| | 158.191.172.221 | 200 OK | 0 B |
URL User Request GET HTTP/1.1IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://158.191.172.221/
Content-Length: 0
Content-Type: text/html; charset=UTF-8
|
|
| | 158.191.172.221 | 200 OK | 47 kB |
URL User Request GET HTTP/1.1IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1062), with CRLF, LF line terminators Hashfa79aba6a26dd14363e4fb4994505331 4af778d42f59ca8ba98ae9260d481fc5972a4313 5e47907e27750d85d1d6127520468d5e39a19b7d0580f4eb2396bf8852e80925
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:01:59 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Cache-Control: max-age=1200, max-age=2592000
Last-Modified: Thu, 18 Apr 2024 09:00:38 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
vha6-origin: cats-rd20-prd
Age: 89
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js | 192.229.233.55 | 200 OK | 92 kB |
URL GET HTTP/2cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js IP192.229.233.55:443
CertificateIssuerDigiCert Inc Subjectcdn.tagcommander.com Fingerprint85:75:8C:58:CC:C2:11:06:88:8D:37:6E:5C:FB:8B:A2:84:46:14:60 ValidityFri, 23 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62947) Hash863f73e8a16f10a59a4c8d8d0a541f12 ad66eeb9f09c1d7989a4c432daa68db356362bb9 1753aa67625347480fcb70136a5692663d3f313b4638ad9892148dec79d6dd5f
GET /3315/tc_PortailClientCreditAgricole_1.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 2596
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Thu, 18 Apr 2024 09:02:07 GMT
etag: "863f73e8a16f10a59a4c8d8d0a541f12+gzip"
last-modified: Wed, 10 Apr 2024 08:12:33 GMT
server: ECS (ska/F6FE)
vary: Accept-Encoding
x-amz-id-2: /3hup/Hu3NLXIP1FHnRbgRKI185kewrp+Ud2upj8Xbv7TZev/Uof0KRpitVHq7gMm3qU/bZxe0Y=
x-amz-request-id: 32Y217GC64XBCB6P
x-cache: HIT
x-cdn: edgio
content-length: 91825
X-Firefox-Spdy: h2
|
|
| cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_4.js | 192.229.233.55 | 200 OK | 23 kB |
URL GET HTTP/2cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_4.js IP192.229.233.55:443
CertificateIssuerDigiCert Inc Subjectcdn.tagcommander.com Fingerprint85:75:8C:58:CC:C2:11:06:88:8D:37:6E:5C:FB:8B:A2:84:46:14:60 ValidityFri, 23 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (52925) Hashd5145d5fe0ad227df816199e37de19b0 a32005aeec4fc529655ac4f01566092d3fbd424e 34188f537c437fe9ef61b696d7b9c29f9616359b92844c1b39764a71bbe528d0
GET /3315/tc_PortailClientCreditAgricole_4.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 13812
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Thu, 18 Apr 2024 09:02:07 GMT
etag: "d5145d5fe0ad227df816199e37de19b0+gzip"
last-modified: Wed, 28 Feb 2024 08:51:07 GMT
server: ECS (ska/F717)
vary: Accept-Encoding
x-amz-id-2: 8zBzaV62Yl06Oa2i51Gf7ojoi9DLJ8mQd/SLOK+GnnTPGiKcJYMjvUdhnNc51Pfc6PGzg8IaQLQ=
x-amz-request-id: KWV8YMNNKHHWEHTK
x-cache: HIT
x-cdn: edgio
content-length: 22995
X-Firefox-Spdy: h2
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css | 158.191.172.221 | 200 OK | 179 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (17306), with CRLF line terminators Size179 kB (179016 bytes) Hashc5b186ab51339e6796c659babef40b62 6a48fb2fe8a79c89413ef707b73ceb058ba4f39e 1276c73db909395b2a4db5862ce20003033b989e4de9f2d0c3e28cce09a0730d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: text/css
vha6-origin: cats-rd20-prd
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 3
Accept-Ranges: bytes
Content-Length: 179016
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorT33Part.min.7104663265acd9a52bdfa6d6cd9be92c.css | 158.191.172.221 | 200 OK | 12 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorT33Part.min.7104663265acd9a52bdfa6d6cd9be92c.css IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4384) Hash7104663265acd9a52bdfa6d6cd9be92c 70b9a27785757a5e43dedba859933c9912137e5f 1342cc95d2cca8a058647dde23001b081bff69ac4a10958d5743e16e405ec1e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorT33Part.min.7104663265acd9a52bdfa6d6cd9be92c.css HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:48 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 11477
Content-Type: text/css
vha6-origin: cats-rd16-prd
Age: 1885336
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorT34Part.min.64b934360388b7ca5bd2fecbaf2b26b5.css | 158.191.172.221 | 200 OK | 12 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorT34Part.min.64b934360388b7ca5bd2fecbaf2b26b5.css IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4384), with CRLF line terminators Hash64b934360388b7ca5bd2fecbaf2b26b5 9997db8ae5fe79c004654a1c00a32fbd34c840ed 715ee8a6cd4cc72412c7c522948fc626d5d6d024b1dfd4948fbd098f295ba725
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorT34Part.min.64b934360388b7ca5bd2fecbaf2b26b5.css HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:46 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 12276
Content-Type: text/css
vha6-origin: cats-rd20-prd
Age: 1885341
X-Cache: HIT
X-Cache-Hits: 4
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css | 158.191.172.221 | 200 OK | 25 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash363f411ba212d4d1ccf7856f856145e9 08331057577f273187dd15e7c6f57937835e0aff c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 18:16:09 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Mon, 25 Mar 2024 15:35:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: text/css
vha6-origin: cats-rd16-prd
Age: 2050013
X-Cache: HIT
X-Cache-Hits: 9
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibMarcheSpeBanquePriveePart.min.01184c8fbdfaeee8cf48e9684d76e1dc.css | 158.191.172.221 | 200 OK | 10 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibMarcheSpeBanquePriveePart.min.01184c8fbdfaeee8cf48e9684d76e1dc.css IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (4384) Hash01184c8fbdfaeee8cf48e9684d76e1dc 4ce6ae4375a06e338608963c41b81c081767e8c9 515d775ff20834c330e7cf850addad8c66b84d342108d0133269dfce2e6de2cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibMarcheSpeBanquePriveePart.min.01184c8fbdfaeee8cf48e9684d76e1dc.css HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:53 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 10503
Content-Type: text/css
vha6-origin: cats-rd20-prd
Age: 1885334
X-Cache: HIT
X-Cache-Hits: 4
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_2.js | 192.229.233.55 | 200 OK | 66 kB |
URL GET HTTP/2cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_2.js IP192.229.233.55:443
CertificateIssuerDigiCert Inc Subjectcdn.tagcommander.com Fingerprint85:75:8C:58:CC:C2:11:06:88:8D:37:6E:5C:FB:8B:A2:84:46:14:60 ValidityFri, 23 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61026) Hash415a76ae668489396695b614ada97076 1e1a8d71391af4d06058e6ca46097e64c11a4336 fa3420d1efa393cc190de5b4d2d60084cf3d8f6bdc17a76950e7b0e00427b67a
GET /3315/tc_PortailClientCreditAgricole_2.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 13812
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Thu, 18 Apr 2024 09:02:07 GMT
etag: "415a76ae668489396695b614ada97076+gzip"
last-modified: Mon, 18 Mar 2024 14:24:37 GMT
server: ECS (ska/F710)
vary: Accept-Encoding
x-amz-id-2: C6mwUrMtmpZcrd5jyQ6l3KKI6w+0RgesUoPdyC3E2dV+BIm0i8eifXVA8UCjp+0o9AH/c499zDQ=
x-amz-request-id: KWV8QAHKQX2X9SPQ
x-cache: HIT
x-cdn: edgio
content-length: 66272
X-Firefox-Spdy: h2
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-jquery.min.d41d8cd98f00b204e9800998ecf8427e.js | 158.191.172.221 | 200 OK | 20 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-jquery.min.d41d8cd98f00b204e9800998ecf8427e.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-jquery.min.d41d8cd98f00b204e9800998ecf8427e.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 11:22:41 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:21:31 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: application/javascript
Age: 1885236
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js | 158.191.172.221 | 200 OK | 3.9 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (547) Hash423ec59365a85ebded314ad7311ef508 41d14b0fbb6c2e98b1cce2c476ff22e79799ec7b 7ab2e59e0914ae8a584648bf864b74b320f9281399508a1cfb346e8243e539a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 04:54:12 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:12:57 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 3936
Content-Type: application/javascript
vha6-origin: cats-rd20-prd
Age: 1892950
X-Cache: HIT
X-Cache-Hits: 6
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js | 158.191.172.221 | 200 OK | 2.0 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (697) Hash579a107dd681c49bc61dae63734043cb 4bafe4046cb65973bb961cc58005ab8c919e9410 ccfaed1510758f03a3e906fdf12069ff973d37d71316220c240a2ddd1fef6cf8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:48 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 2018
Content-Type: application/javascript
vha6-origin: cats-rd16-prd
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.d60873be6e7b5a14dedf919ffe2b8041.js | 158.191.172.221 | 200 OK | 7.6 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.d60873be6e7b5a14dedf919ffe2b8041.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (587) Hashd60873be6e7b5a14dedf919ffe2b8041 f672af1bfa9749bff05ad06574bb652bb9cf3a10 c0f4478bae253d6cf0b7e962ab05fe674172d435aa8226c2beaf4d7513799b1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.d60873be6e7b5a14dedf919ffe2b8041.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:12:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 7647
Content-Type: application/javascript
Age: 1893005
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/clientlibs/granite/jquery.min.3fa47a8976d292401e5e89639c528426.js | 158.191.172.221 | 200 OK | 43 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/clientlibs/granite/jquery.min.3fa47a8976d292401e5e89639c528426.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (585) Hash3fa47a8976d292401e5e89639c528426 a98bcad2397e229e72874a80168f5ad75762b253 8177840b502e6908014c6955695127284c51f7223c7c5af90a08140c10e1f26f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/clientlibs/granite/jquery.min.3fa47a8976d292401e5e89639c528426.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 12 Apr 2024 00:26:13 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:18:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 43408
Content-Type: application/javascript
Age: 1885445
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-megaMenu.min.aff50281a952832fdeacd96e3c8b33a1.js | 158.191.172.221 | 200 OK | 5.7 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-megaMenu.min.aff50281a952832fdeacd96e3c8b33a1.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (686) Hashaff50281a952832fdeacd96e3c8b33a1 7f42c6c4b4733f88cf94700e43a9485f2ca46ee7 50e6f8821b2a85c1f0f84ad980c94d7ebab76aaae5c489523fc6f790fb4c5f90
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-megaMenu.min.aff50281a952832fdeacd96e3c8b33a1.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:49 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:09:12 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 5660
Content-Type: application/javascript
vha6-origin: cats-rd16-prd
Age: 1893175
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/ca/npc/components/content/bandeau-hero/clientlib-tracking.min.d4cb91bb065f774c0acfc5499d9d66c8.js | 158.191.172.221 | 200 OK | 624 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/ca/npc/components/content/bandeau-hero/clientlib-tracking.min.d4cb91bb065f774c0acfc5499d9d66c8.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (547) Hashd4cb91bb065f774c0acfc5499d9d66c8 e50d6b2b07a54d75789f17debe01a930b52deccf 4bca25ddb1ff5ef0d2a1d8439a3c74f4caa32246e147038c483163fc942b1f22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/ca/npc/components/content/bandeau-hero/clientlib-tracking.min.d4cb91bb065f774c0acfc5499d9d66c8.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 11 Apr 2024 23:24:43 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 624
Content-Type: application/javascript
vha6-origin: cats-rd17-prd
Age: 1885343
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-jquery-additional.min.69a2cd87a90a8bee86d80043790b6e24.js | 158.191.172.221 | 200 OK | 44 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-jquery-additional.min.69a2cd87a90a8bee86d80043790b6e24.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (567) Hash69a2cd87a90a8bee86d80043790b6e24 287c11c8a2c63736a24ce7cc56780efb14985f32 8720c2af88865b055295da09d2f6142d18fd56806633bc63568491e23cfe21c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-jquery-additional.min.69a2cd87a90a8bee86d80043790b6e24.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:02:12 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 44304
Content-Type: application/javascript
Age: 1893595
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-common.min.143bef7d180c66d7f24c7d89de9d2ddc.js | 158.191.172.221 | 200 OK | 15 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-common.min.143bef7d180c66d7f24c7d89de9d2ddc.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1853) Hash143bef7d180c66d7f24c7d89de9d2ddc be147850ba872b4c270edc0650bd6f2d6e80e098 e8fbf759d6abb412ccf036a30a28f4519f2675bf1e1242392791d66c5d467699
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-common.min.143bef7d180c66d7f24c7d89de9d2ddc.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:55:11 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 15219
Content-Type: application/javascript
vha6-origin: cats-rd13-prd
Age: 1890416
X-Cache: HIT
X-Cache-Hits: 3
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/ca/npc/components/content/animation-commerciale-v2/clientlib-tracking.min.2bc1829a60bc011b08b0beb2e3f911d0.js | 158.191.172.221 | 200 OK | 648 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/ca/npc/components/content/animation-commerciale-v2/clientlib-tracking.min.2bc1829a60bc011b08b0beb2e3f911d0.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (527) Hash2bc1829a60bc011b08b0beb2e3f911d0 8d9757bf921d739e0fc096d134f9c539b4b3758f 1f331729c98c8de0d35728ec24666753cdc78bc0954ee0e48f06beb8e7afd8dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/ca/npc/components/content/animation-commerciale-v2/clientlib-tracking.min.2bc1829a60bc011b08b0beb2e3f911d0.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 648
Content-Type: application/javascript
Age: 1885337
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/ca/npc/components/content/mon-agence-v2/clientlib.min.7ee7b86136888cd0dd8e6bb2a248b595.js | 158.191.172.221 | 200 OK | 1.9 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/ca/npc/components/content/mon-agence-v2/clientlib.min.7ee7b86136888cd0dd8e6bb2a248b595.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (544) Hash7ee7b86136888cd0dd8e6bb2a248b595 ad3fc9e12e64e64082fa0e7fc2a8058044f3d574 9a7b65fd3788bccb77cb5d61b9161d14bb8e9a0041eb9a3a833c62162cedc44a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/ca/npc/components/content/mon-agence-v2/clientlib.min.7ee7b86136888cd0dd8e6bb2a248b595.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:50 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Mon, 25 Mar 2024 15:35:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 1893
Content-Type: application/javascript
vha6-origin: cats-rd16-prd
Age: 2050014
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/ca/npc/components/content/liste-vignettes/liste-vignettes-template/clientlib.min.fbfa6ce188b7ab79710efaedbdb8a905.js | 158.191.172.221 | 200 OK | 498 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/ca/npc/components/content/liste-vignettes/liste-vignettes-template/clientlib.min.fbfa6ce188b7ab79710efaedbdb8a905.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (523) Hashfbfa6ce188b7ab79710efaedbdb8a905 9107d56ffd0af55c41e4104a6e9e142330f99552 6abf2e5a57a5229d3237667b13aee76464de838f0fa52d53367078b55a9eb584
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/ca/npc/components/content/liste-vignettes/liste-vignettes-template/clientlib.min.fbfa6ce188b7ab79710efaedbdb8a905.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 498
Content-Type: application/javascript
Age: 1885344
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.b0cd53ddf0c5f4d074c66058d2b4b5d2.js | 158.191.172.221 | 200 OK | 125 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.b0cd53ddf0c5f4d074c66058d2b4b5d2.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (567) Size125 kB (125220 bytes) Hashb0cd53ddf0c5f4d074c66058d2b4b5d2 a9f5bef6a8a4b75a4d91ecadb8c39d57a86f3dbf 290121f9aa7038a91020387feaed68505a71e3f58a2c150417b7bb5f61f3a4b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.b0cd53ddf0c5f4d074c66058d2b4b5d2.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:53 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: application/javascript
vha6-origin: cats-rd20-prd
Age: 1885334
X-Cache: HIT
X-Cache-Hits: 6
Accept-Ranges: bytes
Content-Length: 125220
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/clientlibs/social/thirdparty/underscore.min.3d06cd4a72d11afe999ddcf4b36b7663.js | 158.191.172.221 | 200 OK | 5.9 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/clientlibs/social/thirdparty/underscore.min.3d06cd4a72d11afe999ddcf4b36b7663.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (537) Hash3d06cd4a72d11afe999ddcf4b36b7663 0b897e621a9498827bfa4fb941a848063f7b0662 39f126271dadc1c208dfc0aee95d58ef38e560d8d292efacb1d86ac9c999fc85
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/clientlibs/social/thirdparty/underscore.min.3d06cd4a72d11afe999ddcf4b36b7663.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 5945
Content-Type: application/javascript
Age: 1885276
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertGeneralVitrine.min.7da779e73f4ed544751f88caa48990c9.js | 158.191.172.221 | 200 OK | 51 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertGeneralVitrine.min.7da779e73f4ed544751f88caa48990c9.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (566) Hash7da779e73f4ed544751f88caa48990c9 885a7329609fce52fbc90b1651413d174e6a6c05 57941d8ab7fb6a978bd8c2f7344663034acb69ea0e0f0aa048bfb0359964f996
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertGeneralVitrine.min.7da779e73f4ed544751f88caa48990c9.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 01 Apr 2024 11:36:59 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:16:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 50973
Content-Type: application/javascript
Age: 1892753
X-Cache: HIT
X-Cache-Hits: 11
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| 158.191.172.221/libs/granite/csrf/token.json | 158.191.172.221 | 200 OK | 22 B |
URL GET HTTP/1.1158.191.172.221/libs/granite/csrf/token.json IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /libs/granite/csrf/token.json HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Cache-Control: private,no-cache,no-store, no-cache
Expires: -1
X-Content-Type-Options: nosniff, nosniff
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/json;charset=iso-8859-1
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Set-Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; Path=/; Secure; HttpOnly;SameSite=Strict
ARPT=rd189o00000000000000000000ffff0a9b3764o8140; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| 158.191.172.221/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub | 158.191.172.221 | 200 OK | 60 kB |
URL GET HTTP/1.1158.191.172.221/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (885) Hash8de3c9650791af650a8ee87ffa0520d5 5c4b716abf5e254322f8a98760547c73770606b1 e45f22f5231f12897b9498f220f96d3da2e932a53b1d38f60d0736c215318a45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Cache-Control: max-age=2629800
X-Content-Type-Options: nosniff, nosniff
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
ETag: "3ddba4b20fbb647eb19124d51229bc19ecb4126d-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/javascript; charset=utf-8
Age: 0
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibPageProduit.min.d70b9a47b6dadcb81fc4cc9eb8728693.js | 158.191.172.221 | 200 OK | 531 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibPageProduit.min.d70b9a47b6dadcb81fc4cc9eb8728693.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (505) Hashd70b9a47b6dadcb81fc4cc9eb8728693 94fb8703c175fc5fa2bab3c792f214c79ce19364 2f420541456e63181d90ce60504c7909c9585324a4f8cc72c89d812d45913835
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibPageProduit.min.d70b9a47b6dadcb81fc4cc9eb8728693.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Length: 531
Content-Type: application/javascript
Age: 1885336
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/npc/logos/logo_ca.png | 158.191.172.221 | 200 OK | 2.0 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/npc/logos/logo_ca.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 83 x 64, 8-bit/color RGB, non-interlaced Hasha5777291aa794d7d07285c839571662a 284f3d6b64462c946a640072bb57e512307bf8ab 1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/npc/logos/logo_ca.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 11:22:42 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:15 GMT
Content-Length: 2037
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
vha6-origin: cats-rd13-prd
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 5
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/ZAC_2_320X210_SOCIETARIAT.jpg | 158.191.172.221 | 200 OK | 64 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/ZAC_2_320X210_SOCIETARIAT.jpg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x210, components 3 Hash72234bdf598cd13427509ab98ae21544 6878d4b0e09d9d05c1736d019386e2e6503e5305 c3cbe1ed63b5e19bb4cd97895637167a16b91c59d2d0094c94a1c524dbf5cc5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/ZAC_2_320X210_SOCIETARIAT.jpg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 17:42:52 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:54 GMT
Content-Length: 64525
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/jpeg
vha6-origin: cats-rd13-prd
Age: 1885334
X-Cache: HIT
X-Cache-Hits: 4
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/zac2-hp-part-bp-jecorenove.jpg | 158.191.172.221 | 200 OK | 37 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/zac2-hp-part-bp-jecorenove.jpg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 218x183, components 3 Hash08990c8d0e6ff002324c3ae56dc64820 e4b15998b39fc460a80eb56b779078ea5d265aa5 f3442f67d17ee1174866e42f0db2c88be864fb95716b72705abeab8843eb2b83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/zac2-hp-part-bp-jecorenove.jpg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:53 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:55 GMT
Content-Length: 37181
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/jpeg
vha6-origin: cats-rd17-prd
Age: 1885333
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/zac-part-pel-booste.jpg | 158.191.172.221 | 200 OK | 32 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/zac-part-pel-booste.jpg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 218x183, components 3 Hash57fc0bb85e24eb20fc9bd2e3d7d478e6 810c671643bfaa1509a0de8d4b1163e90bd48e76 48102af41895a80e156374b6e1293f4f430c27e2b05acbf44b8203dd98815c00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/zac-part-pel-booste.jpg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Fri, 12 Apr 2024 16:23:33 GMT
Content-Length: 32395
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/jpeg
Age: 491915
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/zac1-hp-part-pret-immo.jpg | 158.191.172.221 | 200 OK | 34 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/zac1-hp-part-pret-immo.jpg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 218x183, components 3 Hash0f22eb93d2a7d88a2b259afb48743c3f a421979fffc5157322822b3481f7fbd33786e740 081bae1cdbe02bdf1ebc7cc80d36ec4e51637adc423e7649220d77fe9659873d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/zac1-hp-part-pret-immo.jpg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:48 GMT
Content-Length: 34388
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/jpeg
vha6-origin: cats-rd15-prd
Age: 1885340
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| 158.191.172.221/conf/ca/settings/wcm/segments/commun.seg.branche1.js | 158.191.172.221 | 200 OK | 240 B |
URL GET HTTP/1.1158.191.172.221/conf/ca/settings/wcm/segments/commun.seg.branche1.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hash6423aef4b79c6edb3a2e7daa78e0e65d b5955e8ed0ddf463852733228ab2ddea55af89fb a840cc7b5c9455333e476ea8f3ca90fa922c227432e663707f1efed173c91f07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /conf/ca/settings/wcm/segments/commun.seg.branche1.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Cache-Control: max-age=1140, max-age=2592000
Last-Modified: Wed, 17 Apr 2024 10:33:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Length: 240
Content-Type: application/javascript
Age: 80891
X-Cache: MISS
X-Cache-Hits: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-npc-components.min.72115c70996cb005dd131f8ada973c8b.js | 158.191.172.221 | 200 OK | 206 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-npc-components.min.72115c70996cb005dd131f8ada973c8b.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1853) Size206 kB (205735 bytes) Hash72115c70996cb005dd131f8ada973c8b a2414bb50f9b5a3b1e4659f451a045d4c3b2494b db36f94416e125afeb38bf574f2e1153768e0d2992f640c4fdbedb331c820e52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-npc-components.min.72115c70996cb005dd131f8ada973c8b.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 21:00:02 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Mon, 25 Mar 2024 15:35:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: application/javascript
vha6-origin: cats-rd17-prd
Age: 2050014
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Content-Length: 205735
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| 158.191.172.221/conf/ca/settings/wcm/segments/national.seg.branche1.js | 158.191.172.221 | 200 OK | 242 B |
URL GET HTTP/1.1158.191.172.221/conf/ca/settings/wcm/segments/national.seg.branche1.js IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
Hashec4a2c1d14211edd059f19eeb8b777a0 c553b4b32a0e44d7ad50ac9cd0d88ed3fb7cdf88 fe8aa3da829b79a3304a0773e5de3535d9e85322235b117ec35428d66c6eb769
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /conf/ca/settings/wcm/segments/national.seg.branche1.js HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Cache-Control: max-age=1140, max-age=2592000
Last-Modified: Wed, 17 Apr 2024 10:33:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Length: 242
Content-Type: application/javascript
Age: 80890
X-Cache: MISS
X-Cache-Hits: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/Reg_engagements.svg | 158.191.172.221 | 200 OK | 12 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/Reg_engagements.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha63b1f00d7632505e04a92a3df98e2d5 7ba9c1ecbd70c50b1fc811dffbcb4e6d4f4ed3ab 3de650b519e0d259947080dbc2ae0e94134f42755f20346aee2a1f99c23b25da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/hp-part/Reg_engagements.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Mon, 25 Mar 2024 15:35:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd13-prd
Age: 2050013
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11759
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_01.png | 158.191.172.221 | 200 OK | 76 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_01.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 230 x 140, 8-bit/color RGBA, non-interlaced Hash4a129a9a3ac7222f6ebc88bb8cd31535 24eed484837efd810a02a19a819cdf225f3e09f2 5b54a0814b08718a4fb56b9dfe722cd4da4ec3a3b01cd7fe084dc525b693b2df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_01.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:05 GMT
Content-Length: 76499
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
vha6-origin: cats-rd20-prd
Age: 1885323
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_02.png | 158.191.172.221 | 200 OK | 63 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_02.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 230 x 140, 8-bit/color RGBA, non-interlaced Hashff3f66d51fa4162a74eeca5df3947533 fbb7143f0650c5360a4bcd9300ce3ce2f8fda40c 38b1ebb479d03dcf897dc16fdd52a974f30d0d1063ed4699c323c28f4df7a576
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_02.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:54 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:48 GMT
Content-Length: 63290
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
vha6-origin: cats-rd16-prd
Age: 1885340
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_03.png | 158.191.172.221 | 200 OK | 81 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_03.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 230 x 140, 8-bit/color RGBA, non-interlaced Hashdb962331b7653c8a513c202ec5eb2d51 2b5674a9a3d4d9e82369a0d8966d66cc53a068a5 c04f41b521ba2451a5f5a09616540de8d016136ebfc24b6ec0b894e45ee36e52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/hp-part/engagements_03.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:54 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:47 GMT
Content-Length: 81364
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
vha6-origin: cats-rd17-prd
Age: 1885341
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/component/Google_Play_Store_badge_FR.svg | 158.191.172.221 | 200 OK | 5.2 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/component/Google_Play_Store_badge_FR.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2d17e424c65f0d368aa7ded63181e537 e7e9ecbdd390c56e37350abec99f37432a0cf98e e5c925ec3b8fd4931f25522270b7cd49b31b7548b4997bf0b4fcdb011eeaf9c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/component/Google_Play_Store_badge_FR.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:18:18 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd15-prd
Age: 1885430
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5157
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/images/commun/mal-entendant.png | 158.191.172.221 | 200 OK | 790 B |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/images/commun/mal-entendant.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 24 x 21, 8-bit colormap, non-interlaced Hash2d5d1e7a383d7fd1cffa09d4aaf251d5 525ae2af88ac15cd4c0b28f6b70334bba0e275b9 82992c2fc9db324cc2ec924f246301c95abcad1883df53f1e220f86eed9582de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/images/commun/mal-entendant.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 14:04:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Tue, 09 Apr 2024 17:23:06 GMT
Content-Length: 790
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
vha6-origin: cats-rd16-prd
Age: 747542
X-Cache: HIT
X-Cache-Hits: 66
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/component/App_Store_Badge_FR.svg | 158.191.172.221 | 200 OK | 4.6 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/component/App_Store_Badge_FR.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2cfdd0a74cd257a00a1821b968acfa92 efe192af3ceb39e959488197fe2385e23781cfb5 86b6a05f6c8ac9e9a0637edf4f15420d06c8c7bc69662792a46793c1f948b023
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/component/App_Store_Badge_FR.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:51 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd20-prd
Age: 1885337
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4594
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/LogoCAblanc.svg | 158.191.172.221 | 200 OK | 2.6 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/LogoCAblanc.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash7f29b3f9fcd1512bf86431b36ba1e305 00f2eed51e26cb0c6f9ae8dc5d3a977ae0d94218 1fb79bf1b2568638628cfc6ca5e24b23099cb3dbd1088718a47080a057badb24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/LogoCAblanc.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 11:00:43 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 66
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2589
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/Hero_National.png | 158.191.172.221 | 200 OK | 290 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/Hero_National.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 548 x 290, 8-bit/color RGBA, non-interlaced Size290 kB (290004 bytes) Hash4b2a095ce9060e94d088cedc873aae9b f371fb207acb5fd0a4e31e3e7354885b87b74d1b bab0c7e864f445ae999c5ebfe05aeeaf7e0e9e9da2a382123d107d4848c9cc10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/hp-part/Hero_National.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 05 Apr 2024 10:54:41 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:48 GMT
Content-Length: 290004
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
Age: 1885339
X-Cache: HIT
X-Cache-Hits: 6
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg | 158.191.172.221 | 200 OK | 6.3 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8a6438815d53936ba84ffbef78c8bcfc e178faa510c663b51d88b5979bbc53c73fcaf3e1 5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 13:51:10 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:47 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885341
X-Cache: HIT
X-Cache-Hits: 140
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-SemiBold.woff2 | 158.191.172.221 | 200 OK | 52 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-SemiBold.woff2 IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 52188, version 1.0 Hashdbee1c4201517c33a8c7269601afc5c7 2ed85013b2fd9b904264bebfa842a25b9f8259b4 0617aa7cdb72567c16c28fee6d42a6cc466df1e02212f98596b5cb429b6a173c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-SemiBold.woff2 HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 15 Apr 2024 15:30:52 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Sun, 14 Apr 2024 16:14:37 GMT
Content-Length: 52188
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
vha6-origin: cats-rd16-prd
Age: 319651
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/plain
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-Regular.woff2 | 158.191.172.221 | 200 OK | 50 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-Regular.woff2 IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 50180, version 1.0 Hasha725497524525c361f0d545e4e8ec577 b0135a2d4e69e1a7aeb1d269c9ee43e37fdcc29f 893f7f57805f1a70e7cb63621dcc596e49fc87551d1231c7756b7a958bac931b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-Regular.woff2 HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 11 Apr 2024 23:40:11 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Thu, 11 Apr 2024 16:27:42 GMT
Content-Length: 50180
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
vha6-origin: cats-rd17-prd
Age: 578066
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/plain
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/montserrat/Montserrat-Bold.woff2 | 158.191.172.221 | 200 OK | 87 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/montserrat/Montserrat-Bold.woff2 IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 86804, version 7.14548 Hash5d01e6b586c901792ba220af37c171f4 5e15bf15ff929945bd1b140c15da631142fd23ac 294653dc1466dcda027c8ff4d80f7bc8fb074fc0daacab9afde68c1f7646bb1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/montserrat/Montserrat-Bold.woff2 HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 07 Apr 2024 10:11:43 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Sat, 06 Apr 2024 16:35:08 GMT
Content-Length: 86804
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
vha6-origin: cats-rd20-prd
Age: 1009620
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/plain
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy-r2401.woff2 | 158.191.172.221 | 200 OK | 64 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy-r2401.woff2 IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63640, version 1.0 Hash108c70331f4db7cee55cf954b544eab8 2cab432ee37fe60d4b3e111e274c12d16cd95238 3de91700b0970842a5cee28d7aee5f05bca56fa1951377a4e9470b19c3afc269
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy-r2401.woff2 HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibMarcheSpeBanquePriveePart.min.01184c8fbdfaeee8cf48e9684d76e1dc.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 27 Mar 2024 21:14:25 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:51 GMT
Content-Length: 63640
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
vha6-origin: cats-rd17-prd
Age: 1885337
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/plain
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-Bold.woff2 | 158.191.172.221 | 200 OK | 52 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-Bold.woff2 IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 52016, version 1.0 Hashc9e6ced6ee6d6f30cc5d3de2a811c27a c81657cf6561a0b53204237dd231c4eaa0e5d9f2 5fd2e0b935a3fb40a41495182558112674c6508349974e523b7441e0835c0b3a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/opensans/OpenSans-Bold.woff2 HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 11 Apr 2024 23:40:12 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Thu, 11 Apr 2024 14:41:42 GMT
Content-Length: 52016
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
vha6-origin: cats-rd17-prd
Age: 584426
X-Cache: HIT
X-Cache-Hits: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/plain
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Assurances%20habitation.svg | 158.191.172.221 | 200 OK | 1.0 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Assurances%20habitation.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf62f56346b0aa0e4f1b1d6890077829c 0d534c8a1f33cf5daef21a702b1e5db53437b70f 392ed51634ec6d034411654270bd6040606f7a04c1df24b6f197c1566edd3649
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Assurances%20habitation.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:13 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885315
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1009
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Assurances%20auto%20et%202%20roues.svg | 158.191.172.221 | 200 OK | 1.3 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Assurances%20auto%20et%202%20roues.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash5f794c1db10e9eafe2f3dbe3b3c5994b 46c242e5ab12af0a5734e80370d71624deaa6aba 6f1014ef2c9dfce7609af7840d79b68ab334a1d4807da10fc8726097d6acea6b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Assurances%20auto%20et%202%20roues.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 13:28:36 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:45 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd14-prd
Age: 1885343
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1331
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| 158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/montserrat/Montserrat-SemiBold.woff2 | 158.191.172.221 | 200 OK | 86 kB |
URL GET HTTP/1.1158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/montserrat/Montserrat-SemiBold.woff2 IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 86544, version 7.14548 Hash59bc8987bcee30f5d2e15a879d54899b afa9c470c261acc9e259d2c31fa6a8aa9ddd6a89 12e1a9890320276b7c7c6fe95ccf06b7619ded7644e5decc56ff2c7449145301
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-resources/resources/fonts/montserrat/Montserrat-SemiBold.woff2 HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://158.191.172.221/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-part.min.c5b186ab51339e6796c659babef40b62.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 03 Apr 2024 03:23:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Tue, 02 Apr 2024 14:30:38 GMT
Content-Length: 86544
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
vha6-origin: cats-rd20-prd
Age: 1362690
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/plain
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Cr%C3%A9dit%20%20Immobilier.svg | 158.191.172.221 | 200 OK | 630 B |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Cr%C3%A9dit%20%20Immobilier.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash104fdf33566a09ccbd43d68fa5060fbb 9bf6090fb6e2b02fa1b2bddbb93fd51692bd3762 2d1b40aa87fa8530f0cf78ec9d73a568cdf5947acc395c4969265742898e5ef0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Cr%C3%A9dit%20%20Immobilier.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:00:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:55:12 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd16-prd
Age: 1890416
X-Cache: HIT
X-Cache-Hits: 3
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 630
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Cr%C3%A9dit%20conso.svg | 158.191.172.221 | 200 OK | 969 B |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Cr%C3%A9dit%20conso.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash1a0aa04de588edac1ee4066d1ccac926 08fa5bd2512ace59c0198cdb8633265902c218bb 2e0456e458be7f7ffe347c5a86f32e0e05e686c183f53459f9dde50361a170d9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/pictogramme/pictos-cp/Cr%C3%A9dit%20conso.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 11 Apr 2024 23:24:43 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:14 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd17-prd
Age: 1885314
X-Cache: HIT
X-Cache-Hits: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 969
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg | 158.191.172.221 | 200 OK | 4.7 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash267925c136126fd813e021bb85ef59d8 a6bae108371ab294c00d28c01f3e415feb7ed36f 4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 27 Mar 2024 21:58:10 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:51 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd20-prd
Age: 1885337
X-Cache: HIT
X-Cache-Hits: 125
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/Societariat_NAT_CR.svg | 158.191.172.221 | 200 OK | 626 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/hp-part/Societariat_NAT_CR.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size626 kB (626524 bytes) Hash694a2c25d05c028839f392d5b3843226 601c21e964749ed99f27fb8ec5ddf2ebae29b1b4 48d6e2d92d79cd42d01e208fcb8f62c1da26bd7d7e24247f038da11682ee15d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/hp-part/Societariat_NAT_CR.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:52 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885336
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg | 158.191.172.221 | 200 OK | 4.7 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash267925c136126fd813e021bb85ef59d8 a6bae108371ab294c00d28c01f3e415feb7ed36f 4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 10 Apr 2024 14:04:07 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:52 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd16-prd
Age: 1885336
X-Cache: HIT
X-Cache-Hits: 40
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg | 158.191.172.221 | 200 OK | 4.7 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash267925c136126fd813e021bb85ef59d8 a6bae108371ab294c00d28c01f3e415feb7ed36f 4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 27 Mar 2024 21:58:10 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:51 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd20-prd
Age: 1885337
X-Cache: HIT
X-Cache-Hits: 126
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg | 158.191.172.221 | 200 OK | 6.3 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8a6438815d53936ba84ffbef78c8bcfc e178faa510c663b51d88b5979bbc53c73fcaf3e1 5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 17:42:51 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd13-prd
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 3
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
|
|
| cdn.tagcommander.com/3315/tc_CreditAgricoleCRSitemaitre_6.js | 192.229.233.55 | 200 OK | 56 kB |
URL GET HTTP/2cdn.tagcommander.com/3315/tc_CreditAgricoleCRSitemaitre_6.js IP192.229.233.55:443
CertificateIssuerDigiCert Inc Subjectcdn.tagcommander.com Fingerprint85:75:8C:58:CC:C2:11:06:88:8D:37:6E:5C:FB:8B:A2:84:46:14:60 ValidityFri, 23 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65320) Hash9a696f96d46cf6be4a73040240e0b9a1 6c1122b009cdfc4a1631918c9909db9bef7955c6 63a73487474dcd8e4ce9c3a38b69d9023d441281827f470e1c3b1a9aac7d18f6
GET /3315/tc_CreditAgricoleCRSitemaitre_6.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 3255
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Thu, 18 Apr 2024 09:02:09 GMT
etag: "9a696f96d46cf6be4a73040240e0b9a1+gzip"
last-modified: Thu, 11 Apr 2024 07:58:22 GMT
server: ECS (ska/F70A)
vary: Accept-Encoding
x-amz-id-2: NEFXVGn56Bbf7r5pAOxf/u70YhMFCpvQHmBaMVJDgiGucy9l/NkgCeJb9W//93Q+D2C/YACIPEg=
x-amz-request-id: 3HYK8ZV0AVZW89QX
x-cache: HIT
x-cdn: edgio
content-length: 56121
X-Firefox-Spdy: h2
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg | 158.191.172.221 | 200 OK | 6.3 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8a6438815d53936ba84ffbef78c8bcfc e178faa510c663b51d88b5979bbc53c73fcaf3e1 5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140; tc_last_RegistrationID=; tc_env_tech_iframe=Production
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 17:42:51 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 4
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
|
| bv-chat.credit-agricole.fr/oic-services/js/bver.js | 158.191.151.33 | 200 200 | 6.6 kB |
URL GET HTTP/1.1bv-chat.credit-agricole.fr/oic-services/js/bver.js IP158.191.151.33:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectbv-chat.credit-agricole.fr Fingerprint48:D4:BA:BC:61:88:86:07:56:85:97:3B:80:80:6D:DA:23:94:65:56 ValidityThu, 29 Jun 2023 00:00:00 GMT - Fri, 28 Jun 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashd1b0ba0003db572cb145cc7b980f80ac 88ac8743108ba55ba1e0079ee52ca8be95a9aaa2 e1b5d33ad9ffb4665845a2d436cbb7c91c5b0d9b17085ff57dc063117106778a
GET /oic-services/js/bver.js HTTP/1.1
Host: bv-chat.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 200
Date: Thu, 18 Apr 2024 09:02:09 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, DENY
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: origin, content-type, accept, authorization, authorizedKey, x-requested-with
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Accept-Ranges: bytes
ETag: W/"30038-1707871368000"
Last-Modified: Wed, 14 Feb 2024 00:42:48 GMT
X-Content-Type-Options: nosniff
MyHeader: D=695 t=1713430929159308
Cache-Control: max-age=86400, private
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/App_Ca_Nat.svg | 158.191.172.221 | 200 OK | 1.1 MB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/homepage/App_Ca_Nat.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Size1.1 MB (1132697 bytes) Hashbe81a258db99f98584e2c10838bdf020 d00906e5e213d57fad0724c9b2a50bacbda62711 7b4b21117acd1e54c5b4f3dd00bfac3a302cb00aea82ee481e840bf93a651409
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/homepage/App_Ca_Nat.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:08 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:21 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885307
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| cdn.trustcommander.net/privacy/3315/privacy_v2_86.js | 192.229.233.55 | 200 OK | 33 kB |
URL GET HTTP/2cdn.trustcommander.net/privacy/3315/privacy_v2_86.js IP192.229.233.55:443
CertificateIssuerDigiCert Inc Subjectcdn.tagcommander.com Fingerprint85:75:8C:58:CC:C2:11:06:88:8D:37:6E:5C:FB:8B:A2:84:46:14:60 ValidityFri, 23 Feb 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65244) Hash37b36aedafd3d36ec49d67720179cdd4 6849ef4a8da3d55cbcce384d3b2a06a5b246a347 a9c150fd985015873b58746be494d7505e32ebc92d99e61276c8a494d7c71117
GET /privacy/3315/privacy_v2_86.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 11508
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Thu, 18 Apr 2024 09:02:09 GMT
etag: "37b36aedafd3d36ec49d67720179cdd4+gzip"
last-modified: Thu, 22 Sep 2022 07:27:30 GMT
server: ECS (ska/F71D)
vary: Accept-Encoding
x-amz-id-2: 0wcDyHJx7QIRh2yIbt+puuq7tf/YGMkWDnXU3e2UM9SUlb9I5z1YdJtUIMjghwm5HZmGAGdMkY4=
x-amz-request-id: WJMRFKM30B75S9GY
x-cache: HIT
x-cdn: edgio
content-length: 32728
X-Firefox-Spdy: h2
|
|
| 158.191.172.221/favicon.ico | 158.191.172.221 | 200 OK | 1.2 kB |
URL GET HTTP/1.1158.191.172.221/favicon.ico IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash341f78bdffe72cd23159da8bd6172015 9c00af7aa0c68124ab58cc34e261aaeb187ae637 05d87a44ff1d7f5319c0e7309d270fb2c1d41c5306d64b5d5f8bec8f342ad034
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 13 Apr 2024 03:04:13 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:19:52 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/x-icon
vha6-origin: cats-rd16-prd
Age: 1885337
X-Cache: HIT
X-Cache-Hits: 4
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1183
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/npc/logos/icone_ca_pwa.png | 158.191.172.221 | 200 OK | 12 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/npc/logos/icone_ca_pwa.png IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash1672798339d9857c71d319a441c13ece ba562e9eb51185f653d43093a285c78d34bdc346 3358b6f2d9351fd1fec303210400a4514cc55a851ad97d202cfc0f840e3f54a7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/npc/logos/icone_ca_pwa.png HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:09 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Tue, 26 Mar 2024 01:07:35 GMT
Content-Length: 11546
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
Age: 2015674
X-Cache: MISS
X-Cache-Hits: 0
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg | 158.191.172.221 | 200 OK | 4.7 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash267925c136126fd813e021bb85ef59d8 a6bae108371ab294c00d28c01f3e415feb7ed36f 4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 17:42:51 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885313
X-Cache: HIT
X-Cache-Hits: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg | 158.191.172.221 | 200 OK | 4.7 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash267925c136126fd813e021bb85ef59d8 a6bae108371ab294c00d28c01f3e415feb7ed36f 4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 17:42:51 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
vha6-origin: cats-rd14-prd
Age: 1885314
X-Cache: HIT
X-Cache-Hits: 4
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
|
|
| www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png | 158.191.172.47 | 200 OK | 2.0 kB |
URL GET HTTP/1.1www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png IP158.191.172.47:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectwww.credit-agricole.fr Fingerprint40:40:CB:EB:7D:1D:57:CC:77:43:67:53:68:D1:81:6C:6C:4C:FC:F5 ValidityMon, 24 Jul 2023 00:00:00 GMT - Tue, 23 Jul 2024 23:59:59 GMT
File typePNG image data, 83 x 64, 8-bit/color RGB, non-interlaced Hasha5777291aa794d7d07285c839571662a 284f3d6b64462c946a640072bb57e512307bf8ab 1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
GET /content/dam/assetsca/npc/logos/logo_ca.png HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 14:43:34 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 11:11:34 GMT
Content-Length: 2037
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/png
Age: 1893035
X-Cache: HIT
X-Cache-Hits: 2177000
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=300
Connection: Keep-Alive
|
|
| privacy.trustcommander.net/privacy-consent/ | 15.237.120.124 | 200 OK | 43 B |
URL POST HTTP/1.1privacy.trustcommander.net/privacy-consent/ IP15.237.120.124:443
CertificateIssuerDigiCert Inc Subject*.trustcommander.net Fingerprint80:40:2B:73:B8:E3:50:F0:BF:20:A9:F1:B9:87:19:77:58:48:4E:FD ValidityWed, 14 Feb 2024 00:00:00 GMT - Sun, 16 Mar 2025 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash325472601571f31e1bf00674c368d335 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
POST /privacy-consent/ HTTP/1.1
Host: privacy.trustcommander.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://158.191.172.221
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:09 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control: private, max-age=486000, pre-check=486000
pragma: private
expires: Wed, 17 Jul 2024 09:02:09 GMT
access-control-allow-origin: https://158.191.172.221
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
vary: Origin
|
|
| 158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg | 158.191.172.221 | 200 OK | 6.3 kB |
URL GET HTTP/1.1158.191.172.221/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg IP158.191.172.221:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectm.ca-anjou-maine.fr FingerprintDB:2A:62:39:3C:AA:FA:1D:6F:5D:2E:72:41:EA:51:C5:4F:45:C2:93 ValidityTue, 19 Dec 2023 00:00:00 GMT - Wed, 18 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8a6438815d53936ba84ffbef78c8bcfc e178faa510c663b51d88b5979bbc53c73fcaf3e1 5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: 158.191.172.221
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://158.191.172.221/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID_NATIO=node0ar4p0kws4np9hodm53w7c3nu2340775.node0; ARPT=rd189o00000000000000000000ffff0a9b3764o8140; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; TCPID=124449294896433206
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 17:42:51 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 27 Mar 2024 13:20:15 GMT
Content-Security-Policy: frame-ancestors 'self'
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Age: 1885314
X-Cache: HIT
X-Cache-Hits: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
|
|
| credit-agricole-compagnon.inbenta.com/jsonp/inbenta.js | 34.255.188.247 | 200 OK | 504 B |
URL GET HTTP/2credit-agricole-compagnon.inbenta.com/jsonp/inbenta.js IP34.255.188.247:443
CertificateIssuerAmazon Subject*.inbenta.com Fingerprint5C:42:EB:01:0B:AC:18:81:C6:29:9C:29:5E:77:7A:39:2E:6B:0C:AA ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hashef816b8950f76c80e49c099930466a97 468805b9fb0f0dabb2a2dfef7f58721c408cfbbb cb6e615cfd8e50898052540c55af133b0444766e984620413adc584e93b6a6f7
GET /jsonp/inbenta.js HTTP/1.1
Host: credit-agricole-compagnon.inbenta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:02:10 GMT
content-type: text/javascript
content-length: 504
server: Apache
cache-control: max-age=172800
etag: beffe5be564cf057df09da9941c07431
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| botcli.credit-agricole.fr/front/npc-mbot-launcher.js | 158.191.139.28 | 200 OK | 134 kB |
URL GET HTTP/1.1botcli.credit-agricole.fr/front/npc-mbot-launcher.js IP158.191.139.28:443 ASN#9159 Credit Agricole S.A.
CertificateIssuerSectigo Limited Subjectbotcli.credit-agricole.fr Fingerprint7C:91:F3:05:5E:C4:DF:F3:5F:14:3F:24:C6:28:D6:E2:BD:40:FE:AB ValidityMon, 12 Feb 2024 00:00:00 GMT - Tue, 11 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size134 kB (134479 bytes) Hashda20f56c1e65b1634cd410506314abd8 e7e6d231eb5279e462f87fb5c72848e2c0a7aa03 d57b29992d4c990f8215f395792f6c200e49eed1db96dbdf4608e331b4f36381
GET /front/npc-mbot-launcher.js HTTP/1.1
Host: botcli.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 09:02:10 GMT
Content-Type: application/javascript
Last-Modified: Fri, 29 Mar 2024 11:08:33 GMT
Vary: Accept-Encoding
ETag: "6606a131-5689c"
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expires: Thu, 18 Apr 2024 09:17:10 GMT
Access-Control-Allow-Methods: GET, OPTIONS, FETCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Cache-Control: max-age=900, public
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| credit-agricole.inbenta.com/jsonp/inbenta-1.0.0.js | 34.255.188.247 | 200 OK | 1.1 kB |
URL GET HTTP/2credit-agricole.inbenta.com/jsonp/inbenta-1.0.0.js IP34.255.188.247:443
CertificateIssuerAmazon Subject*.inbenta.com Fingerprint5C:42:EB:01:0B:AC:18:81:C6:29:9C:29:5E:77:7A:39:2E:6B:0C:AA ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash729590835115f0b8717fbbbddf47cb79 a1f8c5349df5ce466b79a05f7213d08b46d86120 2b10a76bee54a750ab17587e4bff8f685f79c7d740bad4ba82110be9b75d4b27
GET /jsonp/inbenta-1.0.0.js HTTP/1.1
Host: credit-agricole.inbenta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:02:10 GMT
content-type: application/javascript
content-length: 1072
server: Apache
cache-control: max-age=172800
etag: 1e8fd2283c5e10b97694b3349ca296bc
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| credit-agricole-compagnon.inbenta.com/assets/js/inbenta.js?20220121 | 34.255.188.247 | 200 OK | 11 kB |
URL GET HTTP/2credit-agricole-compagnon.inbenta.com/assets/js/inbenta.js?20220121 IP34.255.188.247:443
CertificateIssuerAmazon Subject*.inbenta.com Fingerprint5C:42:EB:01:0B:AC:18:81:C6:29:9C:29:5E:77:7A:39:2E:6B:0C:AA ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32047) Hash870f0febda4a6f14fd166f58e427b6cd 2da7fefd90f8ad0ea8afa353132c8feb34560ef3 e18efc50152d8e2a1f087f0670693615be4f41f7f4464208c8a408230d566f74
GET /assets/js/inbenta.js?20220121 HTTP/1.1
Host: credit-agricole-compagnon.inbenta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:02:10 GMT
content-type: text/javascript
content-length: 10720
server: Apache
last-modified: Tue, 05 Mar 2024 08:26:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
X-Firefox-Spdy: h2
|
|
| credit-agricole.inbenta.com/assets/js/inbenta-1.0.0.js | 34.255.188.247 | 200 OK | 40 kB |
URL GET HTTP/2credit-agricole.inbenta.com/assets/js/inbenta-1.0.0.js IP34.255.188.247:443
CertificateIssuerAmazon Subject*.inbenta.com Fingerprint5C:42:EB:01:0B:AC:18:81:C6:29:9C:29:5E:77:7A:39:2E:6B:0C:AA ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4204), with CRLF, LF line terminators Hash06093f83af1cac3f565fdad5f3f8d39f d40707405d2ee5eac37df668df48f990f05f06dc baa84934964943fb77a22ac10ff563ff5a72ad925cee0cedf4944c9624300601
GET /assets/js/inbenta-1.0.0.js HTTP/1.1
Host: credit-agricole.inbenta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:02:10 GMT
content-type: application/x-javascript
content-length: 40064
server: Apache
last-modified: Fri, 20 Oct 2023 09:10:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
X-Firefox-Spdy: h2
|
|
| credit-agricole-compagnon.inbenta.com/?callback=jQuery22407368851887057836_1713430928134&action=extraInfos&cr=national&browser%5Bname%5D=Netscape&browser%5BcodeName%5D=Mozilla&browser%5Bversion%5D=5.0+(X11)&browser%5Bcookies%5D=true&browser%5BuserAgent%5D=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&_=1713430928135 | 34.255.188.247 | 200 OK | 147 B |
URL GET HTTP/2credit-agricole-compagnon.inbenta.com/?callback=jQuery22407368851887057836_1713430928134&action=extraInfos&cr=national&browser%5Bname%5D=Netscape&browser%5BcodeName%5D=Mozilla&browser%5Bversion%5D=5.0+(X11)&browser%5Bcookies%5D=true&browser%5BuserAgent%5D=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&_=1713430928135 IP34.255.188.247:443
CertificateIssuerAmazon Subject*.inbenta.com Fingerprint5C:42:EB:01:0B:AC:18:81:C6:29:9C:29:5E:77:7A:39:2E:6B:0C:AA ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash258903ee051a51d78d033e38b693e04f 5b68407a04a7a8d29d26ee3af19b43d797515e68 f6e5b849040ed5805cd2c8edc18741f25a6168ba287ada8d8ea7c7484169f69d
GET /?callback=jQuery22407368851887057836_1713430928134&action=extraInfos&cr=national&browser%5Bname%5D=Netscape&browser%5BcodeName%5D=Mozilla&browser%5Bversion%5D=5.0+(X11)&browser%5Bcookies%5D=true&browser%5BuserAgent%5D=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&_=1713430928135 HTTP/1.1
Host: credit-agricole-compagnon.inbenta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://158.191.172.221/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:02:10 GMT
content-type: text/javascript; charset=UTF-8
content-length: 147
server: Apache
set-cookie: PHPSESSID=svk95h8g1afeifteeevn6bepk3; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|