urlscan.io logo urlscan.io
SecurityTrails logo

midpack.airfrance.fr Open in urlscan Pro
193.57.218.45  Public Scan

Go To Rescan Add Verdict Report
URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339ac...
Submission: On April 25 via api from IE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 193.57.218.45, located in France and belongs to AIRFRANCE-AS, FR. The main domain is midpack.airfrance.fr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 2nd 2024. Valid for: a year.
This is the only time midpack.airfrance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 193.57.218.45 198340 (AIRFRANCE-AS)
7 2
Apex Domain
Subdomains		 Transfer
6 airfrance.fr
midpack.airfrance.fr
13 KB
7 1
Domain Requested by
6 midpack.airfrance.fr midpack.airfrance.fr
7 1

This site contains no links.

Subject Issuer Validity Valid
airfrance.fr
Sectigo RSA Organization Validation Secure Server CA		 2024-01-02 -
2025-01-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Frame ID: 335B9340E2093356C8FCF5C4055EEE3B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

13 kB
Transfer

13 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
958
Content-Security-Policy
frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Content-Type
text/html
Date
Thu, 25 Apr 2024 06:01:49 GMT
ETag
"772-510ec909ba900"
Last-Modified
Tue, 10 Mar 2015 10:25:08 GMT
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Origin
back
X-AFKL-Site
tls
_master.css
midpack.airfrance.fr/_af_server/ 		0
0
_AF_logo.gif
midpack.airfrance.fr/_af_server/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/_af_server/_AF_logo.gif
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
158cc5c03460a400b89f30b6b1972d6651545af1baab39cb5e880405cc36a951
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 06:01:50 GMT
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
www-authenticate
Bearer realm="midpack.airfrance.fr:443/"
X-Content-Type-Options
nosniff
Via
1.1 RT_PU
Strict-Transport-Security
max-age=31536000
X-AFKL-Site
tls
content-type
text/html; charset=UTF-8
cache-control
no-cache,no-store,max-age=0
content-length
2390
X-AFKL-Origin
front
expires
0
_bandeau.gif
midpack.airfrance.fr/_af_server/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/_af_server/_bandeau.gif
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
6ff7ede75ba7e615ea103ae84d67280bf44c76f57083b655e67d8c94c0c51be7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 06:01:50 GMT
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
www-authenticate
Bearer realm="midpack.airfrance.fr:443/"
X-Content-Type-Options
nosniff
Via
1.1 RT_PU
Strict-Transport-Security
max-age=31536000
X-AFKL-Site
tls
content-type
text/html; charset=UTF-8
cache-control
no-cache,no-store,max-age=0
content-length
2385
X-AFKL-Origin
front
expires
0
_retour_fr.gif
midpack.airfrance.fr/_af_server/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/_af_server/_retour_fr.gif
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
c3263edfa0d8a0c776cdbb846cecd7daba6191493fbb674fe43b7ea20d9ddb86
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 06:01:50 GMT
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
www-authenticate
Bearer realm="midpack.airfrance.fr:443/"
X-Content-Type-Options
nosniff
Via
1.1 RT_PU
Strict-Transport-Security
max-age=31536000
X-AFKL-Site
tls
content-type
text/html; charset=UTF-8
cache-control
no-cache,no-store,max-age=0
content-length
2389
X-AFKL-Origin
front
expires
0
_retour_en.gif
midpack.airfrance.fr/_af_server/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midpack.airfrance.fr/_af_server/_retour_en.gif
Requested by
Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
/
Resource Hash
77806c16f1b4eb26a3c73199e3de7f0f8d529228b7ad4aa10f356804b7fda72f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 06:01:50 GMT
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none';
www-authenticate
Bearer realm="midpack.airfrance.fr:443/"
X-Content-Type-Options
nosniff
Via
1.1 RT_PU
Strict-Transport-Security
max-age=31536000
X-AFKL-Site
tls
content-type
text/html; charset=UTF-8
cache-control
no-cache,no-store,max-age=0
content-length
2388
X-AFKL-Origin
front
expires
0
favicon.ico
midpack.airfrance.fr/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://midpack.airfrance.fr/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
midpack.airfrance.fr
Software
RT_PU /
Resource Hash
60181b134917f1283e4e9da4124ba409425265dd239e619728314b8a9c82bba0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=604800
Server
RT_PU
Connection
Keep-Alive
Content-Length
1406
X-AFKL-Origin
front
X-AFKL-Site
tls
Content-Type
image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
midpack.airfrance.fr
URL
https://midpack.airfrance.fr/_af_server/_master.css

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
midpack.airfrance.fr/ Name: ASID_static_tls_um
Value: !kSTxp/aKxmWUGpDvMhwJGRJAx+u/rwAdZ8pthAOsvn/KeXxnHEFb5tt027Lb6CLclzbJUv4JwpdDnASVgfZSKYajiMPnaKyxbsp+EchdPQ==
midpack.airfrance.fr/ Name: CLID_static_tls_hblpga_
Value: lPGrWuIH2N97fBGbPA5vsbv9MXujvrqGbhfisO63E2duw1TYNFHdHO8R7BnVHq8My+IoAAAAAQ==
.airfrance.fr/ Name: AFKL_VISITOR_ID
Value: 8243544217312496
.airfrance.fr/ Name: TS01fa1d8f
Value: 01512b53d64355fa5c871e6904ceb3c8ed49971bb409c441f6a4160c38079261c49a62a7013bc7a15f8fd6c2bd0606d60d3abe6e200f3ea16319ebf6b9fc6416e3026eaaca
midpack.airfrance.fr/ Name: nonce.Fe7qqi.1714025209
Value: d68bd838-1c74-4e49-9af7-187c28dc724a
.airfrance.fr/ Name: TS01999e7a
Value: 01512b53d60a33c73eee9942d545f229154e25e8e909c441f6a4160c38079261c49a62a7018fc65a831d2658b2e0bdacc128be56cc8307014f3c92db8bc2276be1fd59cc18069853ef300d1b5f994c5acb4777f62b2175ac3d4d5588adaf3d437af92a0a16f481308fb709e5028ee8c29884537bbe
midpack.airfrance.fr/ Name: nonce.GuFRMD.1714025210
Value: b7afe8d7-b2cd-44f0-94c1-ac02e41e1a0c
midpack.airfrance.fr/ Name: nonce.yocOrc.1714025210
Value: cf308f89-9dec-4c45-b335-24546d7c33d6
midpack.airfrance.fr/ Name: nonce.GXTLXd.1714025210
Value: 987f8f75-140b-4616-b327-3605084fe046
midpack.airfrance.fr/ Name: nonce.GfJesC.1714025210
Value: e967a268-5829-4a21-91aa-773f97dd139a
midpack.airfrance.fr/ Name: TS01602da3
Value: 01512b53d672e3d8152e0e64482506030da86f934209c441f6a4160c38079261c49a62a7018fc65a831d2658b2e0bdacc128be56cc8307014f3c92db8bc2276be1fd59cc18f6281cb22693d12bd86af664756a1e994b8365fb0d5437400615365540f1b004

6 Console Messages

Source Level URL
Text
network error URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://midpack.airfrance.fr/phishingvictim/fr/files/img/DKL_NL.png]%3Chttp://acme4klm.com/home/3af79de2-80e8-4f31-a73a-339acf7f16ac/81fa64c8-d6a7-44b7-aeac-f5fecb81818e/
Message:
Refused to apply style from 'https://midpack.airfrance.fr/_af_server/_master.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://midpack.airfrance.fr/_af_server/_AF_logo.gif
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://midpack.airfrance.fr/_af_server/_bandeau.gif
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://midpack.airfrance.fr/_af_server/_retour_fr.gif
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://midpack.airfrance.fr/_af_server/_retour_en.gif
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security max-age=31536000