Report - www.creda.es/home/ca

Report Overview

Submitted URL
www.creda.es/home/ca
IP
134.0.10.77
ASN
#197712 10dencehispahard, S.L.
Submitted
2022-12-08 04:01:05
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.creda.es	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	622 kB	134.0.10.77
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	40 kB	216.58.207.227
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	539 B	746 B	142.250.74.106
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.94.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	60 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	www.creda.es/home/ca	Malware
2022-12-08	medium	www.creda.es/home/ca	Malware
2022-12-08	medium	www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/	Malware
2022-12-08	medium	www.creda.es/wp-includes/css/classic-themes.min.css?ver=1	Malware
2022-12-08	medium	www.creda.es/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8	Malware
2022-12-08	medium	www.creda.es/wp-content/themes/notio-wp-child/style.css?ver=5.6.2	Malware
2022-12-08	medium	www.creda.es/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Malware
2022-12-08	medium	www.creda.es/wp-content/themes/notio-wp/assets/css/app.css?ver=5.6.2	Malware
2022-12-08	medium	www.creda.es/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.60	Malware
2022-12-08	medium	www.creda.es/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8	Malware
2022-12-08	medium	www.creda.es/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8	Malware
2022-12-08	medium	www.creda.es/wp-includes/js/underscore.min.js?ver=1.13.4	Malware
2022-12-08	medium	www.creda.es/wp-content/themes/notio-wp/assets/js/app.min.js?ver=5.6.2	Malware
2022-12-08	medium	www.creda.es/wp-content/themes/notio-wp/assets/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2022-12-08	medium	www.creda.es/wp-content/themes/notio-wp/assets/js/vendor.min.js?ver=5.6.2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.creda.es/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0	20 kB	2023-03-07	2024-05-07
Pretty URL www.creda.es/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-05-07 23:07:16 Times Seen2581 Hash 596d6e5d8400fd1e913f9adc21071f93 fee2d7a4ac08d5a522c2298a5ad3ed30ac9e62ec 159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff Loading...

	www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/	136 B	2023-03-08	2024-04-30
Pretty URL www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/ IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:20 Last Seen2024-04-30 10:44:01 Times Seen183 Hash 9661172aebae230f916d6824cfd3f7f2 3019e535ef4e113e23b67fc0a981e0014d49d1c0 fe097e8abaeb0991979d479c16de24abe4995b6bb3c5ecc1a63d03b81685746b Loading...

	www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/	206 B	2023-03-08	2023-03-08
Pretty URL www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/ IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:35:12 Last Seen2023-03-08 21:35:12 Times Seen1 Hash 5f65fd45d4d8662565fe353661f7d3af 8cd85dcd6f73a271ef0359e754cb5cb4499b4d3c 8bca0ded78f11ee7c58bfa84f89416230d7ce646df039e87b4aac6f3e6113d2d Loading...

	www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/	2.2 kB	2023-03-08	2023-03-11
Pretty URL www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/ IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:35:12 Last Seen2023-03-11 14:34:56 Times Seen1 Hash c41b3465887acdb659e5d65692b3d985 ec5a94162486c4eee1245380580e08245fb8658e 838d971d37ad0d9fa835d863177a29124053ce7cfe1db1d1411bdf445eaf4a57 Loading...

	www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/	2.2 kB	2023-03-08	2023-03-08
Pretty URL www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/ IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:35:12 Last Seen2023-03-08 21:35:12 Times Seen1 Hash 2be065a4a8d39dfcf4e36814c865a192 2f4e33078da6467ca059abe3f2365aaea4b068ab c0ad7bbc80790c27d8033c92a1b32735f3b24a9cc969b7cb5ac67fb4975a42ce Loading...

	www.creda.es/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-08
Pretty URL www.creda.es/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-08 14:59:07 Times Seen69136 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.creda.es/wp-includes/js/underscore.min.js?ver=1.13.4	19 kB	2023-03-08	2024-05-08
Pretty URL www.creda.es/wp-includes/js/underscore.min.js?ver=1.13.4 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-05-08 12:55:50 Times Seen42048 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	www.creda.es/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.60	8.0 kB	2023-03-08	2024-01-18
Pretty URL www.creda.es/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.60 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:35:12 Last Seen2024-01-18 03:23:08 Times Seen11 Hash ab6a9a875a1de9c9dc96e861e8ddcb50 467473d1c405d3742d4791e5181317289374aa10 e9648aac8bc08910a04cf5430ca3372b512752567ddc2dea7596625cebcebbdf Loading...

	www.creda.es/wp-content/themes/notio-wp/assets/js/app.min.js?ver=5.6.2	37 kB	2023-03-08	2023-10-05
Pretty URL www.creda.es/wp-content/themes/notio-wp/assets/js/app.min.js?ver=5.6.2 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:35:12 Last Seen2023-10-05 14:38:14 Times Seen5 Hash a15abc2d7974fc4cbc4889657e500289 8f31a6f4468edb68cc8fa35e66ac81a45b086432 0f9b7945bf1c82953f20d5400f5a0d8a5093b42fe06f5df5d4a5f402abb048d1 Loading...

	www.creda.es/wp-content/themes/notio-wp/assets/js/vendor.min.js?ver=5.6.2	396 kB	2023-03-08	2023-10-05
Pretty URL www.creda.es/wp-content/themes/notio-wp/assets/js/vendor.min.js?ver=5.6.2 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:35:12 Last Seen2023-10-05 14:38:16 Times Seen5 Hash f73ca0c1af8aab0f811aedff6fc0b342 c940c35cb7fc8fb8540e6f646c8f90d418ea0fc9 8bba4a52baa0aad977a0a4ebec85e1c1bcac18013b69d78e4798adf87961a121 Loading...

	www.creda.es/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8	3.0 kB	2023-03-07	2024-05-08
Pretty URL www.creda.es/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-08 14:47:22 Times Seen29833 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	www.creda.es/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-05-08
Pretty URL www.creda.es/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-08 08:59:26 Times Seen31996 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.creda.es/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8	19 kB	2023-03-07	2024-05-08
Pretty URL www.creda.es/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8 IP 134.0.10.77 ASN #197712 10dencehispahard, S.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-08 13:40:45 Times Seen38232 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

HTTP Transactions (56)

URL IP Response Size

www.creda.es/home/ca

134.0.10.77

301 Moved Permanently

236 B

URL HTTP/1.1
www.creda.es/home/ca
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
236 B (236 bytes)
Hash
45e9326a359f4574a8d0c6515d3417b4
153443b46b4875d5b866de46387c3d1c64d6bcc5
1d79422d03a7fcb3673032c030653e1b16b42d39f0ce6e2f06b63ab73cd1aab0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /home/ca HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 04:00:54 GMT
Server: Apache
Location: https://www.creda.es/home/ca
Content-Length: 236
Keep-Alive: timeout=5, max=300
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11598
Expires: Thu, 08 Dec 2022 07:14:12 GMT
Date: Thu, 08 Dec 2022 04:00:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14166
Expires: Thu, 08 Dec 2022 07:57:00 GMT
Date: Thu, 08 Dec 2022 04:00:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 03:08:07 GMT
content-type: application/json
age: 3167
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4746
Expires: Thu, 08 Dec 2022 05:20:00 GMT
Date: Thu, 08 Dec 2022 04:00:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: r6qh9TGMd3iN+Lh4DPY3CZXhTaKUW4Ae16yz3pRTxmt0zQQcMIwndIN7faLb6Gnv4Np+ct+JSMQ=
x-amz-request-id: WNXJH81JJ8ANSTMY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 03:49:37 GMT
age: 677
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 04:00:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c190609bbbfec52bb34fa388ab24079f
772753aa55ecb36ad7cb28b502bb1f6e732437c7
aac7cfe02728a8afd0910776d1aa1146f6d50cb9bb0f34911cc3b29b799aee77

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAC7CFE02728A8AFD0910776D1AA1146F6D50CB9BB0F34911CC3B29B799AEE77"
Last-Modified: Wed, 07 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Dec 2022 10:00:54 GMT
Date: Thu, 08 Dec 2022 04:00:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 03:07:55 GMT
age: 3179
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:54 GMT
Last-Modified: Thu, 08 Dec 2022 03:02:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.94.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.94.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Js/7Sn3AZKIj4fBv9OWDGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IqiQB/mUsY3zfId7LDVmeDWnRXY=

