Report - competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca

Report Overview

Submitted URL
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
IP
213.32.105.173
ASN
#16276 OVH SAS
Submitted
2023-01-29 20:37:55
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
competent-margulis.213-32-105-173.plesk.page	unknown	2023-01-27T02:36:42Z	2023-03-03T10:02:02Z	12 kB	557 kB	213.32.105.173
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.228.1.109
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	52 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca	Credit Agricole S.A.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/CA_Logo_seul-1.svg	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/token.json	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/fonts/gotham/Gotham-Bold.woff2	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js	Phishing
2023-01-29	medium	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js	8.5 kB	2023-03-10	2024-05-02
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2024-05-02 18:00:33 Times Seen560 Hash 1cfa3b7f34a709e8eef13327014c6b27 426f8d6763301015baba293a9eaed5b0e35c5f50 82a13a046fc654ba15d460c12ad78d745ce2e1d0b89c9bec3faa8ce3a779b9e4 Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js	476 kB	2023-03-10	2024-01-08
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2024-01-08 16:46:47 Times Seen43 Hash 8ec7a9d13975693bdbc06425507bba07 3125a27cda44b8cb076d15f427947c5692371878 2102c871f459d70b6a41259761039b92f00046b65e8ce3478630489dc35826fe Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js	124 kB	2023-03-10	2024-01-08
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2024-01-08 16:46:47 Times Seen46 Hash 3838263249db7bc2523dc0e7fb07d02e a959212ed3c4184bab5c8f2e4282fda9b27e39d1 6cd25c53998895d9d61e610dd3da7e1d88b7faaf7cf3dd8ea0d1122ab63830cc Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js	793 kB	2023-03-10	2024-05-02
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2024-05-02 18:00:33 Times Seen251 Hash 18f53aa03a89a76398df2ca8ec2af50a ff68b9bc4dd3df26b7166bd29b9c34ac996acfa1 6e4a102e2d66980019d7578a0f1438d71e525206e91ef8f74d270294603102cc Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca	158 B	2023-03-10	2023-05-11
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2023-05-11 23:28:00 Times Seen17 Hash 8de796d36b77df242ce1a4a3e4eb2655 2f327c017d733ae51a7e12f147608a886d71b92e 713e8afabfc9447c4cd59e5fbfe141c09543a0476236e6ce76953901dc4134c6 Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca	88 B	2023-03-10	2023-05-11
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2023-05-11 23:28:00 Times Seen17 Hash d7bd43c5b383d66349b26bdba79891b9 4f022b4b7fb02c893560b3428878f6c1cf0d78db b1c33d4b8c4d8a0867a774657cae08eca0e3df170c3710ef732993aea71f25f9 Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js	152 kB	2023-03-10	2024-04-25
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2024-04-25 17:10:47 Times Seen46 Hash 43ebd2cb93e62b7b1f87e72f14446263 303dd01f898d680e1e5f6c9f94550ba2a4f8dc5b db093d945c5dc369f30743d0a2f6afcf204b72934cc281b6fb5185213db594be Loading...

	competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js	12 kB	2023-03-10	2024-01-08
Pretty URL competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js IP 213.32.105.173 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:55:38 Last Seen2024-01-08 16:46:47 Times Seen57 Hash 381a524ab439b15b58adf885db3822b5 4104d7c91d1b0f8dd7d65b69d7b4d2b1e7228a7a 481eb2d770dc9e5270d8b387b91a97996711992660b0b333c19cabaccb895d34 Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4988
Expires: Sun, 29 Jan 2023 22:00:52 GMT
Date: Sun, 29 Jan 2023 20:37:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19052
Expires: Mon, 30 Jan 2023 01:55:16 GMT
Date: Sun, 29 Jan 2023 20:37:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2974
Expires: Sun, 29 Jan 2023 21:27:18 GMT
Date: Sun, 29 Jan 2023 20:37:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 19:43:09 GMT
content-type: application/json
age: 3275
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: O80q0yYdEUrzGeA63bO/SztmEiZbxR6TKdj/XetTHEWhNzZcZO0fD9V/EO++75cKMPemiO+B3Nk=
x-amz-request-id: KMN4XW3E4RZA7K2X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 19:50:27 GMT
age: 2837
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c99e899d38146b0c350458a70469dc59
0d8cf9a26ebd9230851a8d97607ffe5b1102dbae
223e4c357ad40a5943da63d99ee95f6b5b251796938e22238cbabd7027cc07e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "223E4C357AD40A5943DA63D99EE95F6B5B251796938E22238CBABD7027CC07E5"
Last-Modified: Sun, 29 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18318
Expires: Mon, 30 Jan 2023 01:43:02 GMT
Date: Sun, 29 Jan 2023 20:37:44 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca

213.32.105.173

200 OK

9.6 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13501)
Size
9.6 kB (9557 bytes)
Hash
5ba8bd79fd4ccd4a3fa6e98867189360
f269ba7e905e1db5eceb1d02877ffc798090eb4d
771d6a7e346919e4f649ce918f2ae16d33a3993a49452772deb759edfc0402da

Detections

Analyzer	Verdict	Alert
openphish	Credit Agricole S.A.
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/43e4f0e21afc6eb/region.php?lca HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/html; charset=UTF-8
content-length: 9557
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9; path=/
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/8.0.27, PleskLin
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css

213.32.105.173

200 OK

185 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
185 B (185 bytes)
Hash
54cf8a02ff9a6bd7e26cbbcc8165890b
cb7d736bba9aa57a57b28b2225d702141f019585
715b5a56e5be0adb8b864e91c07e8f92fe6310f2d3946f942d6f8a9df7f2ecb2

HTTP Headers

GET /credit-agricol/region/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/css
content-length: 185
x-accel-version: 0.01
last-modified: Sat, 23 Jul 2022 19:05:32 GMT
etag: "111-5e47da2819700-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg

213.32.105.173

200 OK

22 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
22 kB (22541 bytes)
Hash
8a6438815d53936ba84ffbef78c8bcfc
e178faa510c663b51d88b5979bbc53c73fcaf3e1
5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: image/svg+xml
content-length: 22541
last-modified: Mon, 11 Jul 2022 13:01:48 GMT
etag: "62cc1f3c-580d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/CA_Logo_seul-1.svg

213.32.105.173

200 OK

16 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/CA_Logo_seul-1.svg
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
16 kB (16248 bytes)
Hash
267925c136126fd813e021bb85ef59d8
a6bae108371ab294c00d28c01f3e415feb7ed36f
4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/images/CA_Logo_seul-1.svg HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: image/svg+xml
content-length: 16248
last-modified: Mon, 11 Jul 2022 12:41:22 GMT
etag: "62cc1a72-3f78"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/logo_ca.png

213.32.105.173

200 OK

2.0 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/logo_ca.png
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
PNG image data, 83 x 64, 8-bit/color RGB, non-interlaced\012- data
Size
2.0 kB (2037 bytes)
Hash
a5777291aa794d7d07285c839571662a
284f3d6b64462c946a640072bb57e512307bf8ab
1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3

HTTP Headers

GET /credit-agricol/region/assets/images/logo_ca.png HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: image/png
content-length: 2037
last-modified: Mon, 11 Jul 2022 13:10:54 GMT
etag: "62cc215e-7f5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 19:41:41 GMT
age: 3363
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17594
Expires: Mon, 30 Jan 2023 01:30:59 GMT
Date: Sun, 29 Jan 2023 20:37:45 GMT
Connection: keep-alive

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db3499be7.css

213.32.105.173

200 OK

46 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db3499be7.css
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (1706)
Size
46 kB (46257 bytes)
Hash
20e462830ed61266ce0b70aa888d8df9
49e2018be0cc555e4c534b3d1e8bf7bdbbeffce4
8a3ec200ef68c0e30b580148ff5a541886791416d0849b64e4196d8aec8c527b

HTTP Headers

GET /credit-agricol/region/assets/css/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db3499be7.css HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/css
last-modified: Sat, 23 Jul 2022 19:05:32 GMT
etag: W/"62dc467c-4c3b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/token.json

213.32.105.173

200 OK

2 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/token.json
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/token.json HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:45 GMT
content-type: application/json
content-length: 2
x-accel-version: 0.01
last-modified: Mon, 11 Jul 2022 14:34:12 GMT
etag: "2-5e388720c0100"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/acces_cr_part_carre.jpg

213.32.105.173

200 OK

244 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/acces_cr_part_carre.jpg
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size
244 kB (243919 bytes)
Hash
b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8

HTTP Headers

GET /credit-agricol/region/assets/images/acces_cr_part_carre.jpg HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:45 GMT
content-type: image/jpeg
content-length: 243919
last-modified: Mon, 11 Jul 2022 13:09:26 GMT
etag: "62cc2106-3b8cf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/fonts/gotham/Gotham-Bold.woff2

213.32.105.173

200 OK

39 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/fonts/gotham/Gotham-Bold.woff2
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
Web Open Font Format (Version 2), TrueType, length 39264, version 3.19726\012- data
Size
39 kB (39264 bytes)
Hash
003e90cf8cb3f8b4bef30d6764da18ed
512e44f40b54d0e5e081dda9fd5ea8a4429a508c
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/fonts/gotham/Gotham-Bold.woff2 HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:45 GMT
content-type: font/woff2
content-length: 39264
last-modified: Mon, 11 Jul 2022 15:00:50 GMT
etag: "62cc3b22-9960"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css

213.32.105.173

200 OK

44 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (1706)
Size
44 kB (43713 bytes)
Hash
d24ab15fd942dcef23c90a6abad2d599
a702762e6e35c6ea51f85bc9ad95f366c1b18c36
c519b922ce014f83b4cd1806724ef05e94b0c2317c939f0f22560f4ece65671b

HTTP Headers

GET /credit-agricol/region/assets/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/css
last-modified: Sat, 23 Jul 2022 19:05:32 GMT
etag: W/"62dc467c-32e3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css

213.32.105.173

200 OK

45 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (1706)
Size
45 kB (44752 bytes)
Hash
e54372fcabd6b8cfc6753d588d5e16c8
8b429e2659142eea6f4435af23c1ab77c1da3ba9
2b97305fc044861d6940bf225fd8707c38df819cfe95233900ad9f305f85978e

HTTP Headers

GET /credit-agricol/region/assets/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/css
last-modified: Sat, 23 Jul 2022 19:05:32 GMT
etag: W/"62dc467c-30b7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js

213.32.105.173

200 OK

58 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with very long lines (585)
Size
58 kB (57783 bytes)
Hash
89395b00bde8db1bc0cce7255598b711
69b4ce872afbda3acd2d607969af6c768bb30f22
24fc9a3f0be8290caaaf2a1e0c9a3832e0f745d2f4f3a1fe81934cc2a2ef3194

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/javascript
last-modified: Sat, 23 Jul 2022 19:11:06 GMT
etag: W/"62dc47ca-2509e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/favicon.png

213.32.105.173

200 OK

26 kB

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/images/favicon.png
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x782, components 3\012- data
Size
26 kB (25841 bytes)
Hash
b97344aec9a8c00a0037b00de3cb65b8
b2499fd6933a79e99d530e2dcbc09a36feef7d4e
d9225828a2b4df13f9895b1ea331221239370d7787927c0038b30a725cf3d908

HTTP Headers

GET /credit-agricol/region/assets/images/favicon.png HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:45 GMT
content-type: image/png
content-length: 25841
last-modified: Wed, 29 Jun 2022 00:12:08 GMT
etag: "62bb98d8-64f1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.228.1.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.228.1.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L4WCLawcn9wtuMkqFil0Rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LAYVNJ3VgDOeonf68FXV/2gYw2s=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3623
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 20:37:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3623
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 20:37:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3623
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 20:37:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5594 bytes)
Hash
4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 20518
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 81660
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10168 bytes)
Hash
d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:55:27 GMT
age: 70939
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5198 bytes)
Hash
57ff6665d99a17d06b75c8fe64c90ab3
05648eed6830a794aa7e30ba4da526ed4c45b0ca
728b809756a0faff1a55bb03f13f33e31518f321e50dd944a0267d585c09264c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: 8117f45b-926a-4cbe-b152-dae983bc3526
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOYdlG6XIAMF_vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf3abd-7ce531f65f66ac3a73970841;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:56:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: naZHCCrUSwrLi2eWi3LOrir9zOGQcNUBJ1iS9wUewWoV3WM2E0kE2w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:47:00 GMT
age: 82246
etag: "05648eed6830a794aa7e30ba4da526ed4c45b0ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11470 bytes)
Hash
10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 59791
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 85890
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /credit-agricol/region/assets/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/css
last-modified: Sat, 23 Jul 2022 19:05:32 GMT
etag: W/"62dc467c-3ed5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:07:36 GMT
etag: W/"62e08fd8-1e334"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/javascript
last-modified: Sat, 23 Jul 2022 19:11:06 GMT
etag: W/"62dc47ca-2dea"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/js/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 18:40:06 GMT
etag: W/"62e03506-c1966"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 00:23:28 GMT
etag: W/"62e08580-741e3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /credit-agricol/region/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: text/css
last-modified: Tue, 26 Jul 2022 12:22:28 GMT
etag: W/"62dfdc84-14414c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js

213.32.105.173

200 OK

0 B

URL HTTP/2
competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js
IP
213.32.105.173:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /credit-agricol/region/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: competent-margulis.213-32-105-173.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://competent-margulis.213-32-105-173.plesk.page/credit-agricol/region/43e4f0e21afc6eb/region.php?lca
Cookie: PHPSESSID=amaff8fdfjc3d15hqk6std0mo9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 20:37:44 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2022 21:46:54 GMT
etag: W/"62df0f4e-2111"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML