| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php | 63.250.43.9 | 200 OK | 11 kB |
URL User Request GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php IP63.250.43.9:443
CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2222) Hash3f7ae7bcbfe837ab86215022f206bb93 f2d519771cf061d0ced6dc8b65bef10497c99459 c9beaa8218e124fd7e41a14c037764fb8f3b7c8e8258bbd66fbafc8738a209a8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole | OpenPhish | phishing | Credit Agricole S.A. |
GET /wp-content/folomogaro/pages/region.php HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 18000
accept-ranges: bytes
x-cache: HIT
content-length: 11280
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css | 63.250.43.9 | 200 OK | 196 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (14675) Size196 kB (196521 bytes) Hash7861e1ddc181862951b8f0f589430090 f109968e8ba622d66c50c598d2878cc6bbb48a9c 4225a8d4b5766ee82d0f2f77fc5dac28d9d9f63bd12594348363c957f5d494b1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 08:37:31 GMT
vary: Accept-Encoding
etag: W/"6627734b-1701e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 196521
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorT33Part.min.24105c3ab333bb9871953d755011f366.css | 63.250.43.9 | 200 OK | 4.2 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorT33Part.min.24105c3ab333bb9871953d755011f366.css IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1706) Hash24105c3ab333bb9871953d755011f366 7f4dc9509d8e45adfb253aa9df01307e21da5184 04af3329fe1c592de8e357a29bd804580c0af97ca13959b84d59aaaf43fb850d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/css/clientlibStoreLocatorT33Part.min.24105c3ab333bb9871953d755011f366.css HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 08:37:31 GMT
vary: Accept-Encoding
etag: W/"6627734b-3f72"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 4161
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorT34Part.min.44ceddaeff0713d395ac2359d79d0db9.css | 63.250.43.9 | 200 OK | 5.1 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorT34Part.min.44ceddaeff0713d395ac2359d79d0db9.css IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1706) Hash44ceddaeff0713d395ac2359d79d0db9 c3906496e6336758181f30ca5f0069eabcb780a7 433f3f4f69279c6383401ed8d35544eb4ce9ec1f9cec22ade72f979a0ff2a94b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/css/clientlibStoreLocatorT34Part.min.44ceddaeff0713d395ac2359d79d0db9.css HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 08:37:31 GMT
vary: Accept-Encoding
etag: W/"6627734b-55b4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 5088
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css | 63.250.43.9 | 200 OK | 0 B |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: text/css
content-length: 0
last-modified: Tue, 23 Apr 2024 08:37:31 GMT
etag: "6627734b-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorPart.min.d0196ccb8ef0f95d3990b3da0665b235.css | 63.250.43.9 | 200 OK | 3.5 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorPart.min.d0196ccb8ef0f95d3990b3da0665b235.css IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1706) Hashd0196ccb8ef0f95d3990b3da0665b235 130c25a6b65f0f3e73d3f06284394f1774b3c695 0775513a58624d11e22cf814d9080e3d08d4b43885dc4ac2218a5c5229c281ee
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/css/clientlibStoreLocatorPart.min.d0196ccb8ef0f95d3990b3da0665b235.css HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 08:37:31 GMT
vary: Accept-Encoding
etag: W/"6627734b-31d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 3506
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css | 63.250.43.9 | 200 OK | 3.3 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (1706) Hashddd3469fd6c3f8f331e0d3b3d56134c3 31b1197a10cb180c43e06f0aaf3f0e3e0000338d 90e31a25b6f4ca04108ac1524e62193688d25bb6fa277e48f1ad31179760534b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 08:37:31 GMT
vary: Accept-Encoding
etag: W/"6627734b-2fad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 3313
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/jquery.min.js | 63.250.43.9 | 200 OK | 31 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/jquery.min.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators Hash2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/jquery.min.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:42:02 GMT
vary: Accept-Encoding
etag: W/"6627745a-15851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 30719
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/jquery.min.3fa47a8976d292401e5e89639c528426.js | 63.250.43.9 | 200 OK | 43 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/jquery.min.3fa47a8976d292401e5e89639c528426.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (585) Hash3fa47a8976d292401e5e89639c528426 a98bcad2397e229e72874a80168f5ad75762b253 8177840b502e6908014c6955695127284c51f7223c7c5af90a08140c10e1f26f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/jquery.min.3fa47a8976d292401e5e89639c528426.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:42:02 GMT
vary: Accept-Encoding
etag: W/"6627745a-250a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 43446
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js | 63.250.43.9 | 200 OK | 3.9 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (547) Hash423ec59365a85ebded314ad7311ef508 41d14b0fbb6c2e98b1cce2c476ff22e79799ec7b 7ab2e59e0914ae8a584648bf864b74b320f9281399508a1cfb346e8243e539a5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:42:07 GMT
vary: Accept-Encoding
etag: W/"6627745f-2cef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 3936
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js | 63.250.43.9 | 200 OK | 2.4 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash1cfa3b7f34a709e8eef13327014c6b27 426f8d6763301015baba293a9eaed5b0e35c5f50 82a13a046fc654ba15d460c12ad78d745ce2e1d0b89c9bec3faa8ce3a779b9e4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:42:02 GMT
vary: Accept-Encoding
etag: W/"6627745a-2111"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 2440
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/logo_ca.png | 63.250.43.9 | 200 OK | 2.0 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/logo_ca.png IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typePNG image data, 83 x 64, 8-bit/color RGB, non-interlaced Hasha5777291aa794d7d07285c839571662a 284f3d6b64462c946a640072bb57e512307bf8ab 1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/img/logo_ca.png HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:06 GMT
content-type: image/png
content-length: 2037
last-modified: Tue, 23 Apr 2024 08:46:10 GMT
etag: "66277552-7f5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17998
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg | 63.250.43.9 | 200 OK | 6.3 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash8a6438815d53936ba84ffbef78c8bcfc e178faa510c663b51d88b5979bbc53c73fcaf3e1 5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/img/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:06 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 08:39:29 GMT
vary: Accept-Encoding
etag: W/"662773c1-580d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17998
accept-ranges: bytes
x-cache: HIT
content-length: 6260
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/CA_Logo_seul-1.svg | 63.250.43.9 | 200 OK | 4.7 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/CA_Logo_seul-1.svg IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash267925c136126fd813e021bb85ef59d8 a6bae108371ab294c00d28c01f3e415feb7ed36f 4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/img/CA_Logo_seul-1.svg HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:06 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 08:31:57 GMT
vary: Accept-Encoding
etag: W/"662771fd-3f78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17998
accept-ranges: bytes
x-cache: HIT
content-length: 4738
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js | 63.250.43.9 | 200 OK | 125 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (567) Size125 kB (125254 bytes) Hash1661914e05c676ce450674555cc1e5b0 8564e04e8b6a06494f04a2026e853143d2aa0a66 3980a2fc735c16a01ce49bd9462513e27f799c0b2bc20c113a58097c2a1cca1e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:45:00 GMT
vary: Accept-Encoding
etag: W/"6627750c-74ddd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 125254
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlibStoreLocatorGeneral.min.589095941fdc97a6d45bcdbafc63b754.js | 63.250.43.9 | 200 OK | 7.1 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlibStoreLocatorGeneral.min.589095941fdc97a6d45bcdbafc63b754.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (566) Hash589095941fdc97a6d45bcdbafc63b754 250b52be1be1831008777f9e2bb0f358f6687cf7 400774560aa0a055839eb325e4ef2a80248a5d0261a29810d4d56727a40daf45
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/clientlibStoreLocatorGeneral.min.589095941fdc97a6d45bcdbafc63b754.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:45:00 GMT
vary: Accept-Encoding
etag: W/"6627750c-6b50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 7149
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/jQuery.min.affcbf7942d5bedb0785712.js | 63.250.43.9 | 200 OK | 44 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/jQuery.min.affcbf7942d5bedb0785712.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (585) Hash0788a8f61b6fefd5e24be8ee105ccbfe 913ab146281c5f797c7213989674694896b198d8 3895b1ae68326e2f741061e13771b1c944097c408f33c99699655e0364313076
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/jQuery.min.affcbf7942d5bedb0785712.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:42:02 GMT
vary: Accept-Encoding
etag: W/"6627745a-25b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 44439
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlibBoutonVertGeneralVitrine.min.dfb71be1fcb86089d70efceff8a6f359.js | 63.250.43.9 | 200 OK | 66 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlibBoutonVertGeneralVitrine.min.dfb71be1fcb86089d70efceff8a6f359.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hashdfb71be1fcb86089d70efceff8a6f359 41d29d57b7615645dc6748083d125814aa04ec95 2e9a8816765c210cddd4ff501412ec3111d9a3b934221201ea80f757c8a5ada8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/clientlibBoutonVertGeneralVitrine.min.dfb71be1fcb86089d70efceff8a6f359.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:45:00 GMT
vary: Accept-Encoding
etag: W/"6627750c-49282"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 66056
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js | 63.250.43.9 | 200 OK | 196 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (566) Size196 kB (196377 bytes) Hash18f53aa03a89a76398df2ca8ec2af50a ff68b9bc4dd3df26b7166bd29b9c34ac996acfa1 6e4a102e2d66980019d7578a0f1438d71e525206e91ef8f74d270294603102cc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:45:00 GMT
vary: Accept-Encoding
etag: W/"6627750c-c1966"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 196377
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlib-npc-components.min.e6be91ed03e01bfc5e52e1e77014f2cd.js | 63.250.43.9 | 200 OK | 372 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/js/clientlib-npc-components.min.e6be91ed03e01bfc5e52e1e77014f2cd.js IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (845) Size372 kB (371708 bytes) Hashe6be91ed03e01bfc5e52e1e77014f2cd a6550d8989c2875f63338480c533184f9a0bbff3 396c86de58f6ddd17b4e884b8b364de930ea86a2ff2858db625cdc8fc177cabd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/js/clientlib-npc-components.min.e6be91ed03e01bfc5e52e1e77014f2cd.js HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 08:45:00 GMT
vary: Accept-Encoding
etag: W/"6627750c-17ecea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
content-length: 371708
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/token.json | 63.250.43.9 | 200 OK | 2 B |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/token.json IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/token.json HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:05 GMT
content-type: application/json
content-length: 2
last-modified: Tue, 23 Apr 2024 08:30:36 GMT
etag: "662771ac-2"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 18000
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/gotham/Gotham-Book.woff2 | 63.250.43.9 | 200 OK | 42 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/gotham/Gotham-Book.woff2 IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41728, version 3.19726 Hashd838b98f75e3cb9574f9b8b796eb1e8f fcdf131af872ce9ecda9a437cdf67d23c5940d97 3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/fonts/gotham/Gotham-Book.woff2 HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:09 GMT
content-type: font/woff2
content-length: 41728
last-modified: Tue, 23 Apr 2024 08:42:58 GMT
etag: "66277492-a300"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17996
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/acces_cr_part_carre.jpg | 63.250.43.9 | 200 OK | 244 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/acces_cr_part_carre.jpg IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricInterpretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3 Size244 kB (243919 bytes) Hashb259c4797d838add41da1047021d2480 13de10f5a348efa8ff3d856f2e347eeff8a33579 c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/img/acces_cr_part_carre.jpg HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:06 GMT
content-type: image/jpeg
content-length: 243919
last-modified: Tue, 23 Apr 2024 08:38:53 GMT
etag: "6627739d-3b8cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17999
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/gotham/Gotham-Bold.woff2 | 63.250.43.9 | 200 OK | 39 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/gotham/Gotham-Bold.woff2 IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39264, version 3.19726 Hash003e90cf8cb3f8b4bef30d6764da18ed 512e44f40b54d0e5e081dda9fd5ea8a4429a508c 319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/fonts/gotham/Gotham-Bold.woff2 HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:09 GMT
content-type: font/woff2
content-length: 39264
last-modified: Tue, 23 Apr 2024 08:42:58 GMT
etag: "66277492-9960"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17996
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/npcicons-crunchy/npcicons-crunchy-r2302.woff2 | 63.250.43.9 | 200 OK | 35 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/npcicons-crunchy/npcicons-crunchy-r2302.woff2 IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34592, version 1.0 Hashc0d751066816bca007371ff0459fcc01 e132b56dc031cd752a178f86a0edc415cdc28f91 2e63cdb2dc7b759f32f1abd709061475dd184a5472193f64906e50f787e45516
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/fonts/npcicons-crunchy/npcicons-crunchy-r2302.woff2 HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:09 GMT
content-type: font/woff2
content-length: 34592
last-modified: Tue, 23 Apr 2024 08:43:38 GMT
etag: "662774ba-8720"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17996
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/gotham/Gotham-Medium.woff2 | 63.250.43.9 | 200 OK | 42 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/fonts/gotham/Gotham-Medium.woff2 IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41488, version 3.19726 Hash68ce85d44fef05344ea74f94f3e6b472 3a380914e04ef35820bbe619e1f902d4b250a997 ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/fonts/gotham/Gotham-Medium.woff2 HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/css/clientlib-part.min.44e2d3d23713b8f105d11461742c9db9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 10:48:09 GMT
content-type: font/woff2
content-length: 41488
last-modified: Tue, 23 Apr 2024 08:43:38 GMT
etag: "662774ba-a210"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17996
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/favicon.png | 63.250.43.9 | 200 OK | 26 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/favicon.png IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x782, components 3 Hashb97344aec9a8c00a0037b00de3cb65b8 b2499fd6933a79e99d530e2dcbc09a36feef7d4e d9225828a2b4df13f9895b1ea331221239370d7787927c0038b30a725cf3d908
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/img/favicon.png HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:00:19 GMT
content-type: image/png
content-length: 25841
last-modified: Tue, 23 Apr 2024 08:31:59 GMT
etag: "662771ff-64f1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 17266
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/icone_ca_pwa.png | 63.250.43.9 | 200 OK | 12 kB |
URL GET HTTP/2goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/assets/img/icone_ca_pwa.png IP63.250.43.9:443
Requested byhttps://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php CertificateIssuerSectigo Limited Subject*.ingress-baronn.ewp.live FingerprintC1:4F:B7:83:EE:FC:0F:E2:2F:B2:21:52:90:14:06:1B:FA:41:E9:74 ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashfc08d1a7232f3ca124b86215ce8e24ae 8de4af8d8de8c1d49d0dbc7feb43287b1a2825fb 6593e74eedb90d474b1976b961e4f4728881e58b67f67f2daccf999b0c6ae333
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/folomogaro/assets/img/icone_ca_pwa.png HTTP/1.1
Host: goldene-golde-via-ec8dee.ingress-baronn.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goldene-golde-via-ec8dee.ingress-baronn.ewp.live/wp-content/folomogaro/pages/region.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:22:58 GMT
content-type: image/png
content-length: 11546
last-modified: Tue, 23 Apr 2024 08:41:16 GMT
etag: "6627742c-2d1a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 15907
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|