www.creda.es/home/ca

134.0.10.77

301 Moved Permanently

0 B

URL HTTP/2
www.creda.es/home/ca
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /home/ca HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
dlm-no-waypoints: true
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 04:00:54 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10141
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 04:00:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10141
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 04:00:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10141
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 04:00:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10141
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 04:00:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95d68d20-ce48-4bc4-a89b-d42a294520bc.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95d68d20-ce48-4bc4-a89b-d42a294520bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6656 bytes)
Hash
077c8b656d9ac4ecba7aea40ecaa4e0c
84b9d58a1cf4174f1a55b1c3475a09d579094f19
abf13120589f3c11466a6b3f65874565a78b3a25b047b2089dafdae0cdf71c08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95d68d20-ce48-4bc4-a89b-d42a294520bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 623488c8-42b4-43d0-a274-f35f4e2695c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4AwH11IAMFfCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d1-1226750c2e9dbe517b1211e3;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Wvq8PJEuXz7Yf5QE2phHXPYPCLWzIR1MXWiJKyN84yHINqK6H_ZQrQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:05:39 GMT
age: 21317
etag: "84b9d58a1cf4174f1a55b1c3475a09d579094f19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8179 bytes)
Hash
311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 18655
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6746 bytes)
Hash
1cfd2bbdab3f88f525c53c375a0e0439
b0a5af508496c98460212497f6e75a0ddfc7f2de
9fd863a6e673c348b4e5cbc3e4747d48e87b4699e9fed7ae9590e36ae72ad9c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F525e2750-67bb-410b-9408-34845ca67f18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6746
x-amzn-requestid: 50f40893-5343-473d-96ff-e59b0c7ec77e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pFx6oAMF1cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-79cff8fe348074d505426909;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s4Zf3VmA9ybuz7NQdvaolSHSFvGyZ0niRgZtogYnTNWEatHRouG3Sw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:01:55 GMT
age: 21541
etag: "b0a5af508496c98460212497f6e75a0ddfc7f2de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6524c56-aea0-48f9-a1c0-2eb8b37618cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8401 bytes)
Hash
39ae12151067969e63a9064a2b273e03
9450229c82f195e4b62c0862650dbb3d159b46e8
7b462d7f52643ca683c18d789d2adc4475c64e655489513a2faa1edbd69eecd3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6524c56-aea0-48f9-a1c0-2eb8b37618cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8401
x-amzn-requestid: f90a46ff-cf1f-4a27-a85c-088fdca3abb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BDF1zIAMF-EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d3-7496cf2770c9b22924b2a11c;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R6ftXKYEOemnZcKjNanVHiKnPEQw34DUyLPODM5DCcqIGU50qVvNIA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:06:53 GMT
age: 21243
etag: "9450229c82f195e4b62c0862650dbb3d159b46e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8011441-85ad-4414-9c3d-7ae1b86acd3f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6926 bytes)
Hash
dc3cc57336eca8e3d0e307bbd970b90e
cd3fffde0e1ab3cdd48b1fd969dbc7cb77daaf6e
9aae742b419b8b6d2371c3e2082d15a8974f530230367e82b6aa7961e41919c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8011441-85ad-4414-9c3d-7ae1b86acd3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6926
x-amzn-requestid: ef7f28d4-3d5e-40ad-89f8-77817630530e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERRH3ToAMFylg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb407-42738f8437edfc5440ae59e7;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c_-xjk5YlgjsKQG_Jd-YL3G4bGYCBiOZvg-1IP-0sxbNgtI9ZgHpcg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 05:22:40 GMT
age: 81496
etag: "cd3fffde0e1ab3cdd48b1fd969dbc7cb77daaf6e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 78555
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/

134.0.10.77

200 OK

13 kB

URL HTTP/2
www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9422), with CRLF, LF line terminators
Size
13 kB (13276 bytes)
Hash
fcedfdd01bfbfbb76fc48ef191cbb713
7059d4838f3894849ab4a9e81ce5f7a81a7508a3
d9fa21fb3c77bf016c16841382246a66329832cc9c022770ca38f5ba0755b3b8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ca/cadena-de-valor-castelldefels-gava-begues/ HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
dlm-no-waypoints: true
x-pingback: https://www.creda.es/xmlrpc.php
link: <https://www.creda.es/wp-json/>; rel="https://api.w.org/", <https://www.creda.es/wp-json/wp/v2/posts/6301>; rel="alternate"; type="application/json", <https://www.creda.es/?p=6301>; rel=shortlink
set-cookie: pll_language=ca; expires=Fri, 08-Dec-2023 04:00:56 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax
vary: Accept-Encoding
content-encoding: gzip
content-length: 13276
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 04:00:55 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/css/classic-themes.min.css?ver=1

134.0.10.77

200 OK

189 B

URL HTTP/2
www.creda.es/wp-includes/css/classic-themes.min.css?ver=1
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:36:09 GMT
etag: "d9-5ef1241650728-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8

