urlscan.io logo urlscan.io
SecurityTrails logo

phishing.airfrance.fr Open in urlscan Pro
193.57.219.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://arifrance.com/
Effective URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Submission: On August 25 via manual from GR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 2 domains to perform 53 HTTP transactions. The main IP is 193.57.219.101, located in Poissy, France and belongs to AIRFRANCE-AS, FR. The main domain is phishing.airfrance.fr.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 31st 2018. Valid for: 2 years.
This is the only time phishing.airfrance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.70.184.38 29169 (GANDI-AS ...)
1 8 193.57.244.60 198340 (AIRFRANCE-AS)
5 17 193.57.219.101 198340 (AIRFRANCE-AS)
23 193.57.218.45 198340 (AIRFRANCE-AS)
6 193.57.218.101 198340 (AIRFRANCE-AS)
1 1 193.57.218.123 198340 (AIRFRANCE-AS)
5 193.57.218.56 198340 (AIRFRANCE-AS)
53 5
1    217.70.184.38 (France)

ASN29169 (GANDI-AS Domain name registrar - http://www.gandi.net, FR)
PTR: webredir.vip.gandi.net
arifrance.com
8    193.57.244.60 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: flacad.airfrance.fr
corpoweb.airfrance.fr
17    193.57.219.101 (Poissy, France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: svihm.airfrance.fr
phishing.airfrance.fr
cmstools.airfrance.fr
23    193.57.218.45 (Poissy, France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: midpack.airfrance.fr
midpack.airfrance.fr
6    193.57.218.101 (Poissy, France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: habile.airfrance.fr
habile.airfrance.fr
1    193.57.218.123 (Poissy, France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: cmsintranet.airfrance.fr
cmsintranet.airfrance.fr
5    193.57.218.56 (Poissy, France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: interview.airfrance.fr
interview.airfrance.fr
Domain Requested by
23 midpack.airfrance.fr phishing.airfrance.fr
12 phishing.airfrance.fr corpoweb.airfrance.fr
phishing.airfrance.fr
midpack.airfrance.fr
8 corpoweb.airfrance.fr 1 redirects corpoweb.airfrance.fr
6 habile.airfrance.fr phishing.airfrance.fr
5 interview.airfrance.fr phishing.airfrance.fr
interview.airfrance.fr
5 cmstools.airfrance.fr 5 redirects
1 cmsintranet.airfrance.fr 1 redirects
1 arifrance.com 1 redirects
53 8

This site contains no links.

Subject Issuer Validity Valid
*.airfrance.fr
COMODO RSA Organization Validation Secure Server CA		 2018-01-31 -
2020-04-19		 2 years crt.sh
habile.airfrance.fr
COMODO RSA Organization Validation Secure Server CA		 2017-08-24 -
2019-11-01		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Frame ID: AA88F16363861CFF47C8FFC82F360ED6
Requests: 48 HTTP requests in this frame

Frame: https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Frame ID: 498F97D9CEBE65A48E08E1515F838DC0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://arifrance.com/ HTTP 301
    http://corpoweb.airfrance.fr/redirect HTTP 301
    http://corpoweb.airfrance.fr/redirect/ Page URL
  2. https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^VideoJS$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

53
Requests

87 %
HTTPS

0 %
IPv6

2
Domains

8
Subdomains

5
IPs

1
Countries

925 kB
Transfer

2517 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://arifrance.com/ HTTP 301
    http://corpoweb.airfrance.fr/redirect HTTP 301
    http://corpoweb.airfrance.fr/redirect/ Page URL
  2. https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://arifrance.com/ HTTP 301
  • http://corpoweb.airfrance.fr/redirect HTTP 301
  • http://corpoweb.airfrance.fr/redirect/
Request Chain 11
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/font-awesome/font-awesome/font-awesome.min.css HTTP 302
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2ffont-awesome%2ffont-awesome%2ffont-awesome%2emin%2ecss
Request Chain 12
  • https://cmstools.airfrance.fr/cmstoolsWeb/comment.min.css HTTP 302
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fcomment%2emin%2ecss
Request Chain 18
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/URI.min.js HTTP 302
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Request Chain 19
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/handlebars.min-latest.js HTTP 302
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Request Chain 20
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/app/cmstools.min.js HTTP 302
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Request Chain 42
  • https://cmsintranet.airfrance.fr/Composants/js/statistiques/marqueurs_xiti_AF.js HTTP 302
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-fac9a255-ae63-1002-b4e6-847506240000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$agt_cmsintranet%2eairfrance%2efr_dmz-internet&TARGET=$SM$https%3a%2f%2fcmsintranet%2eairfrance%2efr%2fComposants%2fjs%2fstatistiques%2fmarqueurs_xiti_AF%2ejs

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
corpoweb.airfrance.fr/redirect/
Redirect Chain
  • http://arifrance.com/
  • http://corpoweb.airfrance.fr/redirect
  • http://corpoweb.airfrance.fr/redirect/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
f76bfb310f6e929c7fe09d228c5edcfab454c0fec4fd6c351b7ab8fee4528ca8

Request headers

Host
corpoweb.airfrance.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
AA88F16363861CFF47C8FFC82F360ED6

Response headers

Date
Sat, 25 Aug 2018 11:26:34 GMT
Server
Apache
Last-Modified
Wed, 14 Jun 2017 12:26:33 GMT
ETag
"457-551eaa9971040"
Accept-Ranges
bytes
Content-Type
text/html
Keep-Alive
timeout=15
Connection
Keep-Alive
Via
1.1 RT_PU
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Date
Sat, 25 Aug 2018 11:26:34 GMT
Server
Apache
Set-Cookie
targetPath_corpoweb=ahs-static-r12; path=/; domain=corpoweb.airfrance.fr AFKL_VISITOR_ID=6367300751790079;Path=/;Domain=.airfrance.fr
Location
http://corpoweb.airfrance.fr/redirect/
Content-Length
246
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=15
Connection
Keep-Alive
Via
1.1 RT_PU
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
all-ae3de5333b.css
corpoweb.airfrance.fr/redirect/css/ 		157 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/css/all-ae3de5333b.css
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
358a7057f4a54939027b1a4d911e777bb6243a5e7e7db278d7b1819b8fb2289d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://corpoweb.airfrance.fr/redirect/
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:34 GMT
Via
1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:24 GMT
Server
Apache
ETag
"27514-551eaa90dbc00"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:34 GMT
prod-64bae8f110.js
corpoweb.airfrance.fr/redirect/libs/ 		589 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
2d9d53b14c424fa3abf37c444e9b2ceb90b45fef886a476b553419318402781e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://corpoweb.airfrance.fr/redirect/
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:34 GMT
Via
1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:33 GMT
Server
Apache
ETag
"93275-551eaa9971040"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:34 GMT
en.json
corpoweb.airfrance.fr/redirect/languages/ 		710 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/languages/en.json
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
6bcb144ce52278e26ecda4de7da3c114a93519a449965de6550c92f574c498a2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://corpoweb.airfrance.fr/redirect/
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:34 GMT
Via
1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
Server
Apache
ETag
"2c6-551eaa8c170c0"
Content-Type
application/json
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
710
fake.html
corpoweb.airfrance.fr/redirect/html/views/ 		42 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/html/views/fake.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
92e1e18b00e7d217470b37aaee6fef1e9a912b1fec8b39f5feadf4c4ebedc9c6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Via
1.1 RT_PU
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
Server
Apache
ETag
"2a-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
home.html
corpoweb.airfrance.fr/redirect/html/views/ 		1 KB
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/html/views/home.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
91faf20ad4f61d576c93c06fc762b63fc5122b165d3f28746e384fad5547cd62

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Via
1.1 RT_PU
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
Server
Apache
ETag
"47a-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
rightMenu.html
corpoweb.airfrance.fr/redirect/html/views/ 		1012 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/html/views/rightMenu.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
flacad.airfrance.fr
Software
Apache /
Resource Hash
eea2afed0b4ee2168de491c565e71d328dab6e6a0a59a2722363fc48983d05a7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
Cookie
targetPath_corpoweb=ahs-static-r12; AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Via
1.1 RT_PU
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
Server
Apache
ETag
"3f4-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
clickEmailLink
phishing.airfrance.fr/resources/stats/1/2/ 		0
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/resources/stats/1/2/clickEmailLink
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Method
PUT
Origin
http://corpoweb.airfrance.fr

Response headers

Date
Sat, 25 Aug 2018 11:26:34 GMT
Server
JAS BHV3
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
PUT
Access-Control-Allow-Origin
http://corpoweb.airfrance.fr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
authorization,origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
Content-Length
0
Keep-Alive
timeout=15
clickEmailLink
phishing.airfrance.fr/resources/stats/1/2/ 		319 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/resources/stats/1/2/clickEmailLink
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
9cc0a6b0fdafed8ca6fc0fb0869e4dea42349031ae8d422d34bef992a7199efb

Request headers

Accept
application/json, text/plain, */*
Referer
http://corpoweb.airfrance.fr/redirect/
Origin
http://corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Content-Encoding
gzip
Server
JAS BHV3
Vary
Origin, Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://corpoweb.airfrance.fr
X-Cnection
close, close
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
209
Primary Request Cookie set PhishingV1.html
phishing.airfrance.fr/Phishing/en/public/g_standard_page/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
89a3990bf031bb698f6ca25d5ee7b6ecb81331af6a7a50fbada940447f950a4d

Request headers

Host
phishing.airfrance.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://corpoweb.airfrance.fr/redirect/
Accept-Encoding
gzip, deflate
Cookie
AFKL_VISITOR_ID=6367300751790079
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
AA88F16363861CFF47C8FFC82F360ED6
Referer
http://corpoweb.airfrance.fr/redirect/

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Server
JAS BHV3
Accept-Ranges
bytes
ETag
W/"12722-1529674877000"
Last-Modified
Fri, 22 Jun 2018 13:41:17 GMT
Content-Type
text/html
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
Set-Cookie
ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; path=/ CLID_phishing_main_=phishing_main_t8;path=/;
Keep-Alive
timeout=15
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Cookie set bootstrap.css
midpack.airfrance.fr/referentiel/dist/css/ 		204 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
e70df6b6057381125311672369cb8fc6c3f8fa93ea2b4075ee79228cc2c5cb9e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2017 11:20:37 GMT
Server
Apache
ETag
"330dd-55f3170f9ab40"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set videoJs.css
midpack.airfrance.fr/referentiel/videoJs/ 		27 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/videoJs/videoJs.css
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
6362a3dd7735c80ddf50e8a45b818273af897b16bf537fdc8c7357e885e465cc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Nov 2014 14:51:05 GMT
Server
Apache
ETag
"6a0d-5085f93044840"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
habile.fcc
habile.airfrance.fr/siteminderagent/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/font-awesome/font-awesome/font-awesome.min.css
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a...
0
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2ffont-awesome%2ffont-awesome%2ffont-awesome%2emin%2ecss
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
habile.airfrance.fr
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
habile.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
2101

Redirect headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2ffont-awesome%2ffont-awesome%2ffont-awesome%2emin%2ecss
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
519
habile.fcc
habile.airfrance.fr/siteminderagent/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/comment.min.css
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a...
0
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fcomment%2emin%2ecss
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
habile.airfrance.fr
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
habile.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
2080

Redirect headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fcomment%2emin%2ecss
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
472
Cookie set nextgen_specific.css
midpack.airfrance.fr/referentiel/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/nextgen_specific.css
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
e2be40f5b5534ea09a26470f226e88749213f91aaff5e4a97229a060ab63a678

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Apr 2018 13:56:03 GMT
Server
Apache
ETag
"386e-56ac0bf8542c0"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set new_search.css
midpack.airfrance.fr/referentiel/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/new_search.css
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
fe837fb86c23c607c9abf14e8c2606554cd844bbdf4d0a815409d91303a765d3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2017 09:01:27 GMT
Server
Apache
ETag
"6a7-54beef027e7c0"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set jquery.min.js
midpack.airfrance.fr/referentiel/dist/js/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 08:33:44 GMT
Server
Apache
ETag
"17b8b-566f6a6718a00"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set bootstrap.min.js
midpack.airfrance.fr/referentiel/dist/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/js/bootstrap.min.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Oct 2017 08:29:06 GMT
Server
Apache
ETag
"90b5-55adca24fd880"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set jquery-ui.css
midpack.airfrance.fr/referentiel/css/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/jquery-ui.css
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Feb 2017 13:42:54 GMT
Server
Apache
ETag
"8c85-548a5f95d5380"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
habile.fcc
habile.airfrance.fr/siteminderagent/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/URI.min.js
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a...
0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
habile.airfrance.fr
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
habile.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
2088

Redirect headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
479
habile.fcc
habile.airfrance.fr/siteminderagent/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/handlebars.min-latest.js
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a...
0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
habile.airfrance.fr
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
habile.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
2101

Redirect headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
493
habile.fcc
habile.airfrance.fr/siteminderagent/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/app/cmstools.min.js
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a...
0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
habile.airfrance.fr
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
habile.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
2088

Redirect headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
483
Cookie set lang.js
midpack.airfrance.fr/referentiel/js/ 		403 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/lang.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
087d6815b1745ea3ca35339960085360bca07df64e2e86e272e7a33ae553f3c8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 08:36:35 GMT
Server
Apache
ETag
"193-566f6b0a2cac0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set menuFunctions.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuFunctions.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
c3f53a89d305a138de958d306559329667bd9d1be755c30baa1313f1727f7f15

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2015 14:22:34 GMT
Server
Apache
ETag
"136b-51cf5b774be80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set comTraceurAF_v4.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/comTraceurAF_v4.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
fe893b66d025e7dbf865897817c34e79e8f4a0169f48e16a8f99e40cf07c7130

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 May 2017 09:27:06 GMT
Server
Apache
ETag
"bea-54fdd1ff3ee80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set menuHorizontal.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuHorizontal.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
08f1f253f7049d68df1828e4bd8b96f7d728fe80f9e137178aa9be235d64fa04

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jan 2016 08:52:24 GMT
Server
Apache
ETag
"cb7-52a4cebb5e200"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set footer.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/footer.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
159303dc67235469965d6118de1267a7e0e4428f2ed53f28bad2f622e058df6b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Dec 2016 17:06:15 GMT
Server
Apache
ETag
"3206-542ec4e2f6fc0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set menuVertical.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuVertical.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
be57e79b2af02592d1b8b3855b4c627ac4a66348bd87d5394baa59494a07fc51

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Apr 2018 12:06:34 GMT
Server
Apache
ETag
"154b-56904a7780680"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set listeActus.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/listeActus.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
217205efb8d9a5e82b9f7274cdd203eea27e8ccca49109ec263272571889805a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Jun 2018 08:56:23 GMT
Server
Apache
ETag
"1c3d-56f9bc9fd7bc0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set video.js
midpack.airfrance.fr/referentiel/videoJs/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/videoJs/video.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
d4d1c1ba1745e4c026f2a70032e96bb08df6beb111a0d502861995ebcea3b405

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Nov 2014 10:14:52 GMT
Server
Apache
ETag
"10cca-507bac8755f00"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set fullscreenVideoFix.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		553 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/fullscreenVideoFix.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
8ea74172b8b7fc42565c55b14b104131766cf692d88656d1b3266bbe1d6f6892

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2015 15:09:59 GMT
Server
Apache
ETag
"229-51d32ba8e1fc0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set jquery.rwdImageMaps.min.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/jquery.rwdImageMaps.min.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 12:46:22 GMT
Server
Apache
ETag
"468-56411ddcd6380"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set myBox.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/myBox.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
7f4fdcd81ad0d80986cd401924cd104b7165cdd069f19e198ff8c0eb140db6ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Feb 2016 10:44:48 GMT
Server
Apache
ETag
"195c-52bf4f05a0800"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set jQueryBootstrapColumnsSameHeight.js
midpack.airfrance.fr/referentiel/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/jQueryBootstrapColumnsSameHeight.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
4f82510c7f92b1c9b9aff411591e7db7d0319a9def55b6d813196e1403eb1c7b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Feb 2018 09:02:18 GMT
Server
Apache
ETag
"1b61-565a1114dba80"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set new_search.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/new_search.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
06248848eaf80ce5a584d0b5ce4e9034a515571cfe26c88229148bb70afa5565

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 May 2017 11:32:03 GMT
Server
Apache
ETag
"2da8-550437403f2c0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set fold_to_ascii.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/fold_to_ascii.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
4b464f1461669aa6a5d7e2105f8b1a9188ef35678ed871feaaa3c86d1c10ce72

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Feb 2017 15:16:18 GMT
Server
Apache
ETag
"313d-549848fa4b480"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
Cookie set jquery-ui.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		509 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/jquery-ui.js
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Feb 2017 13:43:32 GMT
Server
Apache
ETag
"7f20a-548a5fba12900"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
targetPath_midpack=ahs-static-r12; path=/; domain=midpack.airfrance.fr
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Expires
Sat, 25 Aug 2018 17:26:36 GMT
head_specific.css
phishing.airfrance.fr/Phishing/technical/css/ 		1 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/Phishing/technical/css/head_specific.css
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
97aa2ce9d2b7317fdfe2c2b7f84b59a552f5891ce8bbc240d56eebf785b44614

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Jun 2016 07:48:56 GMT
Server
JAS BHV3
ETag
W/"1087-1465544936000"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=21600
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
PhishingVictimEN.png
phishing.airfrance.fr/Phishing/en/public/files/img/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://phishing.airfrance.fr/Phishing/en/public/files/img/PhishingVictimEN.png
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
4cd846a8092af24ebb44e403a982e939ca933405e7983b1f04ef074f9eff803d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Last-Modified
Fri, 22 Jun 2018 13:21:25 GMT
Server
JAS BHV3
ETag
W/"106122-1529673685000"
Content-Type
image/png
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
106122
spy_2.png
phishing.airfrance.fr/Phishing/fr/public/files/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://phishing.airfrance.fr/Phishing/fr/public/files/img/spy_2.png
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
a6fe71589e158e7a394067b850942aec026a2c87436f6dd1d80ee28b55522f49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Last-Modified
Fri, 22 Jun 2018 13:25:54 GMT
Server
JAS BHV3
ETag
W/"29625-1529673954000"
Content-Type
image/png
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
29625
world-wide-web.png
phishing.airfrance.fr/Phishing/fr/public/files/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://phishing.airfrance.fr/Phishing/fr/public/files/img/world-wide-web.png
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
8a8f262550a1bc44fa38ce4ab57546b8f58fdf2355f1e0f41076d8fdedba24bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Last-Modified
Fri, 22 Jun 2018 13:27:42 GMT
Server
JAS BHV3
ETag
W/"19541-1529674062000"
Content-Type
image/png
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19541
Time_1.png
phishing.airfrance.fr/Phishing/fr/public/files/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://phishing.airfrance.fr/Phishing/fr/public/files/img/Time_1.png
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
fa52951f7331c77908baf0d24d1a8543dd9a8075c5effe7232236dbcfce849ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Last-Modified
Fri, 22 Jun 2018 13:32:23 GMT
Server
JAS BHV3
ETag
W/"3546-1529674343000"
Content-Type
image/png
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3546
scribble.png
phishing.airfrance.fr/Phishing/fr/public/files/img/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://phishing.airfrance.fr/Phishing/fr/public/files/img/scribble.png
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
1a7dd77250a63697d83e7ca6bdc53a28cf0273109dc306128b9016ce1522caae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Last-Modified
Fri, 22 Jun 2018 13:28:51 GMT
Server
JAS BHV3
ETag
W/"44419-1529674131000"
Content-Type
image/png
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
44419
habile.fcc
habile.airfrance.fr/siteminderagent/
Redirect Chain
  • https://cmsintranet.airfrance.fr/Composants/js/statistiques/marqueurs_xiti_AF.js
  • https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-fac9a255-ae63-1002-b4e6-847506240000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$agt_cmsintranet%2eairfrance%2ef...
0
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-fac9a255-ae63-1002-b4e6-847506240000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$agt_cmsintranet%2eairfrance%2efr_dmz-internet&TARGET=$SM$https%3a%2f%2fcmsintranet%2eairfrance%2efr%2fComposants%2fjs%2fstatistiques%2fmarqueurs_xiti_AF%2ejs
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
habile.airfrance.fr
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
habile.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Cookie
AFKL_VISITOR_ID=6367300751790079
Connection
keep-alive
Cache-Control
no-cache
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
2114

Redirect headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://habile.airfrance.fr/siteminderagent/habile.fcc?TYPE=33554433&REALMOID=06-fac9a255-ae63-1002-b4e6-847506240000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$agt_cmsintranet%2eairfrance%2efr_dmz-internet&TARGET=$SM$https%3a%2f%2fcmsintranet%2eairfrance%2efr%2fComposants%2fjs%2fstatistiques%2fmarqueurs_xiti_AF%2ejs
Cache-Control
no-store
Connection
Keep-Alive
Keep-Alive
timeout=15
Content-Length
531
Cookie set SurveyPhishing2018
interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/ Frame 498F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.56 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
interview.airfrance.fr
Software
JAS BHV3 /
Resource Hash
89dfc07784fe9d0b9d505f2f6c96122aac093616d91e8e2b3acdb9cabf5e9708

Request headers

Host
interview.airfrance.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Accept-Encoding
gzip, deflate
Cookie
AFKL_VISITOR_ID=6367300751790079
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
AA88F16363861CFF47C8FFC82F360ED6
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Server
JAS BHV3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-UA-Compatible
IE=Edge
Content-Type
text/html;charset=UTF-8
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.airfrance.fr *.airfranceklm.com *.af-klm.com *.airfrance-is.com ; report-uri https://csp-report.airfrance.fr/ ;
Set-Cookie
JSESSIONID=10BED47A66552E530A88F2EFFEDE21CC.a31s1; Path=/Spaceview/; HttpOnly encryptedForm=pbL9ONS2gtivnO15gXCU180IkchfeHE0ZY6BrzEhp89NICPNS5NUorKmeLkeqFFg3TH3wR3I60U; Expires=Mon, 24-Sep-2018 11:26:36 GMT; Path=/Spaceview ASID_interview_main_t7=rd3o00000000000000000000ffff0a460232o10082; path=/ CLID_interview_=interview_main_t7;path=/;
Keep-Alive
timeout=15
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
logo-af-klm.jpg
midpack.airfrance.fr/referentiel/dist/img/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/referentiel/dist/img/logo-af-klm.jpg
Requested by
Host: phishing.airfrance.fr
URL: https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.45 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
Apache /
Resource Hash
8fa53ab6e5dad117aea0c83a74503d26436888778835cf2704afb4ac49963f78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
midpack.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Cookie
AFKL_VISITOR_ID=6367300751790079; targetPath_midpack=ahs-static-r12
Connection
keep-alive
Cache-Control
no-cache
Referer
https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:36 GMT
Last-Modified
Fri, 06 Oct 2017 08:25:43 GMT
Server
Apache
ETag
"7596-55adc96364fc0"
Content-Type
image/jpeg
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
30102
Expires
Sat, 25 Aug 2018 17:26:36 GMT
menuh.json
phishing.airfrance.fr/Phishing/en/public/g_horizontal_menu/ 		2 KB
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/Phishing/en/public/g_horizontal_menu/menuh.json
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
6ac6651c06f2efd58504a883da07dd155b4f81393671bc39c715bb25f679d797

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
X-Requested-With
XMLHttpRequest
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2017 07:13:46 GMT
Server
JAS BHV3
ETag
W/"1538-1501658026000"
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
364
contextual_link.json
phishing.airfrance.fr/Phishing/en/public/g_contextual_link/ 		1 KB
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/Phishing/en/public/g_contextual_link/contextual_link.json
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
26721cd247070d26137ede1104eb0271dee02bfeb3efac293161bdc9826e3c20

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
X-Requested-With
XMLHttpRequest
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Jun 2018 13:40:26 GMT
Server
JAS BHV3
ETag
W/"1218-1529674826000"
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
205
g_footer.json
phishing.airfrance.fr/Phishing/en/public/g_footer/ 		2 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/Phishing/en/public/g_footer/g_footer.json
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.219.101 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
svihm.airfrance.fr
Software
JAS BHV3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
phishing.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
X-Requested-With
XMLHttpRequest
Cookie
AFKL_VISITOR_ID=6367300751790079; ASID_phishing_main_t8=rd3o00000000000000000000ffff0a460218o32072; CLID_phishing_main_=phishing_main_t8
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 25 Aug 2018 11:26:35 GMT
Last-Modified
Fri, 22 Jun 2018 13:40:23 GMT
Server
JAS BHV3
ETag
W/"2-1529674823000"
Content-Type
application/json
Cache-Control
max-age=21600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2
respondent-style-PPI%20CISO.css
interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.repondant.css.IRepondantCSS/ Frame 498F 		89 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.repondant.css.IRepondantCSS/respondent-style-PPI%20CISO.css?--10&ver=20150306
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.56 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
interview.airfrance.fr
Software
JAS BHV3 /
Resource Hash
4039ff1897b626f78fc025b6cde08552158292c0d94b923687e937fa778ef21c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
interview.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Cookie
JSESSIONID=10BED47A66552E530A88F2EFFEDE21CC.a31s1; encryptedForm=pbL9ONS2gtivnO15gXCU180IkchfeHE0ZY6BrzEhp89NICPNS5NUorKmeLkeqFFg3TH3wR3I60U; AFKL_VISITOR_ID=6367300751790079; ASID_interview_main_t7=rd3o00000000000000000000ffff0a460232o10082; CLID_interview_=interview_main_t7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Aug 2018 11:26:37 GMT
Server
JAS BHV3
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
Keep-Alive
Keep-Alive
timeout=15
Expires
Sun, 25 Aug 2019 11:26:37 GMT
respondent-responsive-bundle-PPI%20CISO.css
interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.repondant.css.IRepondantCSS/ Frame 498F 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.repondant.css.IRepondantCSS/respondent-responsive-bundle-PPI%20CISO.css?--10&ver=20150306
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.56 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
interview.airfrance.fr
Software
JAS BHV3 /
Resource Hash
ae3ca22f553137a2a477cd282c20a509a259f1ad63ded6e0a2eec13f6070a0d8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
interview.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Cookie
JSESSIONID=10BED47A66552E530A88F2EFFEDE21CC.a31s1; encryptedForm=pbL9ONS2gtivnO15gXCU180IkchfeHE0ZY6BrzEhp89NICPNS5NUorKmeLkeqFFg3TH3wR3I60U; AFKL_VISITOR_ID=6367300751790079; ASID_interview_main_t7=rd3o00000000000000000000ffff0a460232o10082; CLID_interview_=interview_main_t7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2015 10:37:56 GMT
Server
JAS BHV3
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
Keep-Alive
Keep-Alive
timeout=15
Expires
Sun, 25 Aug 2019 11:26:37 GMT
apparence-respondent.css
interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/ Frame 498F 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/apparence-respondent.css?ver=20150306
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.56 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
interview.airfrance.fr
Software
JAS BHV3 /
Resource Hash
b6a5a3a7f8f18af97b5bd9d1f2f04c845468a3a63effe795fabefedb351676e5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
interview.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Cookie
JSESSIONID=10BED47A66552E530A88F2EFFEDE21CC.a31s1; encryptedForm=pbL9ONS2gtivnO15gXCU180IkchfeHE0ZY6BrzEhp89NICPNS5NUorKmeLkeqFFg3TH3wR3I60U; AFKL_VISITOR_ID=6367300751790079; ASID_interview_main_t7=rd3o00000000000000000000ffff0a460232o10082; CLID_interview_=interview_main_t7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2015 10:38:34 GMT
Server
JAS BHV3
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
Keep-Alive
Keep-Alive
timeout=15
Expires
Sun, 25 Aug 2019 11:26:37 GMT
respondent-bundle.js
interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.itw.web.ItwApplication/ Frame 498F 		343 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/Spaceview/itw/efm/resource/com.interview.itw.web.ItwApplication/respondent-bundle.js?ver=20150306
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
193.57.218.56 Poissy, France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
interview.airfrance.fr
Software
JAS BHV3 /
Resource Hash
057d367ffc3ad7bc3b59e2527747294828cd618537b3551f94868b460e5b1c77

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
interview.airfrance.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
Cookie
JSESSIONID=10BED47A66552E530A88F2EFFEDE21CC.a31s1; encryptedForm=pbL9ONS2gtivnO15gXCU180IkchfeHE0ZY6BrzEhp89NICPNS5NUorKmeLkeqFFg3TH3wR3I60U; AFKL_VISITOR_ID=6367300751790079; ASID_interview_main_t7=rd3o00000000000000000000ffff0a460232o10082; CLID_interview_=interview_main_t7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://interview.airfrance.fr/Spaceview/itw/answer/s/knefgy9xic/k/SurveyPhishing2018
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 25 Aug 2018 11:26:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2015 10:30:50 GMT
Server
JAS BHV3
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
Keep-Alive
Keep-Alive
timeout=15
Expires
Sun, 25 Aug 2019 11:26:37 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery1124023223695688209522 function| navig function| getPage function| addClassToParent function| addActivesMenu function| comTraceurAF_Vx function| makeHorizontalMenu function| makeFooterColonne function| makeFooter function| ifExist function| makeAllFooter function| makeVerticalMenu function| makeActusList function| displayMore function| displayLess function| videojs function| _V_ object| myBoxesConfigs number| nbMyBoxes function| displayDocs function| makeMyBoxTable function| newSearchMidPack function| startWaiting function| endWaiting object| foldToAscii object| lesMenusV number| nbMenusV number| iMenusV object| menusVParcourus object| liensParcourus boolean| entreeTrouve string| docRoot string| lang string| homePage

7 Cookies

Domain/Path Name / Value
interview.airfrance.fr/ Name: CLID_interview_
Value: interview_main_t7
interview.airfrance.fr/ Name: ASID_interview_main_t7
Value: rd3o00000000000000000000ffff0a460232o10082
.airfrance.fr/ Name: AFKL_VISITOR_ID
Value: 6367300751790079
interview.airfrance.fr/Spaceview/ Name: JSESSIONID
Value: 10BED47A66552E530A88F2EFFEDE21CC.a31s1
phishing.airfrance.fr/ Name: CLID_phishing_main_
Value: phishing_main_t8
phishing.airfrance.fr/ Name: ASID_phishing_main_t8
Value: rd3o00000000000000000000ffff0a460218o32072
interview.airfrance.fr/Spaceview Name: encryptedForm
Value: pbL9ONS2gtivnO15gXCU180IkchfeHE0ZY6BrzEhp89NICPNS5NUorKmeLkeqFFg3TH3wR3I60U

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arifrance.com
cmsintranet.airfrance.fr
cmstools.airfrance.fr
corpoweb.airfrance.fr
habile.airfrance.fr
interview.airfrance.fr
midpack.airfrance.fr
phishing.airfrance.fr
193.57.218.101
193.57.218.123
193.57.218.45
193.57.218.56
193.57.219.101
193.57.244.60
217.70.184.38
057d367ffc3ad7bc3b59e2527747294828cd618537b3551f94868b460e5b1c77
06248848eaf80ce5a584d0b5ce4e9034a515571cfe26c88229148bb70afa5565
087d6815b1745ea3ca35339960085360bca07df64e2e86e272e7a33ae553f3c8
08f1f253f7049d68df1828e4bd8b96f7d728fe80f9e137178aa9be235d64fa04
159303dc67235469965d6118de1267a7e0e4428f2ed53f28bad2f622e058df6b
1a7dd77250a63697d83e7ca6bdc53a28cf0273109dc306128b9016ce1522caae
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b
217205efb8d9a5e82b9f7274cdd203eea27e8ccca49109ec263272571889805a
26721cd247070d26137ede1104eb0271dee02bfeb3efac293161bdc9826e3c20
2d9d53b14c424fa3abf37c444e9b2ceb90b45fef886a476b553419318402781e
358a7057f4a54939027b1a4d911e777bb6243a5e7e7db278d7b1819b8fb2289d
4039ff1897b626f78fc025b6cde08552158292c0d94b923687e937fa778ef21c
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4b464f1461669aa6a5d7e2105f8b1a9188ef35678ed871feaaa3c86d1c10ce72
4cd846a8092af24ebb44e403a982e939ca933405e7983b1f04ef074f9eff803d
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f82510c7f92b1c9b9aff411591e7db7d0319a9def55b6d813196e1403eb1c7b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6362a3dd7735c80ddf50e8a45b818273af897b16bf537fdc8c7357e885e465cc
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ac6651c06f2efd58504a883da07dd155b4f81393671bc39c715bb25f679d797
6bcb144ce52278e26ecda4de7da3c114a93519a449965de6550c92f574c498a2
7f4fdcd81ad0d80986cd401924cd104b7165cdd069f19e198ff8c0eb140db6ea
89a3990bf031bb698f6ca25d5ee7b6ecb81331af6a7a50fbada940447f950a4d
89dfc07784fe9d0b9d505f2f6c96122aac093616d91e8e2b3acdb9cabf5e9708
8a8f262550a1bc44fa38ce4ab57546b8f58fdf2355f1e0f41076d8fdedba24bf
8ea74172b8b7fc42565c55b14b104131766cf692d88656d1b3266bbe1d6f6892
8fa53ab6e5dad117aea0c83a74503d26436888778835cf2704afb4ac49963f78
91faf20ad4f61d576c93c06fc762b63fc5122b165d3f28746e384fad5547cd62
92e1e18b00e7d217470b37aaee6fef1e9a912b1fec8b39f5feadf4c4ebedc9c6
97aa2ce9d2b7317fdfe2c2b7f84b59a552f5891ce8bbc240d56eebf785b44614
9cc0a6b0fdafed8ca6fc0fb0869e4dea42349031ae8d422d34bef992a7199efb
a6fe71589e158e7a394067b850942aec026a2c87436f6dd1d80ee28b55522f49
ae3ca22f553137a2a477cd282c20a509a259f1ad63ded6e0a2eec13f6070a0d8
b6a5a3a7f8f18af97b5bd9d1f2f04c845468a3a63effe795fabefedb351676e5
be57e79b2af02592d1b8b3855b4c627ac4a66348bd87d5394baa59494a07fc51
c3f53a89d305a138de958d306559329667bd9d1be755c30baa1313f1727f7f15
d4d1c1ba1745e4c026f2a70032e96bb08df6beb111a0d502861995ebcea3b405
e2be40f5b5534ea09a26470f226e88749213f91aaff5e4a97229a060ab63a678
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70df6b6057381125311672369cb8fc6c3f8fa93ea2b4075ee79228cc2c5cb9e
eea2afed0b4ee2168de491c565e71d328dab6e6a0a59a2722363fc48983d05a7
f76bfb310f6e929c7fe09d228c5edcfab454c0fec4fd6c351b7ab8fee4528ca8
fa52951f7331c77908baf0d24d1a8543dd9a8075c5effe7232236dbcfce849ac
fe837fb86c23c607c9abf14e8c2606554cd844bbdf4d0a815409d91303a765d3
fe893b66d025e7dbf865897817c34e79e8f4a0169f48e16a8f99e40cf07c7130