%2FJ7Tbxj%2BtMD8bx9681fQc%3D&RelayState=fdbee1e35e8e28da6815a4a8fd976c4a162ce943&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Shv7OUTFofhX%2FvFhJs70T7SzVNtck7Y4shoNxFrQAY01eEnkLW5tKztZRi5oJQQFzcLTbFVBC67rEbhvVrj6kaIsf6XCxUwCZ0n6SfZA%2BzfWxfZme5plJ6W8JRr3c1sLNPWQAX1GBFYvR9S%2FXKE5YmNiKt52wzOcI26%2BTJkjISCeHODE8BsmYNHyZt1SHfS0F%2BATW7TqcJv%2FMFsYgrPne4xHTxi8pdfpWbMKAz3hHD5YWdMkz1ZIbrWaFQ%2BkNUBeluCdw0eHL7Fm1%2FU0R%2BcHdpb%2BPpuDLun5jDXkotKetTZATky82fNONc6GCz%2FKQlpkjg6CFb0pVaMBSBVcHfnT7Q%3D%3D
Date: Sat, 27 Jun 2020 20:08:02 GMT
Server: Apache/2.4.38 (Unix) mod_jk/1.2.42
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

GET
H/1.1

200
OK

SSO.saml2 Show response
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain

https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/handlebars.min-latest.js
https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77BScGMNkCBcICoRjAgX03VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpHSZXonXUoDzZ...

0
0

281ms
86ms

Script
text/html

193.57.219.95
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77BScGMNkCBcICoRjAgX03VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpHSZXonXUoDzZtUlNXPS6BHKnCuA%2Bn4qkqyMO0za1DLNRSe1vkwKXxwXhJN8P38xMnlalEuV7%2FmseOfqPthudselvlZLtXJC7YMtyd7Y5i6fa%2Byv18sOMJUT5M1nI%2FTMw16f9UQ3iaIg4XEcRn0S9UMeBnHEB6TXu8JxJQUoxVyDY9qNEMEEt3HQJuEDwRQPKCY75D0KCyd00sHIO6hcwwiVVlPDQALVTAmgjtP15PaGVhpaWOMMNzkat7zqDDV06SnIfr2m1eBvBwYgbN0XGtcyKCrPhLLUUlA0UR9y6P%2BYNilN2yI5dT812omD86ZGFcxKqPmV1FKVqsFq0Ag910%2FzKnol0m9Q8i%2FQX2Wc8tq5Gk8zI7mo%2BS8nN9v4F9cZt4b%2B%2BdcafwI%3D&RelayState=14d86f9e7fc783c78a3e3d9164306081294f9676&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=M7uN4WsEbx7Tbpin5HdXrDmg%2F3kVKhkBYqJHkgUhnOZ9vURRkk2bNOnJJv9q1ZjFLc6JgnlVY8HV3Hjx6Uyfdo9Yy3HTit6EmbtfjkGllvs%2Bpgx8yZX4g8YUbgNFlGgfm7jLssHJXrTTbUVuoaSRsCPgfuoAuhI0FbY7KkIuvrZWmva3qbgGeOrxjhPHMcFLn0JTm%2FVn6owoLncH7e6JrxaFKqZVeYacEOVVFlqkq5RUa4FUhuRkJIkO0DRx0%2BttZ0ZUmLy27OTR6rgn3js9k%2F2l%2FTdmwcgWqn8A0ujX5Uru19Rw4Pe0ZkjIJM4vA%2FjwFOAHcIL%2FPeNRUVNDSNTvpA%3D%3D
Requested by: Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.57.219.95 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: fedhub.airfrance.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77BScGMNkCBcICoRjAgX03VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpHSZXonXUoDzZtUlNXPS6BHKnCuA%2Bn4qkqyMO0za1DLNRSe1vkwKXxwXhJN8P38xMnlalEuV7%2FmseOfqPthudselvlZLtXJC7YMtyd7Y5i6fa%2Byv18sOMJUT5M1nI%2FTMw16f9UQ3iaIg4XEcRn0S9UMeBnHEB6TXu8JxJQUoxVyDY9qNEMEEt3HQJuEDwRQPKCY75D0KCyd00sHIO6hcwwiVVlPDQALVTAmgjtP15PaGVhpaWOMMNzkat7zqDDV06SnIfr2m1eBvBwYgbN0XGtcyKCrPhLLUUlA0UR9y6P%2BYNilN2yI5dT812omD86ZGFcxKqPmV1FKVqsFq0Ag910%2FzKnol0m9Q8i%2FQX2Wc8tq5Gk8zI7mo%2BS8nN9v4F9cZt4b%2B%2BdcafwI%3D&RelayState=14d86f9e7fc783c78a3e3d9164306081294f9676&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=M7uN4WsEbx7Tbpin5HdXrDmg%2F3kVKhkBYqJHkgUhnOZ9vURRkk2bNOnJJv9q1ZjFLc6JgnlVY8HV3Hjx6Uyfdo9Yy3HTit6EmbtfjkGllvs%2Bpgx8yZX4g8YUbgNFlGgfm7jLssHJXrTTbUVuoaSRsCPgfuoAuhI0FbY7KkIuvrZWmva3qbgGeOrxjhPHMcFLn0JTm%2FVn6owoLncH7e6JrxaFKqZVeYacEOVVFlqkq5RUa4FUhuRkJIkO0DRx0%2BttZ0ZUmLy27OTR6rgn3js9k%2F2l%2FTdmwcgWqn8A0ujX5Uru19Rw4Pe0ZkjIJM4vA%2FjwFOAHcIL%2FPeNRUVNDSNTvpA%3D%3D
Date: Sat, 27 Jun 2020 20:08:02 GMT
Server: Apache/2.4.38 (Unix) mod_jk/1.2.42
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

