urlscan.io logo urlscan.io
SecurityTrails logo

controlpanel.myphisher.net Open in urlscan Pro
213.202.212.117  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://controlpanel.myphisher.net/login/index.html
Submission: On November 17 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 213.202.212.117, located in Germany and belongs to MYLOC-AS IP Backbone of myLoc managed IT AG, DE. The main domain is controlpanel.myphisher.net.
This is the only time controlpanel.myphisher.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

IP Address AS Autonomous System
4 213.202.212.117 24961 (MYLOC-AS ...)
12 194.51.127.66 3215 (France Te...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.147.21 16509 (AMAZON-02)
1 192.229.233.55 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 156.154.246.59 19905 (ULTRADDOS)
2 18.66.0.107 16509 (AMAZON-02)
1 13.36.248.187 16509 (AMAZON-02)
32 13
4    213.202.212.117 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cpanel.space-hosting.net
controlpanel.myphisher.net
12    194.51.127.66 (Sainte-Foy-les-Lyon, France)

ASN3215 (France Telecom - Orange, FR)
banque.axa.fr
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:cb16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    18.66.147.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-21.fra60.r.cloudfront.net
tag.aticdn.net
1    192.229.233.55 (Saint Joseph, United States)

ASN15133 (EDGECAST, US)
cdn.trustcommander.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    156.154.246.59 (United States)

ASN19905 (ULTRADDOS, US)
PTR: pr.security.neustar
www.axa.fr
2    18.66.0.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-0-107.txl50.r.cloudfront.net
logs1412.xiti.com
1    13.36.248.187 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-248-187.eu-west-3.compute.amazonaws.com
privacy.trustcommander.net
Apex Domain
Subdomains		 Transfer
13 axa.fr
banque.axa.fr
www.axa.fr — Cisco Umbrella Rank: 802897
770 KB
4 myphisher.net
controlpanel.myphisher.net
159 KB
2 xiti.com
logs1412.xiti.com — Cisco Umbrella Rank: 58851
613 B
2 gstatic.com
fonts.gstatic.com
26 KB
2 trustcommander.net
cdn.trustcommander.net — Cisco Umbrella Rank: 27574
privacy.trustcommander.net — Cisco Umbrella Rank: 38605
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 aticdn.net
tag.aticdn.net — Cisco Umbrella Rank: 18004
20 KB
1 instana.io
eum.instana.io — Cisco Umbrella Rank: 6396
10 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
32 10
Domain Requested by
12 banque.axa.fr controlpanel.myphisher.net
banque.axa.fr
4 controlpanel.myphisher.net controlpanel.myphisher.net
2 logs1412.xiti.com controlpanel.myphisher.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com 1 redirects controlpanel.myphisher.net
1 privacy.trustcommander.net cdn.trustcommander.net
1 www.axa.fr controlpanel.myphisher.net
1 fonts.googleapis.com banque.axa.fr
1 cdn.trustcommander.net controlpanel.myphisher.net
1 tag.aticdn.net controlpanel.myphisher.net
1 eum.instana.io controlpanel.myphisher.net
1 www.google-analytics.com controlpanel.myphisher.net
32 12

This site contains links to these domains. Also see Links.

Domain
www.axa.fr
Subject Issuer Validity Valid
ouvriruncomptebancaire.axa.fr
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-23 -
2023-10-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-12-10		 a year crt.sh
tag.aticdn.net
Thawte RSA CA 2018		 2022-01-11 -
2023-01-22		 a year crt.sh
cdn.tagcommander.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-21 -
2023-05-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.axa.fr
DigiCert SHA2 Extended Validation Server CA		 2022-09-23 -
2023-10-13		 a year crt.sh
*.xiti.com
Thawte RSA CA 2018		 2022-04-29 -
2023-04-28		 a year crt.sh
*.trustcommander.net
Thawte RSA CA 2018		 2022-03-09 -
2023-04-09		 a year crt.sh

This page contains 1 frames:

Primary Page: http://controlpanel.myphisher.net/login/index.html
Frame ID: 37113A35D6424DA4B8C2CAB34BC0A28E
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authentification

Detected technologies

Overall confidence: 100%
Detected patterns
  • xiti\.com/hit\.xiti
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

32
Requests

72 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

13
IPs

3
Countries

1093 kB
Transfer

3363 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.googletagmanager.com/gtm.js?id=GTM-KFJNQJS HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-KFJNQJS

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
controlpanel.myphisher.net/login/ 		472 KB
159 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Server
213.202.212.117 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.space-hosting.net
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
af9e36120a76da19157f9e1f1c91379836f47d0299f92475ec0bfc7e69c66abe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
none
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 17 Nov 2022 13:10:37 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Sat, 12 Nov 2022 11:23:18 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
Accept-Encoding,User-Agent
style.css
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/ 		123 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/style.css
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
4b7548feecf18c22fc4914bf7304270126bff8ca3ab7ee30cc103467cebd3a6c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
6e0edceaf07facac
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:11:54 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
text/css
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
styles-novatio.css
banque.axa.fr/cms/plugins/ArkeaAXBPlugin/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/cms/plugins/ArkeaAXBPlugin/css/styles-novatio.css
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
256471969aad42f69a5e652875425ca13038c844b673287cbad71a909307a8ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
Last-Modified
Thu, 30 Dec 2021 14:26:02 GMT
Server
nginx
ETag
W/"18201-1640874362000"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
axb_app.css
banque.axa.fr/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0//modules-styles/domi-common-styles/novatio-styles/ 		198 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0//modules-styles/domi-common-styles/novatio-styles/axb_app.css
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd4b97a548ee205e997a3cd29e32edd122ccd1dff3bfdf7997863a6068d122be
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
6f270f066ceaf9df
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:08:28 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
text/css
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
app.css
banque.axa.fr/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0//modules-styles/domi-angular/styles/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0//modules-styles/domi-angular/styles/app.css
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
938c311f1d329a37
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:08:17 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
text/css
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
axb_app.css
banque.axa.fr/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0//modules-styles/domi-auth/novatio-styles/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0//modules-styles/domi-auth/novatio-styles/axb_app.css
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
8239159ce2f3039ae7d57d45dd0d7b389f18971584bbd5a934724f108ebd848c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
ad37a88d8095c4c6
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:08:18 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
text/css
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6883
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 17 Nov 2022 13:15:54 GMT
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-KFJNQJS
  • https://www.googletagmanager.com/gtm.js?id=GTM-KFJNQJS
208 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KFJNQJS
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bd096e356e991a0df14e9a12dcbf584467b3e04d2ed20e623c5c3db5c735743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66607
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 17 Nov 2022 13:10:37 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-KFJNQJS
Date
Thu, 17 Nov 2022 13:10:37 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
251
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
modules-hashes-lib.min.js
banque.axa.fr/novatio-core/modules-hashes-lib/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-core/modules-hashes-lib/modules-hashes-lib.min.js?nocache=true
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
621ac9d6e3205ec43743bc63947322782ad63dc3e39d25e6535005c0d3ef8086
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
d5deaee395432087
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:11:21 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
no-store
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
BYPASS
brand-i18n-lib.min.js
banque.axa.fr/novatio-modules/brand-i18n-lib/8209bfda2e6927488bf4e657fb961db1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/brand-i18n-lib/8209bfda2e6927488bf4e657fb961db1/brand-i18n-lib.min.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a1df7eb2feeeda70bfe572b27b892b8067bc13d7fe9904c873e18998bec4f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
eefcb30354516e65
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:08:14 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
otp-wc-lib.min.js
banque.axa.fr/novatio-modules/otp-wc-lib/bbc27e050174115ee00a449c5b52a53c/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/otp-wc-lib/bbc27e050174115ee00a449c5b52a53c/otp-wc-lib.min.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
83f44a77be10acee5f526779874c6bb347f56bed73db5e1d3de93bdb5d8c5130
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
d5fbe4d0cbfaff70
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:11:24 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
app.js
banque.axa.fr/novatio-modules/web-axb/a924a64ee7129c14d12e5e7c9ee0b258/ 		1 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/web-axb/a924a64ee7129c14d12e5e7c9ee0b258/app.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
c78e109f26368b498cdc9957992b7ca41cfa9412e8776cb8422c7837edb040d2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
b0234e0577f28ba6
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Mon, 03 Oct 2022 12:32:46 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
bundle.js
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/ 		772 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/bundle.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
8427fc3612441573660c7ca17f9b3ae0b6df086cf151f517938e068332473a12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
bc9cb4dbcea7708a
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:11:53 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
eum.min.js
eum.instana.io/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
139374
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
76b8b5260d0cf0b7-CDG
domi-auth-fat.js
controlpanel.myphisher.net/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://controlpanel.myphisher.net/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0/domi-auth-fat.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Server
213.202.212.117 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.space-hosting.net
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:37 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
smarttag.js
tag.aticdn.net/617645/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.aticdn.net/617645/smarttag.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fea708d2b1f309d00ce7fddfdac4a1ad15288cd86aada814fa9b5dc2ec4c5878

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
niTuEZe04TrTaSI9YhXd8YjSz7Aug2Od
content-encoding
br
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
date
Thu, 17 Nov 2022 13:07:19 GMT
x-amz-cf-pop
FRA60-P4
age
221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Mon, 14 Nov 2022 16:33:01 GMT
server
AmazonS3
etag
W/"b8adc404c38b0f71b2b1bb31aa8b4cef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-amz-cf-id
OMlvfEywIY-3HuzKw7k9BIc5ZLHiVt_NzLV_wuaBVoVgmCUuN0nnKw==
privacy_v2_38.js
cdn.trustcommander.net/privacy/3235/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustcommander.net/privacy/3235/privacy_v2_38.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 Saint Joseph, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F9F) /
Resource Hash
c9d340f5ec71caa6555f4f0612c23c9b209ec39f5ec950dd569a53ab88901473

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-cdn
VDMS
age
43334
x-amz-request-id
3GNS4S8NP1D103FH
x-cache
HIT
content-length
20102
x-amz-id-2
km4SZQ/BvweK7wch1Hje9OojvOR4zcNSLtRV6/EiLnZ6Db4dddj4Wblpk0zBhImQ+/dhoKTYNlE=
last-modified
Thu, 14 Oct 2021 12:49:53 GMT
server
ECS (pab/6F9F)
etag
"b19833722e9994f396a4924730d2825a+gzip"
access-control-max-age
31536000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, must-revalidate
vary
Accept-Encoding
5886821f-545f-4ff5-bfa6-9ec86c711582
https://banque.axa.fr/ 		0
0
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Requested by
Host: banque.axa.fr
URL: https://banque.axa.fr/cms/plugins/ArkeaAXBPlugin/css/styles-novatio.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40ddf88b89103e9d53aad8a76649e56f9f90f7a2d6d754b66273d048488f7e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://banque.axa.fr/cms/plugins/ArkeaAXBPlugin/css/styles-novatio.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Nov 2022 13:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Nov 2022 13:10:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Nov 2022 13:10:37 GMT
ded4ee63-fcbe-460f-88b3-49e6afb9981e
http://controlpanel.myphisher.net/ 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:http://controlpanel.myphisher.net/ded4ee63-fcbe-460f-88b3-49e6afb9981e
Requested by
Host: banque.axa.fr
URL: https://banque.axa.fr/novatio-modules/otp-wc-lib/bbc27e050174115ee00a449c5b52a53c/otp-wc-lib.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
982a0d6da38bfcf90afb9857f885b2aaad3e5421e91a8320befc56a763e350f4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
6012
Content-Type
text/css
sourcesanspro-bold.woff2
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/ 		0
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://controlpanel.myphisher.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 17:43:57 GMT
x-content-type-options
nosniff
age
242801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 17:43:57 GMT
padlock.svg
www.axa.fr/content/dam/axa/desktop/banque-credits/banque-espace-client/ 		957 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.axa.fr/content/dam/axa/desktop/banque-credits/banque-espace-client/padlock.svg
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
156.154.246.59 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
pr.security.neustar
Software
PWS/8.3.1.0.8 /
Resource Hash
a35a025624ad8566b0a2e918355e1f7c9ff6b8267519013cee9bf23d382795d1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:38 GMT
Via
1.1 PShlamstdAMS1qj18:0 (W), 1.1 PSdgflkfFRA2lp71:6 (W)
Age
189102
X-Px
ht PSdgflkfFRA2lp71FRA
Connection
keep-alive
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1290078004"
Content-Length
957
Last-Modified
Tue, 15 Nov 2022 08:38:56 GMT
Server
PWS/8.3.1.0.8
ETag
W/"3bd-5ed7e496a038a"
X-Ws-Request-Id
637632ce_PSdgflkfFRA2po75_14455-40026
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
(null)
Access-Control-Expose-Headers
Set-cookie
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
True
Accept-Ranges
bytes
authent.jpg
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/images/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/images/authent.jpg
Requested by
Host: banque.axa.fr
URL: https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
df356960ace8c63e
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:11:52 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
hit.xiti
logs1412.xiti.com/ 		35 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs1412.xiti.com/hit.xiti?s=617645&idclient=1fe16f96-0bdc-46f0-a8f0-9e8c81607f70&vc=false&vm=exempt&ts=1668690638266&vtag=5.28.1&ptag=js&p=&s2=8&ref=
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.0.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-0-107.txl50.r.cloudfront.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:10:38 GMT
via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15768000
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
35
x-amz-cf-id
srrh6hNCNfKrPfcAGmEsqGTwpxNDQHnDic4eA3tC-jw9pujtnWwYKA==
hit.xiti
logs1412.xiti.com/ 		35 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs1412.xiti.com/hit.xiti?s=617645&idclient=1fe16f96-0bdc-46f0-a8f0-9e8c81607f70&vc=false&vm=exempt&ts=1668690638293&vtag=5.28.1&ptag=js&p=&s2=8&ref=
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.0.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-0-107.txl50.r.cloudfront.net
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 13:10:38 GMT
via
1.1 a966c6e25db0d10ed8111bf0f786dbc6.cloudfront.net (CloudFront)
strict-transport-security
max-age=15768000
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-store
content-length
35
x-amz-cf-id
1NSwXDTqHHVNh87w1qboacpvtQJf41ALq2AxRhSnu3d42WveU40XEA==
modules-hashes-lib.min.js
controlpanel.myphisher.net/novatio-core/modules-hashes-lib/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://controlpanel.myphisher.net/novatio-core/modules-hashes-lib/modules-hashes-lib.min.js?nocache=true
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Server
213.202.212.117 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.space-hosting.net
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:38 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
/
privacy.trustcommander.net/privacy-consent/ 		43 B
542 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://privacy.trustcommander.net/privacy-consent/
Requested by
Host: cdn.trustcommander.net
URL: https://cdn.trustcommander.net/privacy/3235/privacy_v2_38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.36.248.187 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-248-187.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://controlpanel.myphisher.net/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
private
Date
Thu, 17 Nov 2022 13:10:38 GMT
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Type
image/gif
Access-Control-Allow-Origin
http://controlpanel.myphisher.net
Cache-Control
private, max-age=486000, pre-check=486000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
43
Expires
Wed, 15 Feb 2023 13:10:38 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
654e7e4599e04f24267341de3d4260d0c332c10bc66b3c99d8f242fdeb258c1c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e118c0623d37daccbcb18489f1cd5301a83da3824fb09e1eb0fa2b179caceb85

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		307 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf62c48b09e55011139dbe497ef1fae26d65da75807a98314a6600a0b4746a2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://controlpanel.myphisher.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 09:39:30 GMT
x-content-type-options
nosniff
age
444668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 09:39:30 GMT
sourcesanspro-bold.woff
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/ 		0
0
logo.png
banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/images/logo.png
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.51.127.66 Sainte-Foy-les-Lyon, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
nginx /
Resource Hash
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Security-Policy
upgrade-insecure-requests
Transfer-Encoding
chunked
x-ntap-sg-trace-id
e04f90b9a15b3f11
Connection
keep-alive
x-xss-protection
1; mode=block
Referrer-Policy
No-referrer-when-downgrade
last-modified
Fri, 07 Oct 2022 15:11:52 GMT
Server
nginx
x-frame-options
SAMEORIGIN
Content-Type
image/png
cache-control
public, max-age=31536000, immutable
Feature-Policy
vibrate none; geolocation none; midi none; notifications none; push none; sync-xhr none; microphone none; camera none; magnetometer none; gyroscope none; speaker none; fullscreen none; payment none
x-proxy-cache
HIT
modules-hashes-lib.min.js
controlpanel.myphisher.net/novatio-core/modules-hashes-lib/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://controlpanel.myphisher.net/novatio-core/modules-hashes-lib/modules-hashes-lib.min.js
Requested by
Host: controlpanel.myphisher.net
URL: http://controlpanel.myphisher.net/login/index.html
Protocol
HTTP/1.1
Server
213.202.212.117 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.space-hosting.net
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://controlpanel.myphisher.net/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 17 Nov 2022 13:10:38 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
196
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
banque.axa.fr
URL
blob:https://banque.axa.fr/5886821f-545f-4ff5-bfa6-9ec86c711582
Domain
banque.axa.fr
URL
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/sourcesanspro-bold.woff2
Domain
banque.axa.fr
URL
https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/sourcesanspro-bold.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_data function| ga object| gaplugins object| google_tag_manager function| postscribe object| google_tag_manager_external object| dataLayer function| listenPost object| ModulesHashesLib object| BrandI18nLib object| OtpWcLib object| ATInternet function| ATCustomEvent number| tcImplicit number| tcImplicitClick number| tcImplicitScroll number| tcReloadContainer number| tcScrollPercentage number| tcTrustTrigger string| tcTrustTriggerName string| tcImplicitType function| tcGetScrollPercent function| reloadAllContainers function| optinAndReload function| removeBanner undefined| optinOnScroll string| tCPrivacyTagManager function| tc_closePrivacyCenter function| tc_closePrivacyButton function| prepareAcmVendorConsent function| prepareConsent object| privacyForceHitDomain object| tagCategories object| tagVendors number| tc_privacy_used function| tC object| caReady function| cact function| appendBlockFraudWarning object| tag number| level2 string| tcVendorsConsent string| tcCategoriesConsent object| overlay object| $authTitle object| uxLib string| uxEfs

3 Cookies

Domain/Path Name / Value
.myphisher.net/ Name: TCPID
Value: 1221141310387325968864
controlpanel.myphisher.net/ Name: atuserid
Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%221fe16f96-0bdc-46f0-a8f0-9e8c81607f70%22%2C%22options%22%3A%7B%22end%22%3A%222023-12-19T13%3A10%3A38.258Z%22%2C%22path%22%3A%22%2F%22%7D%7D
controlpanel.myphisher.net/ Name: atauthority
Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222023-12-19T13%3A10%3A38.292Z%22%2C%22path%22%3A%22%2F%22%7D%7D

8 Console Messages

Source Level URL
Text
javascript error URL: http://controlpanel.myphisher.net/login/index.html(Line 59)
Message:
Not allowed to load local resource: blob:https://banque.axa.fr/5886821f-545f-4ff5-bfa6-9ec86c711582
network error URL: http://controlpanel.myphisher.net/novatio-modules/domi-auth/d6557b0098788c916d54ce87c6b723b0/domi-auth-fat.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://controlpanel.myphisher.net/login/index.html
Message:
Access to font at 'https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/sourcesanspro-bold.woff2' from origin 'http://controlpanel.myphisher.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/sourcesanspro-bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: http://controlpanel.myphisher.net/novatio-core/modules-hashes-lib/modules-hashes-lib.min.js?nocache=true
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://controlpanel.myphisher.net/novatio-core/modules-hashes-lib/modules-hashes-lib.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://controlpanel.myphisher.net/login/index.html
Message:
Access to font at 'https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/sourcesanspro-bold.woff' from origin 'http://controlpanel.myphisher.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://banque.axa.fr/novatio-modules/ux-library/e1241d432f37aa19c5f0e3c3ebb4c9b7/assets/fonts/sourcesanspro-bold.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banque.axa.fr
cdn.trustcommander.net
controlpanel.myphisher.net
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
logs1412.xiti.com
privacy.trustcommander.net
tag.aticdn.net
www.axa.fr
www.google-analytics.com
www.googletagmanager.com
banque.axa.fr
13.36.248.187
156.154.246.59
18.66.0.107
18.66.147.21
192.229.233.55
194.51.127.66
213.202.212.117
2606:4700::6810:cb16
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200e
1bd096e356e991a0df14e9a12dcbf584467b3e04d2ed20e623c5c3db5c735743
256471969aad42f69a5e652875425ca13038c844b673287cbad71a909307a8ba
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
40ddf88b89103e9d53aad8a76649e56f9f90f7a2d6d754b66273d048488f7e8e
4b7548feecf18c22fc4914bf7304270126bff8ca3ab7ee30cc103467cebd3a6c
621ac9d6e3205ec43743bc63947322782ad63dc3e39d25e6535005c0d3ef8086
654e7e4599e04f24267341de3d4260d0c332c10bc66b3c99d8f242fdeb258c1c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8239159ce2f3039ae7d57d45dd0d7b389f18971584bbd5a934724f108ebd848c
83f44a77be10acee5f526779874c6bb347f56bed73db5e1d3de93bdb5d8c5130
8427fc3612441573660c7ca17f9b3ae0b6df086cf151f517938e068332473a12
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
982a0d6da38bfcf90afb9857f885b2aaad3e5421e91a8320befc56a763e350f4
a1a1df7eb2feeeda70bfe572b27b892b8067bc13d7fe9904c873e18998bec4f6
a35a025624ad8566b0a2e918355e1f7c9ff6b8267519013cee9bf23d382795d1
af9e36120a76da19157f9e1f1c91379836f47d0299f92475ec0bfc7e69c66abe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf62c48b09e55011139dbe497ef1fae26d65da75807a98314a6600a0b4746a2a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c78e109f26368b498cdc9957992b7ca41cfa9412e8776cb8422c7837edb040d2
c9d340f5ec71caa6555f4f0612c23c9b209ec39f5ec950dd569a53ab88901473
dd4b97a548ee205e997a3cd29e32edd122ccd1dff3bfdf7997863a6068d122be
e118c0623d37daccbcb18489f1cd5301a83da3824fb09e1eb0fa2b179caceb85
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
fea708d2b1f309d00ce7fddfdac4a1ad15288cd86aada814fa9b5dc2ec4c5878