134.0.10.77

200 OK

12 kB

URL HTTP/2
www.creda.es/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:36:09 GMT
etag: "172a9-5ef12416499c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12518
content-type: text/css
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp-child/style.css?ver=5.6.2

134.0.10.77

200 OK

373 B

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp-child/style.css?ver=5.6.2
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (380)
Size
373 B (373 bytes)
Hash
c6294d1275865a97d766660e98d5d8a7
3834f2c6c4314b085131743070c17a82f95f99dc
95a73cd8dad4423adc9e6f2ef7a44850d0f69dc2d69c8bcbd3013fec8a9863c2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/notio-wp-child/style.css?ver=5.6.2 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 22:37:16 GMT
etag: "287-5ccb145d9d04a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 373
content-type: text/css
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

134.0.10.77

200 OK

4.2 kB

URL HTTP/2
www.creda.es/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 10 Oct 2022 15:57:53 GMT
etag: "2bd8-5eab038e79a26-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4169
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.creda.es/wp-content/uploads/2019/04/logo-foot-CREDA-en.png

134.0.10.77

200 OK

5.8 kB

URL HTTP/2
www.creda.es/wp-content/uploads/2019/04/logo-foot-CREDA-en.png
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
PNG image data, 148 x 60, 8-bit/color RGB, non-interlaced\012- data
Size
5.8 kB (5840 bytes)
Hash
23411ae996a1060a750c336b58d904e4
bdc99a35c488d97b0ee1c002cbfb7643bb79f149
9dd58f91cbdd9b494d8c090234cbab40a2569181ac00efb676f8c34afa1061cd

HTTP Headers

GET /wp-content/uploads/2019/04/logo-foot-CREDA-en.png HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 22:31:50 GMT
etag: "16d0-5ccb1326b1a07"
accept-ranges: bytes
content-length: 5840
content-type: image/png
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp/assets/img/logo.png

134.0.10.77

200 OK

2.0 kB

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/assets/img/logo.png
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
PNG image data, 154 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1979 bytes)
Hash
013a6a2be51cd481d7d6e6c52905f5ce
37673b1c0325599c4b4e19c5c8a3a7a9b80742e0
845a75b706a1285214620b3916706e4fd37b934ac91a8f9797a2692495f06d7c

HTTP Headers

GET /wp-content/themes/notio-wp/assets/img/logo.png HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:39 GMT
etag: "7bb-5ef12269efd26"
accept-ranges: bytes
content-length: 1979
content-type: image/png
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

134.0.10.77

200 OK

31 kB

URL HTTP/2
www.creda.es/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (65447)
Size
31 kB (30995 bytes)
Hash
1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:36:08 GMT
etag: "15e54-5ef12415cf8a5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30995
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.creda.es/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0

134.0.10.77

200 OK

46 kB

URL HTTP/2
www.creda.es/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (65358)
Size
46 kB (45824 bytes)
Hash
0902fa9f63e10af7c49b808e93b8d3f9
e429b5b8174e6b7d84f837e128e3aa8a418b5fd3
8a621e96052c745b5a7c85be91b0fec9d7f913346ee4282102f7f141f79f9318

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 11 Jan 2022 11:57:30 GMT
etag: "76891-5d54d2863cc5d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 45824
content-type: text/css
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp/assets/css/app.css?ver=5.6.2

134.0.10.77

200 OK

56 kB

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/assets/css/app.css?ver=5.6.2
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
56 kB (55516 bytes)
Hash
9c62830905c519efed0986f92ff3c79b
b61ed31d6b2908573319a8a0b49a00bf96981e71
2e84afa404877135639483e0f3fadac87a57aa416fc91f866a7c0a03f229da1f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/notio-wp/assets/css/app.css?ver=5.6.2 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:40 GMT
etag: "7bdfc-5ef1226a1aca7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 55516
content-type: text/css
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/uploads/2019/05/rrss-linkedin.png

134.0.10.77

200 OK

2.3 kB

URL HTTP/2
www.creda.es/wp-content/uploads/2019/05/rrss-linkedin.png
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
PNG image data, 60 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2318 bytes)
Hash
c4cc2b5d5ac1d2a26ce3e57c9ec50ac0
75ae50d4b9a5ffdd75bbd29a6cb4593c9430a67e
6cbb758ad17fd62075d078b91143251e98a6eca0024d4bb7cc910db99d5fdae8

HTTP Headers

GET /wp-content/uploads/2019/05/rrss-linkedin.png HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 22:30:54 GMT
etag: "90e-5ccb12f0f456a"
accept-ranges: bytes
content-length: 2318
content-type: image/png
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/uploads/2019/04/rrss-twitter.png