GET
H/1.1

200
OK

SSO.saml2 Show response
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain

https://cmstools.airfrance.fr/cmstoolsWeb/js/app/cmstools.min.js
https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJRT8IwFIXf%2BRVL32GlwoAGSBBeICoRjAgvpuu6rLK2s7dT8Nfb4aI8oIlNbh9uTs%2F57k2Hk9JleiVeSwE...

0
0

279ms
88ms

Script
text/html

193.57.219.95
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJRT8IwFIXf%2BRVL32GlwoAGSBBeICoRjAgvpuu6rLK2s7dT8Nfb4aI8oIlNbh9uTs%2F57k2Hk9JleiVeSwEumPlLauak0SOUOVcADcNUJFkZt5i0qWWai1ZqQ5kUoTguCCf5fv5iZPK0KJcq3%2FNZ8c7VfbTd7I5Lfa2WauWE2kdbkr2xzV0%2B1zhcr5ctYConKJjPRug56US4HeFeb4AHaRTHMe8OorTT7%2FE4bqddX%2BLKSwFKMdfgmHYjRDDBTRw1Se%2BBYIr7FJMdCh6FhRM6aWEUHFSuYYRKq6lhIIFqpgRQx%2Bl6cntDvYYW1jjDTY7GjcCfoYY2PQXZr9fUN%2F52YADCVvtC40oGhfdMKEstBUUT9SGH4Y9pnVJvWySn3U%2BNduLggqlRBbMSKn4ltVSlqrFqNELP9dPcR69E%2Bg1K%2FgX6q4xTXjn79jQzkouK%2F3JyPU14cZxxYxief63xJw%3D%3D&RelayState=63bf2fe8cb36fa545f05d9669468312fc92f5227&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Acz9ATfgWx6nsqklajL%2BHx%2F3sXw9jQOe9ACy%2BKc5oKNmDmpwzjCGUwgEuy8tBHazKPEkEI%2BG7iZt9ENkaJJoS0wZKOWEJNbMVYiuUrO%2BIB1IldUSnY5%2BzfQeDkAkzw9ZLYxgGeJ1lNTcBdrNfPOWzxlixmceSQLvSPeq9%2FMJVjKM9pgihCQ9V0%2Bj36pIEgcIWYeh5hnOF5USAij66JP%2Fx%2Fp%2BE9dPkOIDRTIdnewslykS59I7OwgzidmHJogZX7tFMGzE9rZ1C2rsIjmhsotzPehtcgwTosPU2I8TRJf%2FU3uodOTU%2FiV3n29oF8E4KsfKB%2FKH7duJmpkiZeG5EHcYMw%3D%3D
Requested by: Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.57.219.95 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: fedhub.airfrance.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJRT8IwFIXf%2BRVL32GlwoAGSBBeICoRjAgvpuu6rLK2s7dT8Nfb4aI8oIlNbh9uTs%2F57k2Hk9JleiVeSwEumPlLauak0SOUOVcADcNUJFkZt5i0qWWai1ZqQ5kUoTguCCf5fv5iZPK0KJcq3%2FNZ8c7VfbTd7I5Lfa2WauWE2kdbkr2xzV0%2B1zhcr5ctYConKJjPRug56US4HeFeb4AHaRTHMe8OorTT7%2FE4bqddX%2BLKSwFKMdfgmHYjRDDBTRw1Se%2BBYIr7FJMdCh6FhRM6aWEUHFSuYYRKq6lhIIFqpgRQx%2Bl6cntDvYYW1jjDTY7GjcCfoYY2PQXZr9fUN%2F52YADCVvtC40oGhfdMKEstBUUT9SGH4Y9pnVJvWySn3U%2BNduLggqlRBbMSKn4ltVSlqrFqNELP9dPcR69E%2Bg1K%2FgX6q4xTXjn79jQzkouK%2F3JyPU14cZxxYxief63xJw%3D%3D&RelayState=63bf2fe8cb36fa545f05d9669468312fc92f5227&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Acz9ATfgWx6nsqklajL%2BHx%2F3sXw9jQOe9ACy%2BKc5oKNmDmpwzjCGUwgEuy8tBHazKPEkEI%2BG7iZt9ENkaJJoS0wZKOWEJNbMVYiuUrO%2BIB1IldUSnY5%2BzfQeDkAkzw9ZLYxgGeJ1lNTcBdrNfPOWzxlixmceSQLvSPeq9%2FMJVjKM9pgihCQ9V0%2Bj36pIEgcIWYeh5hnOF5USAij66JP%2Fx%2Fp%2BE9dPkOIDRTIdnewslykS59I7OwgzidmHJogZX7tFMGzE9rZ1C2rsIjmhsotzPehtcgwTosPU2I8TRJf%2FU3uodOTU%2FiV3n29oF8E4KsfKB%2FKH7duJmpkiZeG5EHcYMw%3D%3D
Date: Sat, 27 Jun 2020 20:08:02 GMT
Server: Apache/2.4.38 (Unix) mod_jk/1.2.42
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H2 200 branding_afklm_2018.css
midpack.airfrance.fr/referentiel/css/ 18 KB
6 KB 58ms
56ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

66dfadd2d1fd0e35d9a36890f4894001c63342320090f5ef20ae7d5e41f51292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 23 May 2019 09:08:44 GMT
etag: "4944-5898a6dc9ff00"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=21600
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 logo-afkl-white.png
midpack.airfrance.fr/referentiel/dist/img/ 12 KB
12 KB 50ms
49ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/referentiel/dist/img/logo-afkl-white.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

011f158c22de2355cf5d778b1276d00a2885c32d8ddc1ad5a77938cf8b5b325c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 13 Mar 2019 12:40:15 GMT
etag: "309a-583f91b7fa9c0"
x-afkl-site: tls
content-type: image/png
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12442
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 Phishing2020BannerEN.png
midpack.airfrance.fr/phishingvictim/en/files/img/ 225 KB
226 KB 48ms
47ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/en/files/img/Phishing2020BannerEN.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

43f1dc0feabae4fc20796b29771f9a1f02a90616925bc9efc5c6227f67719468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 17 Jun 2020 15:41:25 GMT
etag: "38240-5a8497e15f340"
x-afkl-site: tls
content-type: image/png
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 229952
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 giphy.gif
midpack.airfrance.fr/phishingvictim/fr/files/img/ 646 KB
649 KB 108ms
106ms Image
image/gif 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/giphy.gif

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

5d2e992756c3ef2fb10d27bbcb49f4814cbeb402b198a901b44eb32ed5a5c205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 13 Mar 2019 08:06:38 GMT
etag: "a1622-583f548ff998f"
x-afkl-site: tls
content-type: image/gif
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 661026
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 intro.gif
midpack.airfrance.fr/phishingvictim/fr/files/img/ 516 KB
519 KB 108ms
107ms Image
image/gif 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/intro.gif

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

470b727588289bd5b5a85162cdf64cbbe1a8c291666d4f0ad8b056324799af50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 14 Mar 2019 09:49:00 GMT
etag: "81119-5840ad4e6fb00"
x-afkl-site: tls
content-type: image/gif
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 528665
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 spy_2.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 29 KB
29 KB 107ms
106ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/spy_2.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

a6fe71589e158e7a394067b850942aec026a2c87436f6dd1d80ee28b55522f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 13 Mar 2019 15:01:34 GMT
etag: "73b9-583fb14efb417"
x-afkl-site: tls
content-type: image/png
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 29625
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 world-wide-web.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 19 KB
19 KB 105ms
104ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/world-wide-web.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

8a8f262550a1bc44fa38ce4ab57546b8f58fdf2355f1e0f41076d8fdedba24bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 13 Mar 2019 15:03:24 GMT
etag: "4c55-583fb1b716700"
x-afkl-site: tls
content-type: image/png
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 19541
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:02 GMT

GET
H2 200 Time_2.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 3 KB
4 KB 56ms
56ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/Time_2.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fa52951f7331c77908baf0d24d1a8543dd9a8075c5effe7232236dbcfce849ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:03 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 13 Mar 2019 15:04:20 GMT
etag: "dda-583fb1ed67357"
x-afkl-site: tls
content-type: image/png
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3546
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:03 GMT

GET
H2 200 scribble.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 43 KB
44 KB 60ms
60ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/scribble.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

1a7dd77250a63697d83e7ca6bdc53a28cf0273109dc306128b9016ce1522caae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:03 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Wed, 13 Mar 2019 15:05:19 GMT
etag: "ad83-583fb224c29c0"
x-afkl-site: tls
content-type: image/png
status: 200
cache-control: max-age=21600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 44419
x-afkl-origin: back
expires: Sun, 28 Jun 2020 02:08:03 GMT

GET
H/1.1 200 Cookie set Phishing2020EN Show response
interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/ Frame 3EAD 26 KB
7 KB 175ms
84ms Document
text/html 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

c20f885d720d232e946717a15422e8a383b40210ae5a16814bb62ab4811157a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Host: interview.airfrance.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PFHUB=a8GiQrWRYQ9NBitk03mPR4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Response headers

Date: Sat, 27 Jun 2020 20:08:02 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=BE4BA9A8B1B0444AC3344F330181D278;path=/afklm;HttpOnly encryptedForm=WLyZnGArEy8mIaGHPN7uTYWQyVrAvPTCpT84V3MBBROo6voM0HV-leS7hAMXGj06bXxPBB66-yI;Max-Age=2592000;path=/afklm
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-UA-Compatible: IE=Edge
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Allow: GET, POST, PUT, DELETE
Content-Encoding: gzip

GET
H2 200 Montserrat-Regular.woff
midpack.airfrance.fr/referentiel/css/ 106 KB
106 KB 98ms
97ms Font
application/x-font-woff 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/Montserrat-Regular.woff

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fef89a9397dde1d5a81a920fb7f7d32ff01e9fcef520863043da25137c3f45f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Origin: https://midpack.airfrance.fr

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Tue, 26 Jun 2018 07:16:15 GMT
status: 200
etag: "1a65c-56f86460b4dc0"
x-afkl-site: tls
content-type: application/x-font-woff
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 108124
x-afkl-origin: back

GET
H2 200 Montserrat-Medium.woff
midpack.airfrance.fr/referentiel/css/ 105 KB
106 KB 97ms
96ms Font
application/x-font-woff 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/Montserrat-Medium.woff

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

2f5d0a4dd2aa3a95f4d0add12842ad9a3c930216c823de771f9241f5eba6506e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Origin: https://midpack.airfrance.fr

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Tue, 26 Jun 2018 07:16:14 GMT
status: 200
etag: "1a560-56f8645fc0b80"
x-afkl-site: tls
content-type: application/x-font-woff
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 107872
x-afkl-origin: back

GET
H2 200 icons-bootstrap-AF.woff
midpack.airfrance.fr/referentiel/dist/fonts/ 88 KB
89 KB 96ms
96ms Font
application/x-font-woff 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/fonts/icons-bootstrap-AF.woff

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

eece32ebb0977129661ee5f202f9fe796546a1e738ccf3246dcc44cddd952121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Origin: https://midpack.airfrance.fr

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Fri, 06 Oct 2017 08:24:16 GMT
status: 200
etag: "161e0-55adc9106cc00"
x-afkl-site: tls
content-type: application/x-font-woff
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 90592
x-afkl-origin: back

GET
H2 200 menuh.json Show response
midpack.airfrance.fr/phishingvictim/en/menuHorizontal/ 55 B
172 B 83ms
83ms XHR
application/json 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/menuHorizontal/menuh.json

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fb7e9bcfd374a3ae723a031906d4c2424dc6317feb6f3c6dac267c9dc973e4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Thu, 07 Mar 2019 07:31:01 GMT
etag: "37-5837c168bd740"
vary: Accept-Encoding
content-type: application/json
status: 200
x-afkl-site: tls
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 55
x-afkl-origin: back

GET
H2 404 contextual_link.json Show response
midpack.airfrance.fr/phishingvictim/en/footer/ 2 KB
1 KB 79ms
79ms XHR
text/html 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/footer/contextual_link.json

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Tue, 10 Mar 2015 10:25:08 GMT
etag: "772-510ec909ba900"
vary: Accept-Encoding
content-type: text/html
status: 404
x-afkl-site: tls
content-security-policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 958
x-afkl-origin: back

GET
H2 404 footer.json Show response
midpack.airfrance.fr/phishingvictim/en/footer/ 2 KB
1 KB 80ms
80ms XHR
text/html 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/footer/footer.json

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 Brenouille, France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Jun 2020 20:08:02 GMT
via: 1.1 RT_PU, 1.1 RT_PU
last-modified: Tue, 10 Mar 2015 10:25:08 GMT
etag: "772-510ec909ba900"
vary: Accept-Encoding
content-type: text/html
status: 404
x-afkl-site: tls
content-security-policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 958
x-afkl-origin: back

GET
H/1.1 200 jquery-3.3.1.min.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/ Frame 3EAD 85 KB
30 KB 54ms
50ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/jquery-3.3.1.min.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:02 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 jquery-migrate-3.0.0.min.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/ Frame 3EAD 7 KB
3 KB 121ms
40ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/jquery-migrate-3.0.0.min.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 jquery-ui.fork.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.javascript.JQueryUIHeaderItems/ Frame 3EAD 209 KB
56 KB 149ms
69ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.javascript.JQueryUIHeaderItems/jquery-ui.fork.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

ce969cfd1160c3c2f3dbd83224eedca8cbb52fca0b47e65176f288e27ae1cd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 respondent-bundle.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwApplication/ Frame 3EAD 109 KB
109 KB 186ms
65ms Script
text/plain 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwApplication/respondent-bundle.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

e1b56a7bbf3ceb5060af2d52607eb78d58f062e7ee30e1c506734da8be636aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Allow: GET, POST, PUT, DELETE
Connection: keep-alive
Cache-Control: public, max-age=31536000
Content-Disposition: inline
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Length: 111628
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 respondent-style-PhishingSurvey.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/ Frame 3EAD 73 KB
14 KB 124ms
48ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

ccd02a20e8a7106dfa5beb04d12d4949b49e03aa8f8de05a0ef407cbc3118f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Allow: GET, POST, PUT, DELETE
Last-Modified: Sat, 27 Jun 2020 20:08:02 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 respondent-responsive-bundle-PhishingSurvey.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/ Frame 3EAD 7 KB
2 KB 119ms
40ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-responsive-bundle-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

b4d82bafd0bbca1a71cdea5dc7e96a83a59cf511e33d602ec31bc5fe38af9bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Allow: GET, POST, PUT, DELETE
Last-Modified: Fri, 26 Apr 2019 13:31:52 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 apparence-respondent.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/ Frame 3EAD 19 KB
3 KB 121ms
42ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/apparence-respondent.css?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

9a404b7332da2b280df2399919c0145c9c6c1ed164a4334e4dc797110f4996a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Fri, 26 Apr 2019 13:32:58 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 respondent-utilities.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentUtilities/ Frame 3EAD 11 KB
4 KB 160ms
40ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentUtilities/respondent-utilities.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

4beb17e5bdb7d81a5e94014ba1a8ce6f639d827d37df75a556909573a69277f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Fri, 26 Apr 2019 13:31:52 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 respondent-responsive.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentResponsive/ Frame 3EAD 10 KB
3 KB 160ms
41ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentResponsive/respondent-responsive.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

48ecc2cd8b07ccdf53f0c6b5e2ddf35661fbb61c4b7768579fe47e8920097e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Fri, 26 Apr 2019 13:31:52 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 efm-respondent-icon.css
interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/ Frame 3EAD 1 KB
1003 B 117ms
39ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

388015d4c90674adfd7e0e8e7f655c3508dcc1841525c0ff07fe898d4a90982f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Tue, 20 Nov 2018 09:14:24 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 loading-ajax.gif
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.behavior.dialog.DialogAjaxPreloaderPanel/ Frame 3EAD 4 KB
5 KB 41ms
40ms Image
image/gif 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.behavior.dialog.DialogAjaxPreloaderPanel/loading-ajax.gif?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

9d50d7f26944d0c79dc4baa584d0a9b196d5382fefc23933343fce3065f4397b

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Content-Disposition: inline
Connection: keep-alive
Allow: GET, POST, PUT, DELETE
Content-Length: 4269
Expires: Sun, 27 Jun 2021 20:08:02 GMT

GET
H/1.1 200 IMG-ZECFuEWowV
interview.airfrance.fr/afklm/itw/lib/img/name/ Frame 3EAD 11 KB
11 KB 41ms
41ms Image
image/png 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interview.airfrance.fr/afklm/itw/lib/img/name/IMG-ZECFuEWowV

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

26ddbc12835eb3944119e1506d4df9d8f8dd28cd304da3bbfcdc4cf17f1f9377

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Referer: https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Allow: GET, POST, PUT, DELETE
Last-Modified: Sat, 27 Jun 2020 20:08:03 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: image/png
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Content-Disposition: inline; filename="BandeauQuestionnaire.png"; filename*=UTF-8''BandeauQuestionnaire.png
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 efm-respondent-icon.woff
interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/ Frame 3EAD 6 KB
6 KB 46ms
46ms Font
application/x-font-woff 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.woff?7d8f279abb6d20e9e78400a3e9ed495a

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

07c56c584fecfe564758461e1d893c5152211b87a9f5d963fe350a50481bc6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426
Origin: https://interview.airfrance.fr

Response headers

Pragma: cache
Date: Sat, 27 Jun 2020 20:08:03 GMT
Accept-Range: bytes
Last-Modified: Tue, 20 Nov 2018 09:14:24 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/x-font-woff
Cache-Control: private, max-age=31449600
Content-Disposition: inline
Connection: keep-alive
Allow: GET, POST, PUT, DELETE
Content-Length: 5900
Expires: Sat, 26 Jun 2021 20:08:03 GMT

GET
H/1.1 200 sprite-respondent.png
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/images/ Frame 3EAD 3 KB
4 KB 48ms
48ms Image
image/png 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/images/sprite-respondent.png?v=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

31.193.53.126 Vizille, France, ASN15401 (EOLAS-AS, FR),

Reverse DNS