midpack.airfrance.fr Open in urlscan Pro
193.57.218.45 Public Scan

Software

Resource Hash

f76bfb310f6e929c7fe09d228c5edcfab454c0fec4fd6c351b7ab8fee4528ca8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Last-Modified: Wed, 14 Jun 2017 12:26:33 GMT
ETag: "457-551eaa9971040"
Accept-Ranges: bytes
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
X-AFKL-Origin: back
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 797

Redirect headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Location: http://corpoweb.airfrance.fr/redirect/
Content-Length: 246
Keep-Alive: timeout=15
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
X-AFKL-Origin: back
Vary: Accept-Encoding

GET
H/1.1 200
OK all-ae3de5333b.css
corpoweb.airfrance.fr/redirect/css/ 157 KB
43 KB 91ms
91ms Stylesheet
text/css 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://corpoweb.airfrance.fr/redirect/css/all-ae3de5333b.css
Requested by: Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol: HTTP/1.1
Server: 193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: akis.airfrance.fr
Software: /
Resource Hash: 358a7057f4a54939027b1a4d911e777bb6243a5e7e7db278d7b1819b8fb2289d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:24 GMT
ETag: "27514-551eaa90dbc00"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 43912
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:55 GMT

GET
H/1.1 200
OK prod-64bae8f110.js Show response
corpoweb.airfrance.fr/redirect/libs/ 589 KB
247 KB 172ms
153ms Script
application/x-javascript 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Requested by: Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/
Protocol: HTTP/1.1
Server: 193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: akis.airfrance.fr
Software: /
Resource Hash: 2d9d53b14c424fa3abf37c444e9b2ceb90b45fef886a476b553419318402781e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://corpoweb.airfrance.fr/redirect/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:33 GMT
ETag: "93275-551eaa9971040"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Transfer-Encoding: chunked
X-AFKL-Origin: back
Keep-Alive: timeout=15
Expires: Wed, 24 Nov 2021 17:32:55 GMT

GET
H/1.1 200
OK en.json Show response
corpoweb.airfrance.fr/redirect/languages/ 710 B
1 KB 43ms
43ms XHR
application/json 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://corpoweb.airfrance.fr/redirect/languages/en.json
Requested by: Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js
Protocol: HTTP/1.1
Server: 193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: akis.airfrance.fr
Software: /
Resource Hash: 6bcb144ce52278e26ecda4de7da3c114a93519a449965de6550c92f574c498a2

Request headers

Accept: application/json, text/plain, */*
Referer: http://corpoweb.airfrance.fr/redirect/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "2c6-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=21600
X-AFKL-Site: tls
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 710
X-AFKL-Origin: back

GET
H/1.1 200
OK fake.html Show response
corpoweb.airfrance.fr/redirect/html/views/ 42 B
572 B 43ms
43ms XHR
text/html 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://corpoweb.airfrance.fr/redirect/html/views/fake.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Server

193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

92e1e18b00e7d217470b37aaee6fef1e9a912b1fec8b39f5feadf4c4ebedc9c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept: text/html
Referer: http://corpoweb.airfrance.fr/redirect/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "2a-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: text/html
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 42
X-AFKL-Origin: back

GET
H/1.1 200
OK home.html Show response
corpoweb.airfrance.fr/redirect/html/views/ 1 KB
1004 B 75ms
57ms XHR
text/html 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://corpoweb.airfrance.fr/redirect/html/views/home.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Server

193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

91faf20ad4f61d576c93c06fc762b63fc5122b165d3f28746e384fad5547cd62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept: text/html
Referer: http://corpoweb.airfrance.fr/redirect/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "47a-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: text/html
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 448
X-AFKL-Origin: back

GET
H/1.1 200
OK rightMenu.html Show response
corpoweb.airfrance.fr/redirect/html/views/ 1012 B
2 KB 76ms
58ms XHR
text/html 193.57.244.60
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://corpoweb.airfrance.fr/redirect/html/views/rightMenu.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Server

193.57.244.60 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

eea2afed0b4ee2168de491c565e71d328dab6e6a0a59a2722363fc48983d05a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;

Request headers

Accept: text/html
Referer: http://corpoweb.airfrance.fr/redirect/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 14 Jun 2017 12:26:19 GMT
ETag: "3f4-551eaa8c170c0"
Vary: Accept-Encoding
Content-Type: text/html
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri http://corpoweb.airfrance.fr/csp-report ;
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1012
X-AFKL-Origin: back

OPTIONS
H/1.1 200 clickEmailLink
phishing.airfrance.fr/resources/stats/e284c392-b424-435e-bac5-8105d2bc2caa/4c8d2e94-444b-4a07-8cf6-67c49f762c5d/ Frame 0
0 152ms
37ms Preflight 193.57.219.101
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.airfrance.fr/resources/stats/e284c392-b424-435e-bac5-8105d2bc2caa/4c8d2e94-444b-4a07-8cf6-67c49f762c5d/clickEmailLink

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.101 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

tplanner.airfrance.fr

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: http://corpoweb.airfrance.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Access-Control-Allow-Credentials: true true
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE PUT
Cache-Control: no-cache
Access-Control-Max-Age: 0 1800
Access-Control-Allow-Headers: pragma, X-HTTP-Method-Override, content-length, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Access-Control-Allow-Origin: http://corpoweb.airfrance.fr
Vary: Origin
Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Content-Length: 0
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
X-AFKL-Origin: back
Keep-Alive: timeout=15
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000

PUT
H/1.1 200 clickEmailLink Show response
phishing.airfrance.fr/resources/stats/e284c392-b424-435e-bac5-8105d2bc2caa/4c8d2e94-444b-4a07-8cf6-67c49f762c5d/ 0
1 KB 59ms
59ms XHR
text/plain 193.57.219.101
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.airfrance.fr/resources/stats/e284c392-b424-435e-bac5-8105d2bc2caa/4c8d2e94-444b-4a07-8cf6-67c49f762c5d/clickEmailLink

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/libs/prod-64bae8f110.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.101 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

tplanner.airfrance.fr

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: http://corpoweb.airfrance.fr/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Origin
X-AFKL-Site: tls
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE
Access-Control-Allow-Origin: http://corpoweb.airfrance.fr
Access-Control-Max-Age: 0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true, true
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Headers: pragma, X-HTTP-Method-Override, content-length, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length: 0
X-AFKL-Origin: back
Keep-Alive: timeout=15

GET
H/1.1 200 PhishingV1.html Show response
phishing.airfrance.fr/Phishing/en/public/g_standard_page/ 197 B
1 KB 130ms
37ms Document
text/html 193.57.219.101
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phishing.airfrance.fr/Phishing/en/public/g_standard_page/PhishingV1.html

Requested by

Host: corpoweb.airfrance.fr
URL: http://corpoweb.airfrance.fr/redirect/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.101 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

tplanner.airfrance.fr

Software

Resource Hash

b24fb373e001165e71ba76d3b2eae6a01d7b9b60a4158cdc7abbabc4bdce73f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://phishing.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: http://corpoweb.airfrance.fr/

Response headers

Date: Wed, 24 Nov 2021 11:32:55 GMT
Accept-Ranges: bytes
ETag: W/"197-1560515137000"
Last-Modified: Fri, 14 Jun 2019 12:25:37 GMT
Content-Type: text/html
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://phishing.airfrance.fr/csp-report ;
X-AFKL-Origin: back
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK Primary Request PhishingVictim.html Show response
midpack.airfrance.fr/phishingvictim/en/pageStandard/ 15 KB
6 KB 209ms
94ms Document
text/html 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

f793d9be4e86c3e873666f4ce3a7f51be9d3f9cf1828034fb0d1b7516dbbe1fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://phishing.airfrance.fr/

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Last-Modified: Wed, 10 Nov 2021 15:46:23 GMT
ETag: "3d60-5d07120c93b12"
Accept-Ranges: bytes
Content-Type: text/html
Via: 1.1 RT_PU, 1.1 RT_PU
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
X-AFKL-Origin: back
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK bootstrap.css
midpack.airfrance.fr/referentiel/dist/css/ 204 KB
50 KB 40ms
40ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

e70df6b6057381125311672369cb8fc6c3f8fa93ea2b4075ee79228cc2c5cb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2017 11:20:37 GMT
ETag: "330dd-55f3170f9ab40"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK languages.js Show response
midpack.airfrance.fr/referentiel/js/ 2 KB
2 KB 192ms
94ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/languages.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

7c5c46d9f726406838a6e4aff33682d7c27e5b45046c4c288005086a2c20acd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 10:22:51 GMT
ETag: "997-56163e5f134c0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK jquery.min.js Show response
midpack.airfrance.fr/referentiel/dist/js/ 95 KB
47 KB 147ms
38ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 08:33:44 GMT
ETag: "17b8b-566f6a6718a00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
midpack.airfrance.fr/referentiel/libs/jquery-ui/ 248 KB
100 KB 149ms
38ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/jquery-ui/jquery-ui.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2017 14:48:45 GMT
ETag: "3dee5-55d8de6a68d40"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK jquery-ui.min.css
midpack.airfrance.fr/referentiel/libs/jquery-ui/ 31 KB
11 KB 104ms
45ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/jquery-ui/jquery-ui.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2017 14:48:44 GMT
ETag: "7d4c-55d8de6974b00"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
midpack.airfrance.fr/referentiel/dist/js/ 36 KB
15 KB 162ms
45ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/js/bootstrap.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Fri, 06 Oct 2017 08:29:06 GMT
ETag: "90b5-55adca24fd880"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK video.min.js Show response
midpack.airfrance.fr/referentiel/libs/video-js/ 180 KB
71 KB 158ms
40ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/video-js/video.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

6662011df1df6595275e73ff6c7c8b29bd1142df10a9c211cf34f20090dcabad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2017 14:04:37 GMT
ETag: "2d042-55d8d48d14740"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK video-js.min.css
midpack.airfrance.fr/referentiel/libs/video-js/ 45 KB
19 KB 97ms
37ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/libs/video-js/video-js.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2017 14:04:36 GMT
ETag: "b2ce-55d8d48c20500"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 106ms
37ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 11:32:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 11:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 11:32:56 GMT

GET
H/1.1 200
OK new_search.css
midpack.airfrance.fr/referentiel/css/ 2 KB
1 KB 96ms
36ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/new_search.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fe837fb86c23c607c9abf14e8c2606554cd844bbdf4d0a815409d91303a765d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 09:01:27 GMT
ETag: "6a7-54beef027e7c0"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK font-awesome.min.css
midpack.airfrance.fr/referentiel/dist/font-awesome/css/ 30 KB
10 KB 105ms
44ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/font-awesome/css/font-awesome.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Mon, 16 Oct 2017 11:05:43 GMT
ETag: "7918-55ba7fcd46fc0"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200 comment.min.css
cmstools.airfrance.fr/cmstoolsWeb/ 469 B
1 KB 157ms
35ms Stylesheet
text/css 193.57.219.17
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cmstools.airfrance.fr/cmstoolsWeb/comment.min.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.219.17 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

b2bdoc.airfrance.fr

Software

Resource Hash

acec9cb106f25d56f1f4a51286916ce11c71fd1a1c5b858513b2bcb44e90820e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE
Connection: Keep-Alive
Content-Encoding: gzip
Access-Control-Allow-Headers: x-requested-with, X-HTTP-Method-Override, content-type, content-length
Last-Modified: Fri, 19 Nov 2021 12:14:28 GMT
ETag: W/"469-1637324068000"
Access-Control-Max-Age: 0
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK specificMycms.css
midpack.airfrance.fr/referentiel/css/ 697 B
856 B 105ms
44ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/specificMycms.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

23a3bf087387256291f8b19ab8775552aec1494b98430032f18c2e457b0e3cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 10:13:23 GMT
ETag: "2b9-5bbfe2b1d96c0"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK lang.js Show response
midpack.airfrance.fr/referentiel/js/ 403 B
746 B 196ms
41ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/lang.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

087d6815b1745ea3ca35339960085360bca07df64e2e86e272e7a33ae553f3c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 08:36:35 GMT
ETag: "193-566f6b0a2cac0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK menuFunctions.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 6 KB
3 KB 220ms
48ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuFunctions.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

b86f1fac88fec6f052df0ec00fd3eee232ec7dc826ecc48caa1efb7e9370a5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 10:39:22 GMT
ETag: "1642-57edbd7804a80"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK comTraceurAF_v4.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 3 KB
2 KB 290ms
104ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/comTraceurAF_v4.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

b2304c750b41680f87f5aadb41fd402a42c748d1bbaf7d0a06ce2ed7f921d153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Mon, 07 Jan 2019 10:39:24 GMT
ETag: "c44-57edbd79ecf00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK menuHorizontal.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 4 KB
2 KB 290ms
100ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuHorizontal.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

eb5067d2e9b6d189fbd8053004f434942b87bf053bd2b946c1a087fbeffba697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2019 09:05:27 GMT
ETag: "e1f-5898a620c03c0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK footer.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 13 KB
4 KB 277ms
86ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/footer.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

159303dc67235469965d6118de1267a7e0e4428f2ed53f28bad2f622e058df6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2016 17:06:15 GMT
ETag: "3206-542ec4e2f6fc0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK menuVertical.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 6 KB
3 KB 234ms
38ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/menuVertical.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

829235960bbf253f6f0ea077e0a9fcf766afe58a3659d4e7c906ef11ca63a57b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2019 09:05:30 GMT
ETag: "169b-5898a6239ca80"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK listeActus.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 14 KB
5 KB 261ms
50ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/listeActus.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

2e028af461233fae5b28d7e5677c2e90f6ed34eee5996cd0698e684fc526690e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Tue, 10 Dec 2019 08:24:52 GMT
ETag: "3830-599553f033d00"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK fullscreenVideoFix.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 553 B
919 B 256ms
36ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/fullscreenVideoFix.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

8ea74172b8b7fc42565c55b14b104131766cf692d88656d1b3266bbe1d6f6892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2015 15:09:59 GMT
ETag: "229-51d32ba8e1fc0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK jquery.rwdImageMaps.min.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 1 KB
1 KB 290ms
41ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/jquery.rwdImageMaps.min.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Wed, 31 Jan 2018 12:46:22 GMT
ETag: "468-56411ddcd6380"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK myBox.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 8 KB
4 KB 293ms
37ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/myBox.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

9e611daeeffa38f4f35827ef6e6cd29826cf0164669882841e50efd65389048f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 08:09:59 GMT
ETag: "2058-59940ebf1c3c0"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK jQueryBootstrapColumnsSameHeight.js Show response
midpack.airfrance.fr/referentiel/js/ 7 KB
3 KB 309ms
47ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/jQueryBootstrapColumnsSameHeight.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

4f82510c7f92b1c9b9aff411591e7db7d0319a9def55b6d813196e1403eb1c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Tue, 20 Feb 2018 09:02:18 GMT
ETag: "1b61-565a1114dba80"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK new_search.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 13 KB
6 KB 327ms
35ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/new_search.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

d98ce2d90daa28b3e89c8c223bb4e62b513d51f3ba7b1d81311bf7979754986c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Tue, 27 Apr 2021 15:07:26 GMT
ETag: "357b-5c0f59eb90780"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK fold_to_ascii.js Show response
midpack.airfrance.fr/referentiel/js/nextgen_js/ 12 KB
7 KB 386ms
95ms Script
application/x-javascript 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/js/nextgen_js/fold_to_ascii.js

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

4b464f1461669aa6a5d7e2105f8b1a9188ef35678ed871feaaa3c86d1c10ce72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Mon, 27 Feb 2017 15:16:18 GMT
ETag: "313d-549848fa4b480"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1

200
OK

SSO.saml2 Show response
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain

https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/URI.min.js
https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb%2BTNsgATHy4i6CEaEF9N1XVZZ29nbKfjp3XBRHtDEPvTh5vSc3z3pZF7ZXK34a8X...

0
0

141ms
40ms

Script
text/html

193.57.219.95
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb%2BTNsgATHy4i6CEaEF9N1XVZZ29nbKfjp3XBRHtDEPvTh5vSc3z3pZF7ZXK34a8XBOov6EopaodUU5daWQFw342leJT0qTGaoYryXGVekpcuPS8xwsY9etEifllUsiz1blO9M3o%2B2m90xVtcylivL5X60xfkb3dwVkfLc9TruAZUFRk60mKLngUcTmg1xkngpH2d0HKTjIEtGnA2GjCX94CqgtRSg4pECS5WdIuxhv%2Bv7XTx48H3Sx2Q42iHnkRs4oeOeh5yDLBRMUWUU0RQEEEUlB2IZWc9vb0itIaXRVjNdoFnHqc9EgU9OQebrNakHfztQAG6avtCskUFZe6aEZoaAJKn8EBP3x7RNadvm6an7UCvLD9YJtSypEdDwS6GErGSL1aJhcq4Pizp6xbNvUPwv0F9ljLDGuR6HuRaMN%2FyXk9tt3IvrzDoT9%2FxrzT4B&RelayState=343a3accc2d7bb7d8d3dd711e641722b60654606&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=1CvACxAKPIvd7OnbLZw0SRgzkyvGzXOoQZOmk%2F5BoYkZjBMzCZnB49404qiT1uhGhEH956DGslWR6YWo13sbnyEE9eRC0zPumbiXfAAmQ7tod7Ac%2B30Sd0CpZVs4prSLG52S5hdpi1vS49cV12xfnFJp7nS%2BIV807fVSk1vtbcAQ22R%2F5Fj%2BNNtqCxChrMfftEN9GJW9gRFgEVpcY9hTVSzfYLnnYrU%2BQL8pzURBJbfWG2Ee%2Fx9qgQhS1edYsbliGVInfelqsbJgYono3tiDsvvKg6Jey3Al8DmK0IFyV%2F0DUQ%2FMdAD0iIqKdLd8OXdLxsu98NtCDFzosIep%2Fn5Lcw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Requested by: Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol: HTTP/1.1
Server: 193.57.219.95 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: fedhub.airfrance.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL32Fb%2BTNsgATHy4i6CEaEF9N1XVZZ29nbKfjp3XBRHtDEPvTh5vSc3z3pZF7ZXK34a8XBOov6EopaodUU5daWQFw342leJT0qTGaoYryXGVekpcuPS8xwsY9etEifllUsiz1blO9M3o%2B2m90xVtcylivL5X60xfkb3dwVkfLc9TruAZUFRk60mKLngUcTmg1xkngpH2d0HKTjIEtGnA2GjCX94CqgtRSg4pECS5WdIuxhv%2Bv7XTx48H3Sx2Q42iHnkRs4oeOeh5yDLBRMUWUU0RQEEEUlB2IZWc9vb0itIaXRVjNdoFnHqc9EgU9OQebrNakHfztQAG6avtCskUFZe6aEZoaAJKn8EBP3x7RNadvm6an7UCvLD9YJtSypEdDwS6GErGSL1aJhcq4Pizp6xbNvUPwv0F9ljLDGuR6HuRaMN%2FyXk9tt3IvrzDoT9%2FxrzT4B&RelayState=343a3accc2d7bb7d8d3dd711e641722b60654606&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=1CvACxAKPIvd7OnbLZw0SRgzkyvGzXOoQZOmk%2F5BoYkZjBMzCZnB49404qiT1uhGhEH956DGslWR6YWo13sbnyEE9eRC0zPumbiXfAAmQ7tod7Ac%2B30Sd0CpZVs4prSLG52S5hdpi1vS49cV12xfnFJp7nS%2BIV807fVSk1vtbcAQ22R%2F5Fj%2BNNtqCxChrMfftEN9GJW9gRFgEVpcY9hTVSzfYLnnYrU%2BQL8pzURBJbfWG2Ee%2Fx9qgQhS1edYsbliGVInfelqsbJgYono3tiDsvvKg6Jey3Al8DmK0IFyV%2F0DUQ%2FMdAD0iIqKdLd8OXdLxsu98NtCDFzosIep%2Fn5Lcw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fURI%2emin%2ejs
Date: Wed, 24 Nov 2021 11:32:56 GMT
Server: Apache/2.4.51 (Unix) mod_jk/1.2.48
Connection: Keep-Alive
Keep-Alive: timeout=5, max=79
Content-Length: 0

GET
H/1.1

200
OK

SSO.saml2 Show response
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain

https://cmstools.airfrance.fr/cmstoolsWeb/js/libs/handlebars.min-latest.js
https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLNTgIxFIX3PMWkexim%2FNoACcIGohLBiLAxpXObqUzbsbej4NM7gxNlgSZ20cXN6TnfPelgnPvELOE1B%2FT...

0
0

141ms
42ms

Script
text/html

193.57.219.95
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLNTgIxFIX3PMWkexim%2FNoACcIGohLBiLAxpXObqUzbsbej4NM7gxNlgSZ20cXN6TnfPelgnPvELOE1B%2FTBtLiU4V5ZMySJ9xmyMJQQJ%2FmuwZWTjhsBDelCFWchHOdU0HQ%2Fe7EqfprnC53uxTR7F%2Fq%2Bu1lvjwtzrRd66UHvuxuavPH1XTozzXC1WjSQ65SSYDYdkue2BCli2qK8LXadVkyB9q9kj3Z4v8WjJkS9tiykiDnMDHpu%2FJDQJo3qUVSn7YcoYi3KOt0tCR7B4QmdNpokOOjU4JDkzjDLUSEzXAMyL9hqfHvDCg3LnPVW2JSMakFxBgYjdgpyX69ZMfjbgSOCK%2Fsio1KGWeEZMy4dQ81i%2FaEG4Y9plVK1DfGp%2B4k1Hg4%2BmFidcaew5NfKKJ3rCqtCo%2BxcP0mL6CXIb1D6L9BfZYKJ0rkYTxKrBJT8l5OrbcKL64xqg%2FD8a40%2BAQ%3D%3D&RelayState=3f9fb1784227632fffc45cfcaac9cf5de42eab40&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=AZCkhhB%2BII0IZsr4e0A4w64ZGFehEUYjZfEH16u76TLRSts%2FkgCliQn79mAFSZZqwaDih9yoJ6AHD%2BFt1zLN9SPmWc8VW%2BF9uTu67T8ECjNDo15i3csouXcEAmxqM542Cl7yWN4thlDl873O2rg3Oc5SbNpWfv6oSldZ93twsLpq%2FGFHhDAIhWQGODCs4%2BJE0Z5HEhTU1qxRIUtQ1TUWnGvoknHY734Vc9CZB8FEBajbgz4yLOgY53YkX3Uhq9kwoSXNXmsw%2FjlSq3mB896Yp7WlFEw7cVWJBp4VQZz6jrH1q2%2FLBx3f8Ju2HhtLhBUddPTWeGgHySw39AtVk%2FNgUA%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Requested by: Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol: HTTP/1.1
Server: 193.57.219.95 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: fedhub.airfrance.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZLNTgIxFIX3PMWkexim%2FNoACcIGohLBiLAxpXObqUzbsbej4NM7gxNlgSZ20cXN6TnfPelgnPvELOE1B%2FTBtLiU4V5ZMySJ9xmyMJQQJ%2FmuwZWTjhsBDelCFWchHOdU0HQ%2Fe7EqfprnC53uxTR7F%2Fq%2Bu1lvjwtzrRd66UHvuxuavPH1XTozzXC1WjSQ65SSYDYdkue2BCli2qK8LXadVkyB9q9kj3Z4v8WjJkS9tiykiDnMDHpu%2FJDQJo3qUVSn7YcoYi3KOt0tCR7B4QmdNpokOOjU4JDkzjDLUSEzXAMyL9hqfHvDCg3LnPVW2JSMakFxBgYjdgpyX69ZMfjbgSOCK%2Fsio1KGWeEZMy4dQ81i%2FaEG4Y9plVK1DfGp%2B4k1Hg4%2BmFidcaew5NfKKJ3rCqtCo%2BxcP0mL6CXIb1D6L9BfZYKJ0rkYTxKrBJT8l5OrbcKL64xqg%2FD8a40%2BAQ%3D%3D&RelayState=3f9fb1784227632fffc45cfcaac9cf5de42eab40&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=AZCkhhB%2BII0IZsr4e0A4w64ZGFehEUYjZfEH16u76TLRSts%2FkgCliQn79mAFSZZqwaDih9yoJ6AHD%2BFt1zLN9SPmWc8VW%2BF9uTu67T8ECjNDo15i3csouXcEAmxqM542Cl7yWN4thlDl873O2rg3Oc5SbNpWfv6oSldZ93twsLpq%2FGFHhDAIhWQGODCs4%2BJE0Z5HEhTU1qxRIUtQ1TUWnGvoknHY734Vc9CZB8FEBajbgz4yLOgY53YkX3Uhq9kwoSXNXmsw%2FjlSq3mB896Yp7WlFEw7cVWJBp4VQZz6jrH1q2%2FLBx3f8Ju2HhtLhBUddPTWeGgHySw39AtVk%2FNgUA%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2flibs%2fhandlebars%2emin-latest%2ejs
Date: Wed, 24 Nov 2021 11:32:56 GMT
Server: Apache/2.4.51 (Unix) mod_jk/1.2.48
Connection: Keep-Alive
Keep-Alive: timeout=5, max=67
Content-Length: 0

GET
H/1.1

200
OK

SSO.saml2 Show response
fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/
Redirect Chain

https://cmstools.airfrance.fr/cmstoolsWeb/js/app/cmstools.min.js
https://hblsp.airfrance.fr/affwebservices/public/saml2authnrequest?ProviderID=urn:idp:prd:afr:pf:dmzi:choice&TYPE=33554433&REALMOID=06-000e292e-7273-1654-9c75-fd130a4640f7&GUID=&SMAUTHREASON=0&METH...
https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJRT8IwFIXf%2BRVL32FbgakNkCC8QFQiGBFeTGnvssrazt5O0V%2Fvhov6gCb2oQ83p%2Bd896SDcekzs4TnE...

0
0

142ms
42ms

Script
text/html

193.57.219.95
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJRT8IwFIXf%2BRVL32FbgakNkCC8QFQiGBFeTGnvssrazt5O0V%2Fvhov6gCb2oQ83p%2Bd896SDcekzs4TnEtAH0%2BpShntlzZBk3hfIwjAFmZW7DlcuddwI6KQuVLII4W1OBc33syer5MO8XOh8L6bFq9C3yWa9fVuYS73QSw96n2xo9sLXN%2FnMROFqtegg1zklwWw6JI%2FROT%2BLQNJulCQyhYTGsh%2BB6F30d10ZS5AXvX4lRSxhZtBz44eERjRux3Gb9u7imHUp6ydbEtyDwyM67UQkOOjc4JCUzjDLUSEzXAMyL9hqfH3FKg0rnPVW2JyMWkF1BgZjdgxyn69ZNfjbgSOCq%2Fsio1qGReUpGU8dQ82kfleD8Nu0SWnaBnnsfmKNh4MPJlYX3Cms%2BbUySpe6wWrQKPupn%2BRV9BLSL1D6L9BfZYKJ2rkaTzKrBNT8p5ObbcKT64xag%2FDn1xp9AA%3D%3D&RelayState=ce7d9514ca8346b095467bd4dcaf2c1181435b24&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=uyV4tsKfnF3KvAiU27jqqQM9faKjGtzJWJT1cSOZ6iJeq8tlWYXSAzqevM1Ld47HuK5k1v4mwNe%2B7NifLKI3Ukde2jrDVu6K09PhifHiSPrrW6frNmwRFP1C1lJZ8Rul3XuN0IUg42mb9hGw1g8FJbViw5iS0%2FkaCrSUNLFTQOMRwmDy28KhIKyYhpkfZyHQfmJZDrDtv0d826YbpGeOoWchssFdMDwZ%2Bjh8k3nf4g779lgm6Otex7gQQh7jgknTi74NiYPqMqDw5K%2FGQDbRkZFPmVY0JmWlrW1qdl8mva%2F24iCkjBLAQ88wsHBbte56tbn4m9hoPZnSpyBxsAgWIw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Requested by: Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
Protocol: HTTP/1.1
Server: 193.57.219.95 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS: fedhub.airfrance.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Location: https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6Y2hvaWNlIn0/SSO.saml2?SAMLRequest=lZJRT8IwFIXf%2BRVL32FbgakNkCC8QFQiGBFeTGnvssrazt5O0V%2Fvhov6gCb2oQ83p%2Bd896SDcekzs4TnEtAH0%2BpShntlzZBk3hfIwjAFmZW7DlcuddwI6KQuVLII4W1OBc33syer5MO8XOh8L6bFq9C3yWa9fVuYS73QSw96n2xo9sLXN%2FnMROFqtegg1zklwWw6JI%2FROT%2BLQNJulCQyhYTGsh%2BB6F30d10ZS5AXvX4lRSxhZtBz44eERjRux3Gb9u7imHUp6ydbEtyDwyM67UQkOOjc4JCUzjDLUSEzXAMyL9hqfH3FKg0rnPVW2JyMWkF1BgZjdgxyn69ZNfjbgSOCq%2Fsio1qGReUpGU8dQ82kfleD8Nu0SWnaBnnsfmKNh4MPJlYX3Cms%2BbUySpe6wWrQKPupn%2BRV9BLSL1D6L9BfZYKJ2rkaTzKrBNT8p5ObbcKT64xag%2FDn1xp9AA%3D%3D&RelayState=ce7d9514ca8346b095467bd4dcaf2c1181435b24&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=uyV4tsKfnF3KvAiU27jqqQM9faKjGtzJWJT1cSOZ6iJeq8tlWYXSAzqevM1Ld47HuK5k1v4mwNe%2B7NifLKI3Ukde2jrDVu6K09PhifHiSPrrW6frNmwRFP1C1lJZ8Rul3XuN0IUg42mb9hGw1g8FJbViw5iS0%2FkaCrSUNLFTQOMRwmDy28KhIKyYhpkfZyHQfmJZDrDtv0d826YbpGeOoWchssFdMDwZ%2Bjh8k3nf4g779lgm6Otex7gQQh7jgknTi74NiYPqMqDw5K%2FGQDbRkZFPmVY0JmWlrW1qdl8mva%2F24iCkjBLAQ88wsHBbte56tbn4m9hoPZnSpyBxsAgWIw%3D%3D&SMFED_UOR=$SM$https%3a%2f%2fcmstools%2eairfrance%2efr%2fcmstoolsWeb%2fjs%2fapp%2fcmstools%2emin%2ejs
Date: Wed, 24 Nov 2021 11:32:56 GMT
Server: Apache/2.4.51 (Unix) mod_jk/1.2.48
Connection: Keep-Alive
Keep-Alive: timeout=5, max=12
Content-Length: 0

GET
H/1.1 200
OK branding_afklm_2018.css
midpack.airfrance.fr/referentiel/css/ 18 KB
6 KB 101ms
38ms Stylesheet
text/css 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

6602cb2fc5345f2acca669f46213fe56ada744207465a8058950ce9911444d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Encoding: gzip
Last-Modified: Wed, 09 Dec 2020 14:14:31 GMT
ETag: "49d3-5b608ad893fc0"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=21600
X-AFKL-Site: tls
Accept-Ranges: bytes
Keep-Alive: timeout=15
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK logo-afkl-white.png
midpack.airfrance.fr/referentiel/dist/img/ 12 KB
13 KB 38ms
38ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/referentiel/dist/img/logo-afkl-white.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

011f158c22de2355cf5d778b1276d00a2885c32d8ddc1ad5a77938cf8b5b325c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 13 Mar 2019 12:40:15 GMT
ETag: "309a-583f91b7fa9c0"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 12442
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK spy_2.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 29 KB
29 KB 38ms
37ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/spy_2.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

a6fe71589e158e7a394067b850942aec026a2c87436f6dd1d80ee28b55522f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 13 Mar 2019 15:01:34 GMT
ETag: "73b9-583fb14e2ef80"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 29625
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK world-wide-web.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 19 KB
20 KB 42ms
41ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/world-wide-web.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

8a8f262550a1bc44fa38ce4ab57546b8f58fdf2355f1e0f41076d8fdedba24bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 13 Mar 2019 15:03:24 GMT
ETag: "4c55-583fb1b716700"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 19541
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK Time_2.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 3 KB
4 KB 40ms
39ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/Time_2.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fa52951f7331c77908baf0d24d1a8543dd9a8075c5effe7232236dbcfce849ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 13 Mar 2019 15:04:20 GMT
ETag: "dda-583fb1ec7e500"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3546
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK scribble.png
midpack.airfrance.fr/phishingvictim/fr/files/img/ 43 KB
44 KB 34ms
34ms Image
image/png 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/scribble.png

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

1a7dd77250a63697d83e7ca6bdc53a28cf0273109dc306128b9016ce1522caae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 13 Mar 2019 15:05:19 GMT
ETag: "ad83-583fb224c29c0"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/png
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 44419
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK intro.gif
midpack.airfrance.fr/phishingvictim/fr/files/img/ 516 KB
517 KB 39ms
38ms Image
image/gif 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/intro.gif

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

470b727588289bd5b5a85162cdf64cbbe1a8c291666d4f0ad8b056324799af50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:56 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Thu, 14 Mar 2019 09:49:00 GMT
ETag: "81119-5840ad4e6fb00"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/gif
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 528665
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:56 GMT

GET
H/1.1 200
OK giphy.gif
midpack.airfrance.fr/phishingvictim/fr/files/img/ 646 KB
646 KB 41ms
41ms Image
image/gif 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midpack.airfrance.fr/phishingvictim/fr/files/img/giphy.gif

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

5d2e992756c3ef2fb10d27bbcb49f4814cbeb402b198a901b44eb32ed5a5c205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Wed, 13 Mar 2019 08:06:38 GMT
ETag: "a1622-583f548f81f80"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: image/gif
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 661026
X-AFKL-Origin: back
Expires: Wed, 24 Nov 2021 17:32:57 GMT

GET
H/1.1 200 Phishing2020EN Show response
interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/ Frame 91A3 26 KB
7 KB 167ms
92ms Document
text/html 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

45c7bd0b27f752e372b5d1df2d1bef4d7c8e2c4c078e65c14a576f9653e0b716

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://midpack.airfrance.fr/

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-UA-Compatible: IE=Edge
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Allow: GET, POST, PUT, DELETE
Content-Encoding: gzip

GET
H/1.1 200
OK Montserrat-Regular.woff
midpack.airfrance.fr/referentiel/css/ 106 KB
106 KB 75ms
35ms Font
application/x-font-woff 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/Montserrat-Regular.woff

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fef89a9397dde1d5a81a920fb7f7d32ff01e9fcef520863043da25137c3f45f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Origin: https://midpack.airfrance.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Tue, 26 Jun 2018 07:16:15 GMT
ETag: "1a65c-56f86460b4dc0"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 108124
X-AFKL-Origin: back

GET
H/1.1 200
OK Montserrat-Medium.woff
midpack.airfrance.fr/referentiel/css/ 105 KB
106 KB 76ms
36ms Font
application/x-font-woff 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/css/Montserrat-Medium.woff

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

2f5d0a4dd2aa3a95f4d0add12842ad9a3c930216c823de771f9241f5eba6506e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/referentiel/css/branding_afklm_2018.css
Origin: https://midpack.airfrance.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Tue, 26 Jun 2018 07:16:14 GMT
ETag: "1a560-56f8645fc0b80"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 107872
X-AFKL-Origin: back

GET
H/1.1 200
OK icons-bootstrap-AF.woff
midpack.airfrance.fr/referentiel/dist/fonts/ 88 KB
89 KB 83ms
39ms Font
application/x-font-woff 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/referentiel/dist/fonts/icons-bootstrap-AF.woff

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

eece32ebb0977129661ee5f202f9fe796546a1e738ccf3246dcc44cddd952121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://midpack.airfrance.fr/referentiel/dist/css/bootstrap.css
Origin: https://midpack.airfrance.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Fri, 06 Oct 2017 08:24:16 GMT
ETag: "161e0-55adc9106cc00"
X-AFKL-Site: tls
Connection: Keep-Alive
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 90592
X-AFKL-Origin: back

GET
H/1.1 200
OK menuh.json Show response
midpack.airfrance.fr/phishingvictim/en/menuHorizontal/ 55 B
469 B 62ms
42ms XHR
application/json 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/menuHorizontal/menuh.json

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

fb7e9bcfd374a3ae723a031906d4c2424dc6317feb6f3c6dac267c9dc973e4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Thu, 07 Mar 2019 07:31:01 GMT
ETag: "37-5837c168bd740"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/json
Cache-Control: max-age=21600
X-AFKL-Site: tls
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 55
X-AFKL-Origin: back

GET
H/1.1 404
Not Found contextual_link.json Show response
midpack.airfrance.fr/phishingvictim/en/footer/ 2 KB
2 KB 145ms
92ms XHR
text/html 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/footer/contextual_link.json

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Tue, 10 Mar 2015 10:25:08 GMT
ETag: "772-510ec909ba900"
Vary: Accept-Encoding
Content-Type: text/html
Connection: Keep-Alive
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 958
X-AFKL-Origin: back

GET
H/1.1 404
Not Found footer.json Show response
midpack.airfrance.fr/phishingvictim/en/footer/ 2 KB
2 KB 154ms
92ms XHR
text/html 193.57.218.45
AIRFRANCE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://midpack.airfrance.fr/phishingvictim/en/footer/footer.json

Requested by

Host: midpack.airfrance.fr
URL: https://midpack.airfrance.fr/referentiel/dist/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.57.218.45 , France, ASN198340 (AIRFRANCE-AS, FR),

Reverse DNS

Software

Resource Hash

54a605f25d346cde69335038e7b5290e7e81a5c4cbe743f24c171fec5d0da3e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.airfrance.fr http://.airfranceklm.com http://.af-klm.com http://.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://midpack.airfrance.fr/phishingvictim/en/pageStandard/PhishingVictim.html
X-Requested-With: XMLHttpRequest
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 11:32:57 GMT
Via: 1.1 RT_PU, 1.1 RT_PU
Last-Modified: Tue, 10 Mar 2015 10:25:08 GMT
ETag: "772-510ec909ba900"
Vary: Accept-Encoding
Content-Type: text/html
Connection: Keep-Alive
X-AFKL-Site: tls
Content-Security-Policy: frame-ancestors 'self' http://*.airfrance.fr http://*.airfranceklm.com http://*.af-klm.com http://*.airfrance-is.com ; report-uri https://midpack.airfrance.fr/csp-report ;
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=15
Content-Length: 958
X-AFKL-Origin: back

GET
H/1.1 200 jquery-3.3.1.min.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/ Frame 91A3 85 KB
30 KB 43ms
42ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/jquery-3.3.1.min.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 jquery-migrate-3.0.0.min.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/ Frame 91A3 7 KB
3 KB 87ms
34ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.javascript.HeaderItems/jquery-migrate-3.0.0.min.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 jquery-ui.fork.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.javascript.JQueryUIHeaderItems/ Frame 91A3 209 KB
56 KB 99ms
44ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.javascript.JQueryUIHeaderItems/jquery-ui.fork.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

ce969cfd1160c3c2f3dbd83224eedca8cbb52fca0b47e65176f288e27ae1cd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 respondent-bundle.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwApplication/ Frame 91A3 109 KB
109 KB 132ms
48ms Script
text/plain 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwApplication/respondent-bundle.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

e1b56a7bbf3ceb5060af2d52607eb78d58f062e7ee30e1c506734da8be636aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Allow: GET, POST, PUT, DELETE
Connection: keep-alive
Cache-Control: public, max-age=31536000
Content-Disposition: inline
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Length: 111628
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 respondent-style-PhishingSurvey.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/ Frame 91A3 73 KB
14 KB 104ms
53ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

ccd02a20e8a7106dfa5beb04d12d4949b49e03aa8f8de05a0ef407cbc3118f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Allow: GET, POST, PUT, DELETE
Last-Modified: Wed, 24 Nov 2021 11:32:57 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 respondent-responsive-bundle-PhishingSurvey.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/ Frame 91A3 7 KB
2 KB 85ms
32ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-responsive-bundle-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

b4d82bafd0bbca1a71cdea5dc7e96a83a59cf511e33d602ec31bc5fe38af9bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Allow: GET, POST, PUT, DELETE
Last-Modified: Fri, 26 Apr 2019 13:31:52 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 apparence-respondent.css
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/ Frame 91A3 19 KB
3 KB 88ms
35ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.itw.web.ItwResources/apparence/apparence-respondent.css?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

9a404b7332da2b280df2399919c0145c9c6c1ed164a4334e4dc797110f4996a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Fri, 26 Apr 2019 13:32:58 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 respondent-utilities.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentUtilities/ Frame 91A3 11 KB
4 KB 116ms
31ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentUtilities/respondent-utilities.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

4beb17e5bdb7d81a5e94014ba1a8ce6f639d827d37df75a556909573a69277f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Fri, 26 Apr 2019 13:31:52 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 respondent-responsive.js Show response
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentResponsive/ Frame 91A3 10 KB
3 KB 117ms
30ms Script
application/javascript 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.resource.RespondentResponsive/respondent-responsive.js?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

48ecc2cd8b07ccdf53f0c6b5e2ddf35661fbb61c4b7768579fe47e8920097e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Fri, 26 Apr 2019 13:31:52 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: application/javascript
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 efm-respondent-icon.css
interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/ Frame 91A3 1 KB
1003 B 81ms
29ms Stylesheet
text/css 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

388015d4c90674adfd7e0e8e7f655c3508dcc1841525c0ff07fe898d4a90982f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Content-Encoding: gzip
Accept-Range: bytes
Last-Modified: Tue, 20 Nov 2018 09:14:24 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: text/css
Allow: GET, POST, PUT, DELETE
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Content-Disposition: inline
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 loading-ajax.gif
interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.behavior.dialog.DialogAjaxPreloaderPanel/ Frame 91A3 4 KB
5 KB 34ms
34ms Image
image/gif 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.tool.wicket.jqueryui.behavior.dialog.DialogAjaxPreloaderPanel/loading-ajax.gif?ver=3.8.1.c-20190426

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

9d50d7f26944d0c79dc4baa584d0a9b196d5382fefc23933343fce3065f4397b

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/answer/s/knefgy9xic/k/Phishing2020EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Accept-Range: bytes
Last-Modified: Mon, 11 Mar 2019 15:38:54 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: public, max-age=31536000
Content-Disposition: inline
Connection: keep-alive
Allow: GET, POST, PUT, DELETE
Content-Length: 4269
Expires: Thu, 24 Nov 2022 11:32:57 GMT

GET
H/1.1 200 IMG-ZECFuEWowV
interview.airfrance.fr/afklm/itw/lib/img/name/ Frame 91A3 11 KB
11 KB 31ms
31ms Image
image/png 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://interview.airfrance.fr/afklm/itw/lib/img/name/IMG-ZECFuEWowV

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS

Software

Eloquant /

Resource Hash

26ddbc12835eb3944119e1506d4df9d8f8dd28cd304da3bbfcdc4cf17f1f9377

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://interview.airfrance.fr/afklm/itw/efm/resource/com.interview.repondant.web.css.IRepondantCSS/respondent-style-PhishingSurvey.css?--11.124.10&ver=3.8.1.c-20190426
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 11:32:57 GMT
Allow: GET, POST, PUT, DELETE
Last-Modified: Wed, 24 Nov 2021 11:32:57 GMT
Server: Eloquant
Strict-Transport-Security: max-age=99999999; includeSubDomains; preload
Content-Type: image/png
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Content-Disposition: inline; filename="BandeauQuestionnaire.png"; filename*=UTF-8''BandeauQuestionnaire.png
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 efm-respondent-icon.woff
interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/ Frame 91A3 6 KB
6 KB 44ms
44ms Font
application/x-font-woff 31.193.53.126
EOLAS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.woff?7d8f279abb6d20e9e78400a3e9ed495a

Requested by

Host: interview.airfrance.fr
URL: https://interview.airfrance.fr/afklm/itw/efm/resource/com.eloquant.icon.IconScope/efm-respondent-icon.css?ver=3.8.1.c-20190426

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.193.53.126 , France, ASN15401 (EOLAS-AS, FR),

Reverse DNS