134.0.10.77

200 OK

2.0 kB

URL HTTP/2
www.creda.es/wp-content/uploads/2019/04/rrss-twitter.png
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
PNG image data, 60 x 58, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1987 bytes)
Hash
bc846c7710b8fa1a64d974b7b41283a3
0f931dfba5cfae086c2294a971996717acffc1f4
c09bcaf5e8cb1df71386e30b47ef777e8e6f1983fc24bb8d18080bf295b5c245

HTTP Headers

GET /wp-content/uploads/2019/04/rrss-twitter.png HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 22:31:55 GMT
etag: "7c3-5ccb132b7276b"
accept-ranges: bytes
content-length: 1987
content-type: image/png
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.60

134.0.10.77

200 OK

2.2 kB

URL HTTP/2
www.creda.es/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.60
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (7960), with no line terminators
Size
2.2 kB (2180 bytes)
Hash
09bdafb0747693adf14b24ecb38013dd
b41af3f744e577799f8687f76d45aa62dd778f6f
0b69ee8a7bcb068fd696b071c5b83b1a5cc433f50add06bbbf319b3649cf07c2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.60 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:29:05 GMT
etag: "1f18-5ef12282b1beb-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2180
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8

134.0.10.77

200 OK

1.4 kB

URL HTTP/2
www.creda.es/wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (2946)
Size
1.4 kB (1351 bytes)
Hash
28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 10 Oct 2022 15:57:53 GMT
etag: "ba5-5eab038e75ba6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1351
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8

134.0.10.77

200 OK

5.0 kB

URL HTTP/2
www.creda.es/wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 10 Oct 2022 15:57:53 GMT
etag: "48b9-5eab038e72cc6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5009
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/uploads/2019/05/CREDAcat-UPC-IRTA.png

134.0.10.77

200 OK

26 kB

URL HTTP/2
www.creda.es/wp-content/uploads/2019/05/CREDAcat-UPC-IRTA.png
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
PNG image data, 570 x 110, 8-bit/color RGB, non-interlaced\012- data
Size
26 kB (26541 bytes)
Hash
033888de984c3fe03688334ecd3b79bc
d86e1ca157deface33ce1438f595b2d05a757553
3a6cf745a7792fa29460a839da8b8baeca6d5f82f760a7f8f0c209e5874c15a0

HTTP Headers

GET /wp-content/uploads/2019/05/CREDAcat-UPC-IRTA.png HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 22:30:51 GMT
etag: "67ad-5ccb12ee71bd3"
accept-ranges: bytes
content-length: 26541
content-type: image/png
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0

134.0.10.77

200 OK

5.7 kB

URL HTTP/2
www.creda.es/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (19905)
Size
5.7 kB (5666 bytes)
Hash
d3edefe85e1438b44fc6cc7c29b0a570
0122a5c210765d124751b3cf5dd56cc2cf432258
f53f905eec203f05d8277f4de51644307cc91a749d7cc4176ddddd7a8671e9bb

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.8.0 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 14 Nov 2022 08:24:13 GMT
etag: "4e9c-5ed69f6eb55bf-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5666
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-includes/js/underscore.min.js?ver=1.13.4

134.0.10.77

200 OK

7.3 kB

URL HTTP/2
www.creda.es/wp-includes/js/underscore.min.js?ver=1.13.4
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (18798)
Size
7.3 kB (7311 bytes)
Hash
3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:36:08 GMT
etag: "4991-5ef12415e6005-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7311
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp/assets/js/app.min.js?ver=5.6.2

134.0.10.77

200 OK

11 kB

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/assets/js/app.min.js?ver=5.6.2
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
ASCII text, with very long lines (36923), with no line terminators
Size
11 kB (10620 bytes)
Hash
3f4aec1da0ec76638adaa3a7eabb8b47
9b19e158c5d2d9a25db324e1de25ece25701693e
32ef046759c735611a7b8125df89b674bee25d7cb19f0abe18bd659bc4cb12e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/notio-wp/assets/js/app.min.js?ver=5.6.2 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:39 GMT
etag: "903b-5ef12269edde6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10620
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp/style.css

134.0.10.77

200 OK

732 B

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/style.css
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
HTML document, Unicode text, UTF-8 text, with very long lines (381)
Size
732 B (732 bytes)
Hash
d13b895397c598d4b354ca323a5c8b88
63a52505a975ff6a4fe9e4735a8851e6359aa958
2f1de3501d0c141f72c60b096e0b70947b6a25da47c3afa74ab5d9a3c4c66a4e

HTTP Headers

GET /wp-content/themes/notio-wp/style.css HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/wp-content/themes/notio-wp-child/style.css?ver=5.6.2
Cookie: pll_language=ca
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:40 GMT
etag: "544-5ef1226a7c729-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 732
content-type: text/css
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/uploads/2022/04/para-Castelldefels-Cristina-Escobar-Gonzalez-1027x600.jpg

134.0.10.77

200 OK

233 kB

URL HTTP/2
www.creda.es/wp-content/uploads/2022/04/para-Castelldefels-Cristina-Escobar-Gonzalez-1027x600.jpg
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 1027x600, components 3\012- data
Size
233 kB (232612 bytes)
Hash
b8a2904392bbb5e3cb2d07e9ef71a326
432f2bb963e875e928ef6da38314db34db06613e
0c0d0f5812762ac0482b394ae27dabc09ba59329b52fc5dd2a9609c4b8daf449

HTTP Headers

GET /wp-content/uploads/2022/04/para-Castelldefels-Cristina-Escobar-Gonzalez-1027x600.jpg HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 18:39:58 GMT
etag: "38ca4-5dc8d81250eb9"
accept-ranges: bytes
content-length: 232612
content-type: image/jpeg
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.creda.es/wp-content/themes/notio-wp/assets/img/preloader.gif

134.0.10.77

200 OK

69 kB

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/assets/img/preloader.gif
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
GIF image data, version 89a, 110 x 110\012- data
Size
69 kB (69302 bytes)
Hash
f1983138bd7f3f918cef32e92c788b3f
d21c124a0f5b327c31588c107aafcd4ac6208220
b6583cf6db533630e4169df52458116d1101e1ff90a2043f44230f7fbe8937b8

HTTP Headers

GET /wp-content/themes/notio-wp/assets/img/preloader.gif HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/wp-content/themes/notio-wp/assets/css/app.css?ver=5.6.2
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:39 GMT
etag: "10eb6-5ef12269eed86"
accept-ranges: bytes
content-length: 69302
content-type: image/gif
date: Thu, 08 Dec 2022 04:00:57 GMT
server: Apache
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

134.0.10.77

200 OK

77 kB

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/notio-wp/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.creda.es/wp-content/themes/notio-wp/assets/css/app.css?ver=5.6.2
Cookie: pll_language=ca
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:39 GMT
etag: "12d68-5ef12269e9f66"
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Thu, 08 Dec 2022 04:00:57 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2

216.58.207.227

200 OK

39 kB

URL HTTP/2
fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 38720, version 1.0\012- data
Size
39 kB (38720 bytes)
Hash
5342b2bb527c1805890cfe977169338a
cb0b7569ea75637b94cae5196682f70e83e84639
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d

HTTP Headers

GET /s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.creda.es
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:16:52 GMT
expires: Tue, 05 Dec 2023 21:16:52 GMT
cache-control: public, max-age=31536000
age: 197045
last-modified: Mon, 18 Jul 2022 18:41:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 04:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.creda.es/favicon.ico

134.0.10.77

200 OK

0 B

URL HTTP/2
www.creda.es/favicon.ico
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
dlm-no-waypoints: true
link: <https://www.creda.es/wp-json/>; rel="https://api.w.org/"
set-cookie: pll_language=en; expires=Fri, 08-Dec-2023 04:00:58 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 04:00:57 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9596 bytes)
Hash
c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 20859
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.creda.es/wp-content/themes/notio-wp/assets/js/vendor.min.js?ver=5.6.2

134.0.10.77

200 OK

0 B

URL HTTP/2
www.creda.es/wp-content/themes/notio-wp/assets/js/vendor.min.js?ver=5.6.2
IP
134.0.10.77:0
ASN
#197712 10dencehispahard, S.L.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/notio-wp/assets/js/vendor.min.js?ver=5.6.2 HTTP/1.1
Host: www.creda.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/ca/cadena-de-valor-castelldefels-gava-begues/
Cookie: pll_language=ca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 10:28:39 GMT
etag: "609da-5ef12269edde6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 08 Dec 2022 04:00:56 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Overpass%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&display=swap&ver=5.6.2

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Overpass%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&display=swap&ver=5.6.2
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Overpass%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&display=swap&ver=5.6.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.creda.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 04:00:56 GMT
date: Thu, 08 Dec 2022 04:00:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations