urlscan.io logo urlscan.io
SecurityTrails logo

midpack.airfrance.fr Open in urlscan Pro
193.57.218.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dbox4klm.org/#/home/a378c28c-dd99-4805-991c-65c779131c57/0f9faf46-364d-4768-a165-52f61280850b
Effective URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Submission: On November 24 via manual from NL — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 3 domains to perform 68 HTTP transactions. The main IP is 193.57.218.45, located in France and belongs to AIRFRANCE-AS, FR. The main domain is midpack.airfrance.fr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 4th 2020. Valid for: 2 years.
This is the only time midpack.airfrance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.70.184.38 29169 (GANDI-AS ...)
1 8 193.57.244.60 198340 (AIRFRANCE-AS)
3 193.57.219.101 198340 (AIRFRANCE-AS)
39 193.57.218.45 198340 (AIRFRANCE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 193.57.219.17 198340 (AIRFRANCE-AS)
3 3 193.57.219.141 198340 (AIRFRANCE-AS)
3 193.57.219.95 198340 (AIRFRANCE-AS)
14 31.193.53.126 15401 (EOLAS-AS)
68 7
1    217.70.184.38 (France)

ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR)
PTR: webredir.vip.gandi.net
dbox4klm.org
8    193.57.244.60 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: akis.airfrance.fr
corpoweb.airfrance.fr
3    193.57.219.101 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: tplanner.airfrance.fr
phishing.airfrance.fr
39    193.57.218.45 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: midpack.airfrance.fr
midpack.airfrance.fr
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    193.57.219.17 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: b2bdoc.airfrance.fr
cmstools.airfrance.fr
3    193.57.219.141 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: hblsp.airfrance.fr
hblsp.airfrance.fr
3    193.57.219.95 (France)

ASN198340 (AIRFRANCE-AS, FR)
PTR: fedhub.airfrance.fr
fedhub.airfrance.fr
14    31.193.53.126 (France)

ASN15401 (EOLAS-AS, FR)
PTR: interview.eloquant.cloud
interview.airfrance.fr
Domain Requested by
39 midpack.airfrance.fr midpack.airfrance.fr
14 interview.airfrance.fr midpack.airfrance.fr
interview.airfrance.fr
8 corpoweb.airfrance.fr 1 redirects corpoweb.airfrance.fr
4 cmstools.airfrance.fr 3 redirects midpack.airfrance.fr
3 fedhub.airfrance.fr midpack.airfrance.fr
3 hblsp.airfrance.fr 3 redirects
3 phishing.airfrance.fr corpoweb.airfrance.fr
1 fonts.googleapis.com midpack.airfrance.fr
1 dbox4klm.org 1 redirects
68 9

This site contains links to these domains. Also see Links.

Domain
cybairlib.airfrance.fr
Subject Issuer Validity Valid
airfrance.fr
Sectigo RSA Organization Validation Secure Server CA		 2020-06-04 -
2022-06-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
interview.airfrance.fr
Gandi Standard SSL CA 2		 2021-08-09 -
2022-08-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Frame ID: B5E837526151B1A550EBFA83320AD747
Requests: 53 HTTP requests in this frame

Frame: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Frame ID: 97CFD39A378B55BB11BD2F7B35B49A4B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PhishingVictim - PhishingVictim

Page URL History Show full URLs

  1. http://dbox4klm.org/ HTTP 301
    http://corpoweb.airfrance.fr/redirect HTTP 301
    http://corpoweb.airfrance.fr/redirect/ Page URL
  2. https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html Page URL
  3. https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html Page URL

Page Statistics

68
Requests

85 %
HTTPS

11 %
IPv6

3
Domains

9
Subdomains

7
IPs

2
Countries

2511 kB
Transfer

3896 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dbox4klm.org/ HTTP 301
    http://corpoweb.airfrance.fr/redirect HTTP 301
    http://corpoweb.airfrance.fr/redirect/ Page URL
  2. https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html Page URL
  3. https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dbox4klm.org/ HTTP 301
  • http://corpoweb.airfrance.fr/redirect HTTP 301
  • http://corpoweb.airfrance.fr/redirect/
Request Chain 36
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/URI.min.js HTTP 302
  • https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs HTTP 302
  • https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb3R%2FSMBKElxGVCEaEF1O6Lqus7eztFPz0brgoD2hiH%2Fpwc3rO7550NKltoZb8teZgnVlzCUWt0CpBhbUVENfNeVbUuwEVJjdUMT7IjSuyyuXHOWa43KcvWmRP83ohyz2bVe9M3keb9fa4UNdyIZeWy320wcUbXd%2BVqfLc1WoxACpLjJx0lqDnMA7C7IrhcJj7QejxIPZjL8Y0jJg3DDje%2BeGwkQLUPFVgqbIJwh72%2B77fx8GDNyRBQHC0Rc4jN3BCxwMPOQdZKkhQbRTRFAQQRSUHYhlZTW5vSKMhldFWM12icc9pzkiBT05B5us1aQZ%2FO1AAbtq%2B0LiVQdV4ZoTmhoAkmfwQI%2FfHtEvp2ubZqfupVpYfrDPVsqJGQMsvhRKylh1Wh4bJuX5aNtFLnn%2BD4n%2BB%2FipjhLXOzXhaaMF4y385udvGvbjOuDdyz7%2FW%2BBM%3D&RelayState=9ceea41b3b158dfe8af314164e45d6f1a9cb09d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=RytuNNRAMQ%2BwUGMaUt%2FMIN9jj%2BmAyh4glASFAgGEYa9zTRB%2Fw96nheIcBi7FsPbAJN9CU%2B2u3X7%2F2vFvRMKCuQqENOhM8Z16%2FpHB3dxiY%2F1iWKhviiOh2TaDg%2BnnVdfxF8PlSZlAMRSR6A76oJrm9fpkini2Z6Br5edyFnoMknpmCfzU8N%2ByAsx245QgCqK%2FynC12Nn1XUK4khtIPCW%2B90ds0DA%2FENipH5G4VfGRG%2BM7Yk%2FgVxAnDRvDXU0z%2BxLUXAr9fNj%2BO1vsZiP9AMXtVgzGl2mKKCLOzCMicFzwB0gDDmKB%2FSCWX%2BWcXFOB9z%2B5P%2FUmY6WPm9qKtbNGs0X7YQ%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Request Chain 37
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/handlebars.min-latest.js HTTP 302
  • https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs HTTP 302
  • https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77CukIENkCBcICoRjAgX07VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpPSZWcnXUoIPZtWlDPPKmhHKvC%2BAhmEqRVYmHaZc6pjhspO6UIkilMcF4STfz1%2BsEk%2BLcqnzPZ8V71zfx9vN7rg013qpV17qfbwl2Rvb3OVzg8P1etkBpnOCgvlshJ5jHqVJxPspxgkR%2FaSbSDnoChzjK97v93DMuqKSApRybsAz40eIYBK1o6hNeg94QHs9SuIdCh6lgxM66WAUHHRuYIRKZ6hloIAapiVQz%2Bl6cntDKw0tnPWW2xyNW0F1hgYiegpyX69pNfjbgQFIV%2FeFxrUMispTUJY6CpoK%2FaGG4Y9pk9K0LcWp%2B6k1Xh58MLW6YE5Bza%2BVUbrUDVaDRui5fppX0SuZfoOSf4H%2BKuOU187VeJpZxWXNfzm52Sa8uM64NQzPv9b4Ew%3D%3D&RelayState=b08fbb3a6c3683223364b3c92f994395d85c0f14&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qp5%2B9QscbKvB9mnWAOihatDhXaG2c6%2BXpxrXs5whP7%2FnWAsGO2h0GGIf6Rc7A%2F7lPuFy9Ks1ia4THlHWF3yUo9Qlk4G%2F28rBQcxQ6u4SiLtOAHEMNcbejvwGEVVD1V9e2tqAiuwnzKVyKhNW0s%2B8q6Yd7rgIlTJZzJTt1iPflqKriZacy9TH6SjGtzcT%2BFtLOpSrYVsyyDTeQSLNF6ykohBghJplHT9yimUyZA55%2B47Y9C%2FuZ0lKdr9qnOCjRimx3cYbqwQlKBxdFFJ0VvtvLz0rqZAdXuitLahWEjC7GQEXldU0TPf0dmd6oz6cMG9bYd2QIChkWC%2B%2BftEPzLXUBA%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Request Chain 38
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/app/cmstools.min.js HTTP 302
  • https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=a_cmstools_dmzi&TARGET=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs HTTP 302
  • https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJBT8JAEIXv%2FIqmd2i71CIbIEG4QFQiGBEuZtlO05Xubt3ZKvjr3WKjHtDEPexh8ua9byYzGFc2V0t4qQCtN3WfUMwKrYZ%2Bbm2JNAgySPNq12HCZIYpDp3MBCItAzjOCSfFfvasRfo4rxay2PNp%2BcblXbJZb48LdSUXcmlB7pMNyV%2FZ%2BraYqTBYrRYdZLIgvjebDv0nnnYjRlIOuxC6PLmAOCa8n2W82w170Euifhw6KWIFM4WWKTv0SUiidhS1SXwfXtI4piTZ%2Bt4DGDyhk47rOMhC4dCvjKKaoUCqmASkltPV%2BOaaOg0tjbaa68IftTz3Bgojegoyn93UFf52YIhg6n35o1qGpfNMKcsMRUlT%2BS4Gwbdpk9JsG9LT7idaWThYb6JlyYzAml8KJWQlG6wGjdCf%2BknhopeQfYGSf4H%2BKuOU186uPMm14FDzn09upgnOjjNqDYKfpzX6AA%3D%3D&RelayState=3502b37dc91edd8c601e343db2f70a0032cb99e5&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mnu%2FFrxsVgyVhbtdib9lvuTOyjNFzXaIxo0cRhv%2BNBOcLTya23c1Iic6UXTTAYnMaSGVaXbSrwH%2BuVtCrihd95bRYvXGgyBaB0kJUzWopZqhuBBHAeP8jAWPpz309u4cng%2F%2BIENzuZ88hqkXB%2BKELvd%2BAUleTSlnFfyPi%2F1bB2D%2BCm%2FxaGx%2B%2BxgsbGw0AN1fE7wZ4Y8fxx9odqjcOyA4DtCIqch8wWtyABPuU6B%2FjNrKVAHvbB8a7v%2FyRBso0Cqd6zVVs1yKuipprkcsfaBz%2F2b5zp5hoZjFvUWLuZfyz9SQXPDvj6cG%2BbI7OLtwAD%2BXqL%2Bsj2FhBQlA%2FtNgwydzqw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
corpoweb.airfrance.fr/redirect/
Redirect Chain
  • http://dbox4klm.org/
  • http://corpoweb.airfrance.fr/redirect
  • http://corpoweb.airfrance.fr/redirect/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
f76bfb310f6e929c7fe09d228c5edcfab454c0fec4fd6c351b7ab8fee4528ca8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Last-Modified
Wed, 14 Jun 2017 12:26:33 GMT
ETag
"457-551eaa9971040"
Accept-Ranges
bytes
Keep-Alive
timeout=15
Connection
Keep-Alive
Content-Type
text/html
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
X-AFKL-Origin
back
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
797

Redirect headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Location
http://corpoweb.airfrance.fr/redirect/
Content-Length
246
Keep-Alive
timeout=15
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
X-AFKL-Origin
back
Vary
Accept-Encoding
all-ae3de5333b.css
corpoweb.airfrance.fr/redirect/css/ 		157 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/css/all-ae3de5333b.css
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
358a7057f4a54939027b1a4d911e777bb6243a5e7e7db278d7b1819b8fb2289d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:24 GMT
ETag
"27514-551eaa90dbc00"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
Content-Length
43916
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:24 GMT
prod-64bae8f110.js
corpoweb.airfrance.fr/redirect/libs/ 		589 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
2d9d53b14c424fa3abf37c444e9b2ceb90b45fef886a476b553419318402781e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://corpoweb.airfrance.fr/redirect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:33 GMT
ETag
"93275-551eaa9971040"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Transfer-Encoding
chunked
X-AFKL-Origin
back
Keep-Alive
timeout=15
Expires
Wed, 24 Nov 2021 14:44:24 GMT
en.json
corpoweb.airfrance.fr/redirect/languages/ 		710 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/languages/en.json
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
6bcb144ce52278e26ecda4de7da3c114a93519a449965de6550c92f574c498a2

Request headers

Accept
application/json, text/plain, */*
Referer
http://corpoweb.airfrance.fr/redirect/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
ETag
"2c6-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=21600
X-AFKL-Site
tls
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
710
X-AFKL-Origin
back
fake.html
corpoweb.airfrance.fr/redirect/html/views/ 		42 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/html/views/fake.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
92e1e18b00e7d217470b37aaee6fef1e9a912b1fec8b39f5feadf4c4ebedc9c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
ETag
"2a-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
text/html
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
42
X-AFKL-Origin
back
home.html
corpoweb.airfrance.fr/redirect/html/views/ 		1 KB
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/html/views/home.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
91faf20ad4f61d576c93c06fc762b63fc5122b165d3f28746e384fad5547cd62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
ETag
"47a-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
text/html
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
Content-Length
448
X-AFKL-Origin
back
rightMenu.html
corpoweb.airfrance.fr/redirect/html/views/ 		1012 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://corpoweb.airfrance.fr/redirect/html/views/rightMenu.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Server
193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
akis.airfrance.fr
Software
/
Resource Hash
eea2afed0b4ee2168de491c565e71d328dab6e6a0a59a2722363fc48983d05a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept
text/html
Referer
http://corpoweb.airfrance.fr/redirect/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 14 Jun 2017 12:26:19 GMT
ETag
"3f4-551eaa8c170c0"
Vary
Accept-Encoding
Content-Type
text/html
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1012
X-AFKL-Origin
back
clickEmailLink
phishing.airfrance.fr/resources/stats/a378c28c-dd99-4805-991c-65c779131c57/0f9faf46-364d-4768-a165-52f61280850b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/resources/stats/a378c28c-dd99-4805-991c-65c779131c57/0f9faf46-364d-4768-a165-52f61280850b/clickEmailLink
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.219.101 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
tplanner.airfrance.fr
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Origin
http://corpoweb.airfrance.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Access-Control-Allow-Credentials
true true
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE PUT
Cache-Control
no-cache
Access-Control-Max-Age
0 1800
Access-Control-Allow-Headers
pragma, X-HTTP-Method-Override, content-length, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Access-Control-Allow-Origin
http://corpoweb.airfrance.fr
Vary
Origin
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Content-Length
0
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site
tls
X-AFKL-Origin
back
Keep-Alive
timeout=15
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
clickEmailLink
phishing.airfrance.fr/resources/stats/a378c28c-dd99-4805-991c-65c779131c57/0f9faf46-364d-4768-a165-52f61280850b/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/resources/stats/a378c28c-dd99-4805-991c-65c779131c57/0f9faf46-364d-4768-a165-52f61280850b/clickEmailLink
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.219.101 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
tplanner.airfrance.fr
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
http://corpoweb.airfrance.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Origin
X-AFKL-Site
tls
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE
Access-Control-Allow-Origin
http://corpoweb.airfrance.fr
Access-Control-Max-Age
0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true, true
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Headers
pragma, X-HTTP-Method-Override, content-length, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
0
X-AFKL-Origin
back
Keep-Alive
timeout=15
PhishingV1.html
phishing.airfrance.fr/Phishing/en/public/g_standard_page/ 		197 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html
Requested by
Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.219.101 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
tplanner.airfrance.fr
Software
/
Resource Hash
b24fb373e001165e71ba76d3b2eae6a01d7b9b60a4158cdc7abbabc4bdce73f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://phishing.airfrance.fr/csp-report ;
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://corpoweb.airfrance.fr/

Response headers

Date
Wed, 24 Nov 2021 08:44:24 GMT
Accept-Ranges
bytes
ETag
W/"197-1560515137000"
Last-Modified
Fri, 14 Jun 2019 12:25:37 GMT
Content-Type
text/html
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://phishing.airfrance.fr/csp-report ;
X-AFKL-Origin
back
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=15
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Primary Request PhishingVictim.html
midpack.airfrance.fr/phishingvictim/en/pageStandard/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
f793d9be4e86c3e873666f4ce3a7f51be9d3f9cf1828034fb0d1b7516dbbe1fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://phishing.airfrance.fr/

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Last-Modified
Wed, 10 Nov 2021 15:46:23 GMT
ETag
"3d60-5d07120cef99b"
Accept-Ranges
bytes
Content-Type
text/html
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
X-AFKL-Origin
back
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=15
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
bootstrap.css
midpack.airfrance.fr/referentiel/dist/css/ 		204 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
e70df6b6057381125311672369cb8fc6c3f8fa93ea2b4075ee79228cc2c5cb9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2017 11:20:37 GMT
ETag
"330dd-55f3170f9ab40"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
languages.js
midpack.airfrance.fr/referentiel/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/languages.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
7c5c46d9f726406838a6e4aff33682d7c27e5b45046c4c288005086a2c20acd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 28 Dec 2017 10:22:51 GMT
ETag
"997-56163e5f134c0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
jquery.min.js
midpack.airfrance.fr/referentiel/dist/js/ 		95 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 08:33:44 GMT
ETag
"17b8b-566f6a6718a00"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
jquery-ui.min.js
midpack.airfrance.fr/referentiel/libs/jquery-ui/ 		248 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/libs/jquery-ui/jquery-ui.min.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 14:48:45 GMT
ETag
"3dee5-55d8de6a68d40"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
jquery-ui.min.css
midpack.airfrance.fr/referentiel/libs/jquery-ui/ 		31 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/libs/jquery-ui/jquery-ui.min.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 14:48:44 GMT
ETag
"7d4c-55d8de6974b00"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
bootstrap.min.js
midpack.airfrance.fr/referentiel/dist/js/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/js/bootstrap.min.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Fri, 06 Oct 2017 08:29:06 GMT
ETag
"90b5-55adca24fd880"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
video.min.js
midpack.airfrance.fr/referentiel/libs/video-js/ 		180 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/libs/video-js/video.min.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
6662011df1df6595275e73ff6c7c8b29bd1142df10a9c211cf34f20090dcabad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 14:04:37 GMT
ETag
"2d042-55d8d48d14740"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
video-js.min.css
midpack.airfrance.fr/referentiel/libs/video-js/ 		45 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/libs/video-js/video-js.min.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 14:04:36 GMT
ETag
"b2ce-55d8d48c20500"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 08:44:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Nov 2021 08:44:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Nov 2021 08:44:25 GMT
new_search.css
midpack.airfrance.fr/referentiel/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/new_search.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
fe837fb86c23c607c9abf14e8c2606554cd844bbdf4d0a815409d91303a765d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 30 Mar 2017 09:01:27 GMT
ETag
"6a7-54beef027e7c0"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
font-awesome.min.css
midpack.airfrance.fr/referentiel/dist/font-awesome/css/ 		30 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/font-awesome/css/font-awesome.min.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Mon, 16 Oct 2017 11:05:43 GMT
ETag
"7918-55ba7fcd46fc0"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
comment.min.css
cmstools.airfrance.fr/cmstoolsWeb/ 		469 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cmstools.airfrance.fr/cmstoolsWeb/comment.min.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.219.17 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
b2bdoc.airfrance.fr
Software
/
Resource Hash
acec9cb106f25d56f1f4a51286916ce11c71fd1a1c5b858513b2bcb44e90820e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, PUT, GET, OPTIONS, DELETE
Connection
Keep-Alive
Content-Encoding
gzip
Access-Control-Allow-Headers
x-requested-with, X-HTTP-Method-Override, content-type, content-length
Last-Modified
Fri, 19 Nov 2021 12:14:28 GMT
ETag
W/"469-1637324068000"
Access-Control-Max-Age
0
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Access-Control-Allow-Credentials
true
specificMycms.css
midpack.airfrance.fr/referentiel/css/ 		697 B
856 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/specificMycms.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
23a3bf087387256291f8b19ab8775552aec1494b98430032f18c2e457b0e3cbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 10:13:23 GMT
ETag
"2b9-5bbfe2b1d96c0"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
lang.js
midpack.airfrance.fr/referentiel/js/ 		403 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/lang.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
087d6815b1745ea3ca35339960085360bca07df64e2e86e272e7a33ae553f3c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Fri, 09 Mar 2018 08:36:35 GMT
ETag
"193-566f6b0a2cac0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
menuFunctions.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuFunctions.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
b86f1fac88fec6f052df0ec00fd3eee232ec7dc826ecc48caa1efb7e9370a5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 10:39:22 GMT
ETag
"1642-57edbd7804a80"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
comTraceurAF_v4.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/comTraceurAF_v4.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
b2304c750b41680f87f5aadb41fd402a42c748d1bbaf7d0a06ce2ed7f921d153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 10:39:24 GMT
ETag
"c44-57edbd79ecf00"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
menuHorizontal.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuHorizontal.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
eb5067d2e9b6d189fbd8053004f434942b87bf053bd2b946c1a087fbeffba697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 23 May 2019 09:05:27 GMT
ETag
"e1f-5898a620c03c0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
footer.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/footer.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
159303dc67235469965d6118de1267a7e0e4428f2ed53f28bad2f622e058df6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Mon, 05 Dec 2016 17:06:15 GMT
ETag
"3206-542ec4e2f6fc0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
menuVertical.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuVertical.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
829235960bbf253f6f0ea077e0a9fcf766afe58a3659d4e7c906ef11ca63a57b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 23 May 2019 09:05:30 GMT
ETag
"169b-5898a6239ca80"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
listeActus.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/listeActus.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
2e028af461233fae5b28d7e5677c2e90f6ed34eee5996cd0698e684fc526690e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 08:24:52 GMT
ETag
"3830-599553f033d00"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
fullscreenVideoFix.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		553 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/fullscreenVideoFix.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
8ea74172b8b7fc42565c55b14b104131766cf692d88656d1b3266bbe1d6f6892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2015 15:09:59 GMT
ETag
"229-51d32ba8e1fc0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
jquery.rwdImageMaps.min.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/jquery.rwdImageMaps.min.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2018 12:46:22 GMT
ETag
"468-56411ddcd6380"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
myBox.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/myBox.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
9e611daeeffa38f4f35827ef6e6cd29826cf0164669882841e50efd65389048f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Mon, 09 Dec 2019 08:09:59 GMT
ETag
"2058-59940ebf1c3c0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
jQueryBootstrapColumnsSameHeight.js
midpack.airfrance.fr/referentiel/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/jQueryBootstrapColumnsSameHeight.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
4f82510c7f92b1c9b9aff411591e7db7d0319a9def55b6d813196e1403eb1c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Tue, 20 Feb 2018 09:02:18 GMT
ETag
"1b61-565a1114dba80"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
new_search.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/new_search.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
d98ce2d90daa28b3e89c8c223bb4e62b513d51f3ba7b1d81311bf7979754986c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Tue, 27 Apr 2021 15:07:26 GMT
ETag
"357b-5c0f59eb90780"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
fold_to_ascii.js
midpack.airfrance.fr/referentiel/js/nextgen_js/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/js/nextgen_js/fold_to_ascii.js
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
4b464f1461669aa6a5d7e2105f8b1a9188ef35678ed871feaaa3c86d1c10ce72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Mon, 27 Feb 2017 15:16:18 GMT
ETag
"313d-549848fa4b480"
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
SSO.saml2
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/URI.min.js
  • https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
  • https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb3R%2FSMBKElxGVCEaEF1O6Lqus7eztFPz0brgoD2hiH%2Fpwc3rO7550NKltoZb8t...
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb3R%2FSMBKElxGVCEaEF1O6Lqus7eztFPz0brgoD2hiH%2Fpwc3rO7550NKltoZb8teZgnVlzCUWt0CpBhbUVENfNeVbUuwEVJjdUMT7IjSuyyuXHOWa43KcvWmRP83ohyz2bVe9M3keb9fa4UNdyIZeWy320wcUbXd%2BVqfLc1WoxACpLjJx0lqDnMA7C7IrhcJj7QejxIPZjL8Y0jJg3DDje%2BeGwkQLUPFVgqbIJwh72%2B77fx8GDNyRBQHC0Rc4jN3BCxwMPOQdZKkhQbRTRFAQQRSUHYhlZTW5vSKMhldFWM12icc9pzkiBT05B5us1aQZ%2FO1AAbtq%2B0LiVQdV4ZoTmhoAkmfwQI%2FfHtEvp2ubZqfupVpYfrDPVsqJGQMsvhRKylh1Wh4bJuX5aNtFLnn%2BD4n%2BB%2FipjhLXOzXhaaMF4y385udvGvbjOuDdyz7%2FW%2BBM%3D&RelayState=9ceea41b3b158dfe8af314164e45d6f1a9cb09d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=RytuNNRAMQ%2BwUGMaUt%2FMIN9jj%2BmAyh4glASFAgGEYa9zTRB%2Fw96nheIcBi7FsPbAJN9CU%2B2u3X7%2F2vFvRMKCuQqENOhM8Z16%2FpHB3dxiY%2F1iWKhviiOh2TaDg%2BnnVdfxF8PlSZlAMRSR6A76oJrm9fpkini2Z6Br5edyFnoMknpmCfzU8N%2ByAsx245QgCqK%2FynC12Nn1XUK4khtIPCW%2B90ds0DA%2FENipH5G4VfGRG%2BM7Yk%2FgVxAnDRvDXU0z%2BxLUXAr9fNj%2BO1vsZiP9AMXtVgzGl2mKKCLOzCMicFzwB0gDDmKB%2FSCWX%2BWcXFOB9z%2B5P%2FUmY6WPm9qKtbNGs0X7YQ%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Server
193.57.219.95 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
fedhub.airfrance.fr
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb3R%2FSMBKElxGVCEaEF1O6Lqus7eztFPz0brgoD2hiH%2Fpwc3rO7550NKltoZb8teZgnVlzCUWt0CpBhbUVENfNeVbUuwEVJjdUMT7IjSuyyuXHOWa43KcvWmRP83ohyz2bVe9M3keb9fa4UNdyIZeWy320wcUbXd%2BVqfLc1WoxACpLjJx0lqDnMA7C7IrhcJj7QejxIPZjL8Y0jJg3DDje%2BeGwkQLUPFVgqbIJwh72%2B77fx8GDNyRBQHC0Rc4jN3BCxwMPOQdZKkhQbRTRFAQQRSUHYhlZTW5vSKMhldFWM12icc9pzkiBT05B5us1aQZ%2FO1AAbtq%2B0LiVQdV4ZoTmhoAkmfwQI%2FfHtEvp2ubZqfupVpYfrDPVsqJGQMsvhRKylh1Wh4bJuX5aNtFLnn%2BD4n%2BB%2FipjhLXOzXhaaMF4y385udvGvbjOuDdyz7%2FW%2BBM%3D&RelayState=9ceea41b3b158dfe8af314164e45d6f1a9cb09d9&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=RytuNNRAMQ%2BwUGMaUt%2FMIN9jj%2BmAyh4glASFAgGEYa9zTRB%2Fw96nheIcBi7FsPbAJN9CU%2B2u3X7%2F2vFvRMKCuQqENOhM8Z16%2FpHB3dxiY%2F1iWKhviiOh2TaDg%2BnnVdfxF8PlSZlAMRSR6A76oJrm9fpkini2Z6Br5edyFnoMknpmCfzU8N%2ByAsx245QgCqK%2FynC12Nn1XUK4khtIPCW%2B90ds0DA%2FENipH5G4VfGRG%2BM7Yk%2FgVxAnDRvDXU0z%2BxLUXAr9fNj%2BO1vsZiP9AMXtVgzGl2mKKCLOzCMicFzwB0gDDmKB%2FSCWX%2BWcXFOB9z%2B5P%2FUmY6WPm9qKtbNGs0X7YQ%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Date
Wed, 24 Nov 2021 08:44:26 GMT
Server
Apache/2.4.51 (Unix) mod_jk/1.2.48
Connection
Keep-Alive
Keep-Alive
timeout=5, max=85
Content-Length
0
SSO.saml2
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/handlebars.min-latest.js
  • https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
  • https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77CukIENkCBcICoRjAgX07VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpPSZWcnXUoIPZ...
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77CukIENkCBcICoRjAgX07VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpPSZWcnXUoIPZtWlDPPKmhHKvC%2BAhmEqRVYmHaZc6pjhspO6UIkilMcF4STfz1%2BsEk%2BLcqnzPZ8V71zfx9vN7rg013qpV17qfbwl2Rvb3OVzg8P1etkBpnOCgvlshJ5jHqVJxPspxgkR%2FaSbSDnoChzjK97v93DMuqKSApRybsAz40eIYBK1o6hNeg94QHs9SuIdCh6lgxM66WAUHHRuYIRKZ6hloIAapiVQz%2Bl6cntDKw0tnPWW2xyNW0F1hgYiegpyX69pNfjbgQFIV%2FeFxrUMispTUJY6CpoK%2FaGG4Y9pk9K0LcWp%2B6k1Xh58MLW6YE5Bza%2BVUbrUDVaDRui5fppX0SuZfoOSf4H%2BKuOU187VeJpZxWXNfzm52Sa8uM64NQzPv9b4Ew%3D%3D&RelayState=b08fbb3a6c3683223364b3c92f994395d85c0f14&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qp5%2B9QscbKvB9mnWAOihatDhXaG2c6%2BXpxrXs5whP7%2FnWAsGO2h0GGIf6Rc7A%2F7lPuFy9Ks1ia4THlHWF3yUo9Qlk4G%2F28rBQcxQ6u4SiLtOAHEMNcbejvwGEVVD1V9e2tqAiuwnzKVyKhNW0s%2B8q6Yd7rgIlTJZzJTt1iPflqKriZacy9TH6SjGtzcT%2BFtLOpSrYVsyyDTeQSLNF6ykohBghJplHT9yimUyZA55%2B47Y9C%2FuZ0lKdr9qnOCjRimx3cYbqwQlKBxdFFJ0VvtvLz0rqZAdXuitLahWEjC7GQEXldU0TPf0dmd6oz6cMG9bYd2QIChkWC%2B%2BftEPzLXUBA%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Server
193.57.219.95 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
fedhub.airfrance.fr
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLBT8IwGMXv%2FBVL77CukIENkCBcICoRjAgX07VdVlnb2a9T8K93w0U5oIk99PDl9b3f99LhpPSZWcnXUoIPZtWlDPPKmhHKvC%2BAhmEqRVYmHaZc6pjhspO6UIkilMcF4STfz1%2BsEk%2BLcqnzPZ8V71zfx9vN7rg013qpV17qfbwl2Rvb3OVzg8P1etkBpnOCgvlshJ5jHqVJxPspxgkR%2FaSbSDnoChzjK97v93DMuqKSApRybsAz40eIYBK1o6hNeg94QHs9SuIdCh6lgxM66WAUHHRuYIRKZ6hloIAapiVQz%2Bl6cntDKw0tnPWW2xyNW0F1hgYiegpyX69pNfjbgQFIV%2FeFxrUMispTUJY6CpoK%2FaGG4Y9pk9K0LcWp%2B6k1Xh58MLW6YE5Bza%2BVUbrUDVaDRui5fppX0SuZfoOSf4H%2BKuOU187VeJpZxWXNfzm52Sa8uM64NQzPv9b4Ew%3D%3D&RelayState=b08fbb3a6c3683223364b3c92f994395d85c0f14&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Qp5%2B9QscbKvB9mnWAOihatDhXaG2c6%2BXpxrXs5whP7%2FnWAsGO2h0GGIf6Rc7A%2F7lPuFy9Ks1ia4THlHWF3yUo9Qlk4G%2F28rBQcxQ6u4SiLtOAHEMNcbejvwGEVVD1V9e2tqAiuwnzKVyKhNW0s%2B8q6Yd7rgIlTJZzJTt1iPflqKriZacy9TH6SjGtzcT%2BFtLOpSrYVsyyDTeQSLNF6ykohBghJplHT9yimUyZA55%2B47Y9C%2FuZ0lKdr9qnOCjRimx3cYbqwQlKBxdFFJ0VvtvLz0rqZAdXuitLahWEjC7GQEXldU0TPf0dmd6oz6cMG9bYd2QIChkWC%2B%2BftEPzLXUBA%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Date
Wed, 24 Nov 2021 08:44:26 GMT
Server
Apache/2.4.51 (Unix) mod_jk/1.2.48
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
SSO.saml2
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain
  • https://cmstools.airfrance.fr/cmstoolsWeb/js/app/cmstools.min.js
  • https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
  • https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJBT8JAEIXv%2FIqmd2i71CIbIEG4QFQiGBEuZtlO05Xubt3ZKvjr3WKjHtDEPexh8ua9byYzGFc2V0t4qQCtN...
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJBT8JAEIXv%2FIqmd2i71CIbIEG4QFQiGBEuZtlO05Xubt3ZKvjr3WKjHtDEPexh8ua9byYzGFc2V0t4qQCtN3WfUMwKrYZ%2Bbm2JNAgySPNq12HCZIYpDp3MBCItAzjOCSfFfvasRfo4rxay2PNp%2BcblXbJZb48LdSUXcmlB7pMNyV%2FZ%2BraYqTBYrRYdZLIgvjebDv0nnnYjRlIOuxC6PLmAOCa8n2W82w170Euifhw6KWIFM4WWKTv0SUiidhS1SXwfXtI4piTZ%2Bt4DGDyhk47rOMhC4dCvjKKaoUCqmASkltPV%2BOaaOg0tjbaa68IftTz3Bgojegoyn93UFf52YIhg6n35o1qGpfNMKcsMRUlT%2BS4Gwbdpk9JsG9LT7idaWThYb6JlyYzAml8KJWQlG6wGjdCf%2BknhopeQfYGSf4H%2BKuOU186uPMm14FDzn09upgnOjjNqDYKfpzX6AA%3D%3D&RelayState=3502b37dc91edd8c601e343db2f70a0032cb99e5&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mnu%2FFrxsVgyVhbtdib9lvuTOyjNFzXaIxo0cRhv%2BNBOcLTya23c1Iic6UXTTAYnMaSGVaXbSrwH%2BuVtCrihd95bRYvXGgyBaB0kJUzWopZqhuBBHAeP8jAWPpz309u4cng%2F%2BIENzuZ88hqkXB%2BKELvd%2BAUleTSlnFfyPi%2F1bB2D%2BCm%2FxaGx%2B%2BxgsbGw0AN1fE7wZ4Y8fxx9odqjcOyA4DtCIqch8wWtyABPuU6B%2FjNrKVAHvbB8a7v%2FyRBso0Cqd6zVVs1yKuipprkcsfaBz%2F2b5zp5hoZjFvUWLuZfyz9SQXPDvj6cG%2BbI7OLtwAD%2BXqL%2Bsj2FhBQlA%2FtNgwydzqw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Server
193.57.219.95 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
fedhub.airfrance.fr
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJBT8JAEIXv%2FIqmd2i71CIbIEG4QFQiGBEuZtlO05Xubt3ZKvjr3WKjHtDEPexh8ua9byYzGFc2V0t4qQCtN3WfUMwKrYZ%2Bbm2JNAgySPNq12HCZIYpDp3MBCItAzjOCSfFfvasRfo4rxay2PNp%2BcblXbJZb48LdSUXcmlB7pMNyV%2FZ%2BraYqTBYrRYdZLIgvjebDv0nnnYjRlIOuxC6PLmAOCa8n2W82w170Euifhw6KWIFM4WWKTv0SUiidhS1SXwfXtI4piTZ%2Bt4DGDyhk47rOMhC4dCvjKKaoUCqmASkltPV%2BOaaOg0tjbaa68IftTz3Bgojegoyn93UFf52YIhg6n35o1qGpfNMKcsMRUlT%2BS4Gwbdpk9JsG9LT7idaWThYb6JlyYzAml8KJWQlG6wGjdCf%2BknhopeQfYGSf4H%2BKuOU186uPMm14FDzn09upgnOjjNqDYKfpzX6AA%3D%3D&RelayState=3502b37dc91edd8c601e343db2f70a0032cb99e5&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mnu%2FFrxsVgyVhbtdib9lvuTOyjNFzXaIxo0cRhv%2BNBOcLTya23c1Iic6UXTTAYnMaSGVaXbSrwH%2BuVtCrihd95bRYvXGgyBaB0kJUzWopZqhuBBHAeP8jAWPpz309u4cng%2F%2BIENzuZ88hqkXB%2BKELvd%2BAUleTSlnFfyPi%2F1bB2D%2BCm%2FxaGx%2B%2BxgsbGw0AN1fE7wZ4Y8fxx9odqjcOyA4DtCIqch8wWtyABPuU6B%2FjNrKVAHvbB8a7v%2FyRBso0Cqd6zVVs1yKuipprkcsfaBz%2F2b5zp5hoZjFvUWLuZfyz9SQXPDvj6cG%2BbI7OLtwAD%2BXqL%2Bsj2FhBQlA%2FtNgwydzqw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Date
Wed, 24 Nov 2021 08:44:26 GMT
Server
Apache/2.4.51 (Unix) mod_jk/1.2.48
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
0
branding_afklm_2018.css
midpack.airfrance.fr/referentiel/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
6602cb2fc5345f2acca669f46213fe56ada744207465a8058950ce9911444d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:25 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Vary
Accept-Encoding
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Encoding
gzip
Last-Modified
Wed, 09 Dec 2020 14:14:31 GMT
ETag
"49d3-5b608ad893fc0"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=21600
X-AFKL-Site
tls
Accept-Ranges
bytes
Keep-Alive
timeout=15
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:25 GMT
logo-afkl-white.png
midpack.airfrance.fr/referentiel/dist/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/referentiel/dist/img/logo-afkl-white.png
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
011f158c22de2355cf5d778b1276d00a2885c32d8ddc1ad5a77938cf8b5b325c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 13 Mar 2019 12:40:15 GMT
ETag
"309a-583f91b7fa9c0"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
12442
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
spy_2.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/spy_2.png
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
a6fe71589e158e7a394067b850942aec026a2c87436f6dd1d80ee28b55522f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 13 Mar 2019 15:01:34 GMT
ETag
"73b9-583fb14e2ef80"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
29625
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
world-wide-web.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/world-wide-web.png
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
8a8f262550a1bc44fa38ce4ab57546b8f58fdf2355f1e0f41076d8fdedba24bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 13 Mar 2019 15:03:24 GMT
ETag
"4c55-583fb1b716700"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
19541
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
Time_2.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/Time_2.png
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
fa52951f7331c77908baf0d24d1a8543dd9a8075c5effe7232236dbcfce849ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 13 Mar 2019 15:04:20 GMT
ETag
"dda-583fb1ec7e500"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
3546
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
scribble.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/scribble.png
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
1a7dd77250a63697d83e7ca6bdc53a28cf0273109dc306128b9016ce1522caae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 13 Mar 2019 15:05:19 GMT
ETag
"ad83-583fb224c29c0"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
44419
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
intro.gif
midpack.airfrance.fr/phishingvictim/fr/files/img/ 		516 KB
517 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/intro.gif
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
470b727588289bd5b5a85162cdf64cbbe1a8c291666d4f0ad8b056324799af50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Thu, 14 Mar 2019 09:49:00 GMT
ETag
"81119-5840ad4e6fb00"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
528665
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
giphy.gif
midpack.airfrance.fr/phishingvictim/fr/files/img/ 		646 KB
646 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/giphy.gif
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
5d2e992756c3ef2fb10d27bbcb49f4814cbeb402b198a901b44eb32ed5a5c205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Wed, 13 Mar 2019 08:06:38 GMT
ETag
"a1622-583f548f81f80"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
image/gif
Cache-Control
max-age=21600
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
661026
X-AFKL-Origin
back
Expires
Wed, 24 Nov 2021 14:44:26 GMT
Phishing2020EN
interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/ Frame 97CF 		26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
df3a3b2014ceb54a7eb30765eb5e50bd6bfbd15436c2a78013d44f928b919851
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://midpack.airfrance.fr/

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-UA-Compatible
IE=Edge
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Allow
GET, POST, PUT, DELETE
Content-Encoding
gzip
Montserrat-Regular.woff
midpack.airfrance.fr/referentiel/css/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/Montserrat-Regular.woff
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
fef89a9397dde1d5a81a920fb7f7d32ff01e9fcef520863043da25137c3f45f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Origin
https://midpack.airfrance.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 26 Jun 2018 07:16:15 GMT
ETag
"1a65c-56f86460b4dc0"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
108124
X-AFKL-Origin
back
Montserrat-Medium.woff
midpack.airfrance.fr/referentiel/css/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/css/Montserrat-Medium.woff
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
2f5d0a4dd2aa3a95f4d0add12842ad9a3c930216c823de771f9241f5eba6506e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Origin
https://midpack.airfrance.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 26 Jun 2018 07:16:14 GMT
ETag
"1a560-56f8645fc0b80"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
107872
X-AFKL-Origin
back
icons-bootstrap-AF.woff
midpack.airfrance.fr/referentiel/dist/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/referentiel/dist/fonts/icons-bootstrap-AF.woff
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
eece32ebb0977129661ee5f202f9fe796546a1e738ccf3246dcc44cddd952121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Origin
https://midpack.airfrance.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Fri, 06 Oct 2017 08:24:16 GMT
ETag
"161e0-55adc9106cc00"
X-AFKL-Site
tls
Connection
Keep-Alive
Content-Type
application/x-font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=21600
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
90592
X-AFKL-Origin
back
menuh.json
midpack.airfrance.fr/phishingvictim/en/menuHorizontal/ 		55 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/phishingvictim/en/menuHorizontal/menuh.json
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
fb7e9bcfd374a3ae723a031906d4c2424dc6317feb6f3c6dac267c9dc973e4a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Thu, 07 Mar 2019 07:31:01 GMT
ETag
"37-5837c168bd740"
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
application/json
Cache-Control
max-age=21600
X-AFKL-Site
tls
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
55
X-AFKL-Origin
back
contextual_link.json
midpack.airfrance.fr/phishingvictim/en/footer/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/phishingvictim/en/footer/contextual_link.json
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 10 Mar 2015 10:25:08 GMT
ETag
"772-510ec909ba900"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
Content-Length
958
X-AFKL-Origin
back
footer.json
midpack.airfrance.fr/phishingvictim/en/footer/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/phishingvictim/en/footer/footer.json
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 08:44:26 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 10 Mar 2015 10:25:08 GMT
ETag
"772-510ec909ba900"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
X-AFKL-Site
tls
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=15
Content-Length
958
X-AFKL-Origin
back
jquery-3.3.1.min.js
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/ Frame 97CF 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/jquery-3.3.1.min.js?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Mon, 11 Mar 2019 15:38:54 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
application/javascript
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
jquery-migrate-3.0.0.min.js
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/ Frame 97CF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/jquery-migrate-3.0.0.min.js?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Mon, 11 Mar 2019 15:38:54 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
application/javascript
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
jquery-ui.fork.js
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.javascript.JQueryUIHeaderItems/ Frame 97CF 		209 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.javascript.JQueryUIHeaderItems/jquery-ui.fork.js?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
ce969cfd1160c3c2f3dbd83224eedca8cbb52fca0b47e65176f288e27ae1cd0b
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Mon, 11 Mar 2019 15:38:54 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
application/javascript
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
respondent-bundle.js
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwApplication/ Frame 97CF 		109 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwApplication/respondent-bundle.js?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
e1b56a7bbf3ceb5060af2d52607eb78d58f062e7ee30e1c506734da8be636aa0
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Last-Modified
Mon, 11 Mar 2019 15:38:54 GMT
Server
Eloquant
Allow
GET, POST, PUT, DELETE
Connection
keep-alive
Cache-Control
public, max-age=31536000
Content-Disposition
inline
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Length
111628
Expires
Thu, 24 Nov 2022 08:44:26 GMT
respondent-style-PhishingSurvey.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/ Frame 97CF 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
ccd02a20e8a7106dfa5beb04d12d4949b49e03aa8f8de05a0ef407cbc3118f9a
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Allow
GET, POST, PUT, DELETE
Last-Modified
Wed, 24 Nov 2021 08:44:26 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
text/css
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
respondent-responsive-bundle-PhishingSurvey.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/ Frame 97CF 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-responsive-bundle-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
b4d82bafd0bbca1a71cdea5dc7e96a83a59cf511e33d602ec31bc5fe38af9bd1
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Allow
GET, POST, PUT, DELETE
Last-Modified
Fri, 26 Apr 2019 13:31:52 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
text/css
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
apparence-respondent.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/ Frame 97CF 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/apparence-respondent.css?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
9a404b7332da2b280df2399919c0145c9c6c1ed164a4334e4dc797110f4996a6
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Fri, 26 Apr 2019 13:32:58 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
text/css
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
respondent-utilities.js
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentUtilities/ Frame 97CF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentUtilities/respondent-utilities.js?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
4beb17e5bdb7d81a5e94014ba1a8ce6f639d827d37df75a556909573a69277f8
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Fri, 26 Apr 2019 13:31:52 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
application/javascript
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
respondent-responsive.js
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentResponsive/ Frame 97CF 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentResponsive/respondent-responsive.js?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
48ecc2cd8b07ccdf53f0c6b5e2ddf35661fbb61c4b7768579fe47e8920097e09
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Fri, 26 Apr 2019 13:31:52 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
application/javascript
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
efm-respondent-icon.css
interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/ Frame 97CF 		1 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
388015d4c90674adfd7e0e8e7f655c3508dcc1841525c0ff07fe898d4a90982f
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Content-Encoding
gzip
Accept-Range
bytes
Last-Modified
Tue, 20 Nov 2018 09:14:24 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
text/css
Allow
GET, POST, PUT, DELETE
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Content-Disposition
inline
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 24 Nov 2022 08:44:26 GMT
loading-ajax.gif
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.behavior.dialog.DialogAjaxPreloaderPanel/ Frame 97CF 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.behavior.dialog.DialogAjaxPreloaderPanel/loading-ajax.gif?ver=3.8.1.c-20190426
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
9d50d7f26944d0c79dc4baa584d0a9b196d5382fefc23933343fce3065f4397b
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Accept-Range
bytes
Last-Modified
Mon, 11 Mar 2019 15:38:54 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
public, max-age=31536000
Content-Disposition
inline
Connection
keep-alive
Allow
GET, POST, PUT, DELETE
Content-Length
4269
Expires
Thu, 24 Nov 2022 08:44:26 GMT
IMG-ZECFuEWowV
interview.airfrance.fr/afklm/itw/lib/img/name/ Frame 97CF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interview.airfrance.fr/afklm/itw/lib/img/name/IMG-ZECFuEWowV
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
26ddbc12835eb3944119e1506d4df9d8f8dd28cd304da3bbfcdc4cf17f1f9377
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Allow
GET, POST, PUT, DELETE
Last-Modified
Wed, 24 Nov 2021 08:44:26 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
image/png
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Content-Disposition
inline; filename="BandeauQuestionnaire.png"; filename*=UTF-8''BandeauQuestionnaire.png
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
efm-respondent-icon.woff
interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/ Frame 97CF 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.woff?7d8f279abb6d20e9e78400a3e9ed495a
Requested by
Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),
Reverse DNS
interview.eloquant.cloud
Software
Eloquant /
Resource Hash
07c56c584fecfe564758461e1d893c5152211b87a9f5d963fe350a50481bc6dd
Security Headers
Name Value
Strict-Transport-Security max-age=99999999; includeSubDomains; preload

Request headers

Referer
https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426
Origin
https://interview.airfrance.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 24 Nov 2021 08:44:26 GMT
Accept-Range
bytes
Last-Modified
Tue, 20 Nov 2018 09:14:24 GMT
Server
Eloquant
Strict-Transport-Security
max-age=99999999; includeSubDomains; preload
Content-Type
application/x-font-woff
Cache-Control
private, max-age=31449600
Content-Disposition
inline
Connection
keep-alive
Allow
GET, POST, PUT, DELETE
Content-Length
5900
Expires
Wed, 23 Nov 2022 08:44:26 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| BrowserLanguage function| $ function| jQuery object| jQuery11240495325192825641 object| vttjs function| WebVTT function| videojs function| navig function| getPage function| addClassToParent function| addActivesMenu function| comTraceurAF_Vx function| makeHorizontalMenu function| makeFooterColonne function| makeFooter function| ifExist function| makeAllFooter function| makeVerticalMenu function| makeActusList function| makeActusListAF function| makeActusListAFKL function| makeActusListAFKL2 function| getRSSFile object| months function| tradDate function| displayMore function| displayLess object| myBoxesConfigs number| nbMyBoxes function| filterBy function| displayDocs function| makeMyBoxTable function| newSearchMidPack function| startWaiting function| endWaiting object| foldToAscii object| lesMenusV number| nbMenusV number| iMenusV object| menusVParcourus object| liensParcourus boolean| entreeTrouve string| homePage string| docRoot string| lang

13 Cookies

Domain/Path Name / Value
cmstools.airfrance.fr/cmstoolsWeb Name: CLID_cmstools_main_cmstoolsWeb
Value: BgbiW/CHCCIzhtyXyHkQJ+SAzbgkNGOqNc6x6YLlSr+BcTojp2uxI/nR1t4rJxG3w4/HYKk+AAAAAQ==
interview.airfrance.fr/afklm Name: JSESSIONID
Value: E6D53AE3817FF577C29DAE00AADAD7CF
interview.airfrance.fr/afklm Name: encryptedForm
Value: h-BHHoYBqI1btr_sWZu1fxRi9QzEqowOzVWCLHrFL26TK6TaCgypqspkTA9elQmqqjDjRqx_d5k
corpoweb.airfrance.fr/ Name: ASID_static_tls-b2c_um
Value: rd3o00000000000000000000ffff0a46461do8080
corpoweb.airfrance.fr/ Name: CLID_static_tls_b2c_
Value: wQZn9YtPCgo8H2bUnaD/8wAuINJGczU7Iv39UIdywZuQim6aKO0t0AVJMLNS/LeMSfB8SR/RsgAAAAE=
.airfrance.fr/ Name: AFKL_VISITOR_ID
Value: 3018883775462808
phishing.airfrance.fr/ Name: ASID_phishing_main_t8
Value: rd3o00000000000000000000ffff0a46020eo32072
phishing.airfrance.fr/ Name: CLID_phishing_main_
Value: dPEr6xZtXJZEY2KXyHkQJ+SAzbgkNJWicMEqLHZ/x+6/DZN0oKUKQriD0fRLErVWiMo4HbkkAAAAAQ==
midpack.airfrance.fr/ Name: ASID_static_tls_um
Value: rd3o00000000000000000000ffff0a460211o8080
midpack.airfrance.fr/ Name: CLID_static_tls_protect_
Value: xbZ5ELGdsq5rS0eXyHkQJ+SAzbgkNJkW9XApTf4gLx+k+Dhr1zYuDiJNkhns4kVA8S24AAAAAQ==
cmstools.airfrance.fr/ Name: ASID_cmstools_main_t8
Value: rd3o00000000000000000000ffff0a46028do32587
.airfrance.fr/ Name: SMFED_TEMPORARY_STATE
Value: cxGS0hBdYpH7W2TJW++M3gDHVtVPRJA+jQpKf1dWlsd4vNCjKImwU3Fo0eG7gPw3nX7Do2Zv448MXmKQS4ehOTR1x3hR9NxiHTxOKJaBn5O+y6vi8QnKqIn7eqJKPMGrhwIOHXxDtR/ugLF8NyvgGvrpldV5u/W+VHDr9XzIutGEmLbKRlsSq0VottV25PWgfcKuaC5rBJFSGPtbdTeq5uRVldDGcyU6
.airfrance.fr/ Name: PFHUBPRD
Value: o47aJxVJi0bbQDTykvozyf

2 Console Messages

Source Level URL
Text
network error URL: https://midpack.airfrance.fr/phishingvictim/en/footer/contextual_link.json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://midpack.airfrance.fr/phishingvictim/en/footer/footer.json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cmstools.airfrance.fr
corpoweb.airfrance.fr
dbox4klm.org
fedhub.airfrance.fr
fonts.googleapis.com
hblsp.airfrance.fr
interview.airfrance.fr
midpack.airfrance.fr
phishing.airfrance.fr
193.57.218.45
193.57.219.101
193.57.219.141
193.57.219.17
193.57.219.95
193.57.244.60
217.70.184.38
2a00:1450:4001:829::200a
31.193.53.126
011f158c22de2355cf5d778b1276d00a2885c32d8ddc1ad5a77938cf8b5b325c
07c56c584fecfe564758461e1d893c5152211b87a9f5d963fe350a50481bc6dd
087d6815b1745ea3ca35339960085360bca07df64e2e86e272e7a33ae553f3c8
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
159303dc67235469965d6118de1267a7e0e4428f2ed53f28bad2f622e058df6b
1a7dd77250a63697d83e7ca6bdc53a28cf0273109dc306128b9016ce1522caae
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b
23a3bf087387256291f8b19ab8775552aec1494b98430032f18c2e457b0e3cbf
26ddbc12835eb3944119e1506d4df9d8f8dd28cd304da3bbfcdc4cf17f1f9377
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2d9d53b14c424fa3abf37c444e9b2ceb90b45fef886a476b553419318402781e
2e028af461233fae5b28d7e5677c2e90f6ed34eee5996cd0698e684fc526690e
2f5d0a4dd2aa3a95f4d0add12842ad9a3c930216c823de771f9241f5eba6506e
358a7057f4a54939027b1a4d911e777bb6243a5e7e7db278d7b1819b8fb2289d
388015d4c90674adfd7e0e8e7f655c3508dcc1841525c0ff07fe898d4a90982f
470b727588289bd5b5a85162cdf64cbbe1a8c291666d4f0ad8b056324799af50
48ecc2cd8b07ccdf53f0c6b5e2ddf35661fbb61c4b7768579fe47e8920097e09
4b464f1461669aa6a5d7e2105f8b1a9188ef35678ed871feaaa3c86d1c10ce72
4beb17e5bdb7d81a5e94014ba1a8ce6f639d827d37df75a556909573a69277f8
4f82510c7f92b1c9b9aff411591e7db7d0319a9def55b6d813196e1403eb1c7b
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3
5d2e992756c3ef2fb10d27bbcb49f4814cbeb402b198a901b44eb32ed5a5c205
6602cb2fc5345f2acca669f46213fe56ada744207465a8058950ce9911444d7e
6662011df1df6595275e73ff6c7c8b29bd1142df10a9c211cf34f20090dcabad
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6bcb144ce52278e26ecda4de7da3c114a93519a449965de6550c92f574c498a2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c5c46d9f726406838a6e4aff33682d7c27e5b45046c4c288005086a2c20acd2
829235960bbf253f6f0ea077e0a9fcf766afe58a3659d4e7c906ef11ca63a57b
8a8f262550a1bc44fa38ce4ab57546b8f58fdf2355f1e0f41076d8fdedba24bf
8ea74172b8b7fc42565c55b14b104131766cf692d88656d1b3266bbe1d6f6892
91faf20ad4f61d576c93c06fc762b63fc5122b165d3f28746e384fad5547cd62
92e1e18b00e7d217470b37aaee6fef1e9a912b1fec8b39f5feadf4c4ebedc9c6
9a404b7332da2b280df2399919c0145c9c6c1ed164a4334e4dc797110f4996a6
9d50d7f26944d0c79dc4baa584d0a9b196d5382fefc23933343fce3065f4397b
9e611daeeffa38f4f35827ef6e6cd29826cf0164669882841e50efd65389048f
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
a6fe71589e158e7a394067b850942aec026a2c87436f6dd1d80ee28b55522f49
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
acec9cb106f25d56f1f4a51286916ce11c71fd1a1c5b858513b2bcb44e90820e
ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3
b2304c750b41680f87f5aadb41fd402a42c748d1bbaf7d0a06ce2ed7f921d153
b24fb373e001165e71ba76d3b2eae6a01d7b9b60a4158cdc7abbabc4bdce73f9
b4d82bafd0bbca1a71cdea5dc7e96a83a59cf511e33d602ec31bc5fe38af9bd1
b86f1fac88fec6f052df0ec00fd3eee232ec7dc826ecc48caa1efb7e9370a5ed
ccd02a20e8a7106dfa5beb04d12d4949b49e03aa8f8de05a0ef407cbc3118f9a
ce969cfd1160c3c2f3dbd83224eedca8cbb52fca0b47e65176f288e27ae1cd0b
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d98ce2d90daa28b3e89c8c223bb4e62b513d51f3ba7b1d81311bf7979754986c
df3a3b2014ceb54a7eb30765eb5e50bd6bfbd15436c2a78013d44f928b919851
e1b56a7bbf3ceb5060af2d52607eb78d58f062e7ee30e1c506734da8be636aa0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70df6b6057381125311672369cb8fc6c3f8fa93ea2b4075ee79228cc2c5cb9e
eb5067d2e9b6d189fbd8053004f434942b87bf053bd2b946c1a087fbeffba697
eea2afed0b4ee2168de491c565e71d328dab6e6a0a59a2722363fc48983d05a7
eece32ebb0977129661ee5f202f9fe796546a1e738ccf3246dcc44cddd952121
f76bfb310f6e929c7fe09d228c5edcfab454c0fec4fd6c351b7ab8fee4528ca8
f793d9be4e86c3e873666f4ce3a7f51be9d3f9cf1828034fb0d1b7516dbbe1fa
fa52951f7331c77908baf0d24d1a8543dd9a8075c5effe7232236dbcfce849ac
fb7e9bcfd374a3ae723a031906d4c2424dc6317feb6f3c6dac267c9dc973e4a8
fe837fb86c23c607c9abf14e8c2606554cd844bbdf4d0a815409d91303a765d3
fef89a9397dde1d5a81a920fb7f7d32ff01e9fcef520863043da25137c3f45f7