Report - noreply-bb5653.ingress-bonde.ewp.live/new-ca

Report Overview

Submitted URL
noreply-bb5653.ingress-bonde.ewp.live/new-ca
IP
63.250.43.1
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-13 10:42:39
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.8 kB	104.18.32.68
noreply-bb5653.ingress-bonde.ewp.live	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	605 kB	63.250.43.2
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.38.146.2
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.credit-agricole.fr	236699	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.3 kB	444 kB	158.191.172.47
cdn.tagcommander.com	13196	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	59 kB	151.101.86.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-12	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca	Credit Agricole S.A.
2022-09-12	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	Credit Agricole S.A.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Book.woff2	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Bold.woff2	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Light.woff2	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Medium.woff2	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/npcicons-crunchy.woff2	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefinedjsonp/inbenta.js	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub	Phishing
2022-09-13	medium	noreply-bb5653.ingress-bonde.ewp.live/libs/granite/csrf/token.json	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js	152 kB	2023-03-07	2024-02-09
Pretty URL www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-02-09 03:10:40 Times Seen139 Hash aaffcbf7942d5bedb07855e48cbc1afa f25521f54b8c29b5df6e5359b6abb5318c31aed4 f37b11cbc5c54f12a2bb8e92bc7dd79240c475feb939cf01010e5213ecbd65f1 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	107 B	2023-03-07	2024-04-18
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen57 Hash d6d7264019032e3edc5803d0b3187ace 49fa14abe0d7bf25d1429c4d3c37c827290e12f7 b2c2935b4bd3a33ee8c245118b5834663a50a07c4b0d7e0f1a223d3837af65cc Loading...

	www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js	80 kB	2023-03-07	2024-01-05
Pretty URL www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js IP 158.191.172.47 ASN #9159 Credit Agricole S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-01-05 07:55:34 Times Seen44 Hash 9b997b2ac9fca6031bd046f1edd29d81 ab6da9eb9972a8a8885c15a8621fd9d43dab3185 b1fb385449a9b9b906c231e1afe9158c7f85706368536b1d4c68e057aa5a15ae Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 01:28:59 Times Seen36950471 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	1.5 kB	2023-03-07	2024-04-18
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:47 Times Seen14 Hash b2aaa8d9cc4ae0e3d92eb7fb9e8f36e4 0d2d8754a1b3536a022eac615e571e9cf4751cc8 cc05a1ddff90a3a467ed09736480c9042e6f73747f563532723a068b95912837 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js	797 kB	2023-03-07	2023-03-11
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-03-11 09:14:45 Times Seen1 Hash e5e7b9bb4e5d0c2b05c9a1db3ce8979a 30d077c3e524aa4bba8ddc5cd191068b086a246b c4a9c8d542b8e3126eced680824230c87dceaaa1745e95f80618d4fb0179364a Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	195 B	2023-03-07	2024-04-18
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen30 Hash 8f3a3565b81ca5b2206ae3298afdb3bc e1c343bd6267f39603f39c5ca2cf04e54cb16bbe bb0092ed74648d17e5e9f5efcdf8a80be7c1106b0e0fef919d1c1d3b0637dc23 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	939 B	2023-03-07	2024-04-18
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen16 Hash 5ebee35de1629ceea1be9eee718c0bd9 aa7bce420496898c2714b95e5525faff43f217bb d4b5ecb746f18fc9ea58720e5484f01aa4e9c49419a7c4f22f0cf8bb878b1276 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	685 B	2023-03-07	2024-01-05
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-01-05 07:55:34 Times Seen17 Hash 18ed251521e4a7619222df0af67b0cc6 5090cc26485d6d2c28b5d0585b23b8ee684bdced 94dc5794be35ef60a130a36f3c3533182cb85a1504a21a078875c59e9dee9eb1 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	43 B	2023-03-07	2024-04-18
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen34 Hash 8dee4120547c8a4baf8181eb2c7c2b6a 0726904081d591683ebe0eff12c8181cab617e0f 29e78eeb6d94ab14e279be1bd07e1d0f36778de1c7cf8d6426c219eb2d06f845 Loading...

	www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js	25 kB	2023-03-07	2024-01-05
Pretty URL www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js IP 158.191.172.47 ASN #9159 Credit Agricole S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-01-05 07:55:34 Times Seen9 Hash fed0763fde2431a7c1b27d703f22ca4e b10204ca1a7367d58fbaefca9325adfd5edc06cc f76a42b2e19645540c38e767cc5487fe3492e96268221afce53a90706e8f51e5 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	4.5 kB	2023-03-07	2023-03-11
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-03-11 09:14:46 Times Seen1 Hash 907da7dd4a662e1a55b6f8d544d53cd3 4219c130f5ad0ec84c4d5a96fe2b7345d89ffd53 3e64ba7d8f21a68eed29dc2422f98411a21121e8f7b83241de2f6d1596629dbd Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	872 B	2023-03-07	2023-11-26
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-11-26 13:10:51 Times Seen6 Hash 9081e57bed89890fc4a0fe01579450b5 4ef49e513a42c278bae8d7759a29be097ab92d03 861b842fc949d3166243f0246ed13ccaf3d72fea766e1baca7340ffe22d355a4 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	267 B	2023-03-07	2023-11-26
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-11-26 13:10:51 Times Seen11 Hash d0003cd000cacd8d26772d815fe21db4 95e9c4949c4364cad2daa047b07bc044e9830cb2 85326764480464a5443a1c3d38c2574d0906562447ac0cb5322db83747774b0c Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	3.0 kB	2023-03-07	2023-03-11
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-03-11 09:14:46 Times Seen1 Hash 40e96ab32933d9204a120fde44ce64db b9725b262a4393273e6bb764728ac42f164fea50 2171634985d5c799e0f936b3929b5cfeac0c1f734a4ee8d1b23d094cfc4b2196 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	132 B	2023-03-07	2024-01-05
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-01-05 07:55:33 Times Seen23 Hash e206d98a719ab1c1cc6d260f7d15865e e1629505b0dcd82474fea769e4bd3e462d6fee2f 701e901ae5cec0cfd711ab0b339e8751f39fd0d014c3080958473d001fec3df7 Loading...

	cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js	210 kB	2023-03-07	2023-03-11
Pretty URL cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js IP 151.101.86.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-03-11 19:45:55 Times Seen1 Hash 6477af242f57fe3f52b893205a44526c fed097e82a0288b14cc94b1fe6e0e56aaff95d2a 8eac7ecac5b6e6e75c9421ea7070f00fe9128bea0da7805a7514ad6962b448f3 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	5.2 kB	2023-03-07	2023-04-02
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-04-02 21:22:26 Times Seen10 Hash 62e623fabf12e8e1fb0e7365bf446ac5 4fcacd0fc03dfe3c42c60ac5e0610bf6211f80d0 06f95ef6ce44a4fedf3aaa217c858845c5183852f80e8af614cbd7ce4750df4d Loading...

	www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js	5.6 kB	2023-03-07	2024-04-18
Pretty URL www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js IP 158.191.172.47 ASN #9159 Credit Agricole S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen96 Hash 579a107dd681c49bc61dae63734043cb 4bafe4046cb65973bb961cc58005ab8c919e9410 ccfaed1510758f03a3e906fdf12069ff973d37d71316220c240a2ddd1fef6cf8 Loading...

	www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js	12 kB	2023-03-07	2024-04-18
Pretty URL www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js IP 158.191.172.47 ASN #9159 Credit Agricole S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen538 Hash 423ec59365a85ebded314ad7311ef508 41d14b0fbb6c2e98b1cce2c476ff22e79799ec7b 7ab2e59e0914ae8a584648bf864b74b320f9281399508a1cfb346e8243e539a5 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	3.3 kB	2023-03-07	2024-04-18
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-04-18 11:02:48 Times Seen30 Hash eb99b878ffe5ddd938c43893a33b8490 e50e68c3b90a6e34b1fc759f63690681271cff54 1608196d6377e3462500d33d3b902746b54114e680555b5d98edb18b46796660 Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	5.4 kB	2023-03-07	2023-03-11
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-03-11 22:08:47 Times Seen1 Hash 4f2e02ee1ecc4b5e6fec496684fda4ad 8d469af11e502820be55557069349ed85f68babb 7e2a04e45ddfe41c232f1899f18b305069d0d27a8f8e1c45c8cf3df946e6697f Loading...

	noreply-bb5653.ingress-bonde.ewp.live/new-ca/	995 B	2023-03-07	2023-04-02
Pretty URL noreply-bb5653.ingress-bonde.ewp.live/new-ca/ IP 63.250.43.2 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2023-04-02 21:30:13 Times Seen13 Hash 0fdc30e9e3ac8303ecfb18edeb95c0df c3d20f728fccc086e6a3cb2787cc01701d05d502 5d38e24b99fe3c4a8e01086a4ca99f8b3a4c9f2b371a54c23a98e075b54d080b Loading...

	www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js	313 B	2023-03-07	2024-01-05
Pretty URL www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js IP 158.191.172.47 ASN #9159 Credit Agricole S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:51 Last Seen2024-01-05 07:55:34 Times Seen26 Hash 87a76470d686bc99a65e1f582ee93f13 f40bd92c490306db4b68f2c2b348ae81700761d3 1fa50064652fb7040962d93f5186c96c9abf81cc84b46a8366759ed759558b10 Loading...

HTTP Transactions (61)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 10:08:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8rhl23SfjbhhNLpEWiFQDLzCzgzNPxNm4GKWIxHomXysxZFIy90WUw==
Age: 2025

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Tue, 13 Sep 2022 11:36:04 GMT
Date: Tue, 13 Sep 2022 10:42:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZZODFKgInuSwG4I9HtMUG0V0qQvVHCNHFUHIgP-MWu5OCU3Bfkdi9w==
age: 22034
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 10:42:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
a72c47294ae917cfa1b64516a6c4efa1
242da3b8559d5fd7b7dbf1e15db710005f785601
a51418857fa27c434ef5d6e0f2ee106c8433dedbb2d44acf0302a1d63bea9f7f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 09:16:00 GMT
Expires: Tue, 20 Sep 2022 09:15:59 GMT
Etag: "242da3b8559d5fd7b7dbf1e15db710005f785601"
Cache-Control: max-age=599009,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c3be7d0b51-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 10:03:22 GMT
Expires: Tue, 13 Sep 2022 10:05:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SZGUDOMghw2q_FDn3WtgvZ4rQq7nKHDUfNeLGH7zHbdNwXwE4FyX1w==
Age: 2347

noreply-bb5653.ingress-bonde.ewp.live/new-ca

63.250.43.2

301 Moved Permanently

162 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
openphish	Credit Agricole S.A.
fortinet	Phishing

HTTP Headers

GET /new-ca HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 13 Sep 2022 10:42:29 GMT
content-type: text/html
content-length: 162
location: http://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 10:42:29 GMT
Last-Modified: Tue, 13 Sep 2022 09:18:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

noreply-bb5653.ingress-bonde.ewp.live/new-ca/

63.250.43.2

200 OK

28 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304), with CRLF line terminators
Size
28 kB (27665 bytes)
Hash
5d2070b804bd9e892c0ad2bb568c0c95
305074fe42359fe52e93666a12e28cc89cb06aa7
774032e2055352b56dd71ccb91a3c932b85efccd87d7f9214dc5c9da5e1aa072

Detections

Analyzer	Verdict	Alert
openphish	Credit Agricole S.A.
fortinet	Phishing

HTTP Headers

GET /new-ca/ HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 45499
x-cache: HIT
accept-ranges: bytes
content-length: 27665
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8bc2f0b51-OSL

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css

63.250.43.2

200 OK

4.6 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (1706)
Size
4.6 kB (4647 bytes)
Hash
1d84c32d430613bb512c2e35d7331cb7
ab032994b22667d0876870161632410d6712fc4a
3f650ae899941fc3ff356e7f573f7f70ce09d1d19e933dbb52a7b032242e896d

HTTP Headers

GET /new-ca/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-4b31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 4647
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css

63.250.43.2

200 OK

3.5 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1706)
Size
3.5 kB (3505 bytes)
Hash
1cc92a85285572be6b54284bd43b5d6a
69e072cd654507d58809b7dd1eaf4144d78fe4ab
913d2fd2a9954b4bf386f97ac88b326aa51be8a51ba50c7be40bab9fbfadaaac

HTTP Headers

GET /new-ca/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-31d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 3505
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css

63.250.43.2

200 OK

3.3 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1706)
Size
3.3 kB (3313 bytes)
Hash
901e90eae4125b35be9a4b2e6c5a3820
455a9708ce7e53bf3a335023646e2d67dd3ecdbd
39eac444c78bbf83d6d638975d560fc834e87ca8d3e2c40eadc0a81dd81bd391

HTTP Headers

GET /new-ca/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-2fad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 3313
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8ca14b52d-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8cc7bb4eb-OSL

www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css

158.191.172.47

200 OK

25 B

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
data
Size
25 B (25 bytes)
Hash
363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943

HTTP Headers

GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:07:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 02 Sep 2022 12:07:29 GMT
Cache-Control: max-age=2592000
Expires: Sun, 02 Oct 2022 12:07:29 GMT
Content-Type: text/css
Age: 945300
X-Cache: HIT
X-Cache-Hits: 1666423
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js

158.191.172.47

200 OK

2.0 kB

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
ASCII text, with very long lines (697)
Size
2.0 kB (2018 bytes)
Hash
35d8650ef29a52aad843bb646b784af9
fbc8c2d86c3bbc702b136a95a78c1198f16b9702
d7050f67214f0b4bfede756d0674e09b063a059ea1ef19bf1222c5bb03cd190e

HTTP Headers

GET /etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:58 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:58 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:58 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2018
Content-Type: application/javascript
Age: 945331
X-Cache: HIT
X-Cache-Hits: 1680649
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9TLVLrGyo4Bo4nsKf+TQwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yk7V3g1G6DSU01UVqVbQJGGmWbc=

www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js

158.191.172.47

200 OK

21 kB

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
Unicode text, UTF-8 text, with very long lines (543)
Size
21 kB (21206 bytes)
Hash
0f9698f3b98184c4f3339a514c6cacd8
b8a401e2b96d9ea931380288dedae8ff0a289ef1
eb205de4970ff5276f5dc203e9a19451147c945dc49024a85b2f42d1611377d6

HTTP Headers

GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:07:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 02 Sep 2022 12:07:29 GMT
Cache-Control: max-age=2592000
Expires: Sun, 02 Oct 2022 12:07:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21206
Content-Type: application/javascript
Age: 945300
X-Cache: HIT
X-Cache-Hits: 1673425
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js

158.191.172.47

200 OK

211 B

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
ASCII text, with very long lines (313), with no line terminators
Size
211 B (211 bytes)
Hash
ec818eb11121655b17a6fb83488e4554
0559cdabdc6ae6faf8dd3e6c3728f94443d96f1c
5f74bf966f485c3cdab1770f99d0bb7d6f4fdc4750e01288003e2daceb852089

HTTP Headers

GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:07:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 02 Sep 2022 12:07:05 GMT
Cache-Control: max-age=2592000
Expires: Sun, 02 Oct 2022 12:07:05 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Content-Type: application/javascript
Age: 945324
X-Cache: HIT
X-Cache-Hits: 1808295
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js

158.191.172.47

200 OK

6.7 kB

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
ASCII text, with very long lines (679)
Size
6.7 kB (6674 bytes)
Hash
15f73cdfc00596b0e726695d7d967082
559cdb3e94a374771c7666cc9a0bec2d35c23707
7ab899234ee7533ef7e16d523b17ebfe4b983ac8f7b2913bb43aec57ea7229af

HTTP Headers

GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:46:02 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:46:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:46:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6674
Content-Type: application/javascript
Age: 856587
X-Cache: HIT
X-Cache-Hits: 62601
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css

63.250.43.2

200 OK

4.1 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1706)
Size
4.1 kB (4067 bytes)
Hash
6c8b4dc7e80249e5d5f9034bb30d2f12
730e7fdfb48197eee3a85f83d8fab2aab87bfce1
af405241aa6af050a11387c6a0d1319a3fd80ff7d9aeeb139d9a51ade09e4216

HTTP Headers

GET /new-ca/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-3dcb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 4067
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8cc8c0b55-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8cbb51c16-OSL

www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js

158.191.172.47

200 OK

125 kB

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
Unicode text, UTF-8 text, with very long lines (567)
Size
125 kB (125217 bytes)
Hash
c8b977e07f47b5618206dc2d3c1ce2bf
3640602e969ea4f811305a51aa97a61f3114ae19
83fd9d50794ef11fc8a202476b193d3dbdd1d016744253fe0f1dca37da8e021b

HTTP Headers

GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 09:28:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 31 Aug 2022 09:28:36 GMT
Cache-Control: max-age=2592000
Expires: Fri, 30 Sep 2022 09:28:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Age: 1127633
X-Cache: HIT
X-Cache-Hits: 2188002
Accept-Ranges: bytes
Content-Length: 125217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js

158.191.172.47

200 OK

3.9 kB

URL HTTP/1.1
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
ASCII text, with very long lines (547)
Size
3.9 kB (3936 bytes)
Hash
463049d793eabdbac8ae4e57b2a10ca7
011665ca0f2ca4db6e59f2f3cc3d9ddadbf11730
517abbf818972325e19936a02cac32ea14de3e1af6590ce46a27f35ab1e3dd8f

HTTP Headers

GET /etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:21:13 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:21:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:21:13 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3936
Content-Type: application/javascript
Age: 944476
X-Cache: HIT
X-Cache-Hits: 1659337
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png

158.191.172.47

200 OK

2.0 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
PNG image data, 83 x 64, 8-bit/color RGB, non-interlaced\012- data
Size
2.0 kB (2037 bytes)
Hash
a5777291aa794d7d07285c839571662a
284f3d6b64462c946a640072bb57e512307bf8ab
1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3

HTTP Headers

GET /content/dam/assetsca/npc/logos/logo_ca.png HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:45:54 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:45:54 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:45:54 GMT
Content-Length: 2037
Content-Type: image/png
Age: 856595
X-Cache: HIT
X-Cache-Hits: 1468379
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg

158.191.172.47

200 OK

4.7 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.7 kB (4738 bytes)
Hash
cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:51 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:51 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:51 GMT
Content-Type: image/svg+xml
vha6-origin: cats-rd17-prd
Age: 945339
X-Cache: HIT
X-Cache-Hits: 440776
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg

158.191.172.47

200 OK

6.3 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
6.3 kB (6260 bytes)
Hash
6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:59 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:59 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:59 GMT
Content-Type: image/svg+xml
Age: 945330
X-Cache: HIT
X-Cache-Hits: 452431
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css

63.250.43.2

200 OK

172 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8828)
Size
172 kB (171970 bytes)
Hash
90fbf56d9969eb4bf72f5223635463d1
820290b172634487df9456a43b107efe3c9923a6
040db686c8365b3cb9771d4f8fe0e5beeaa168206131bc0ab323f65ea540b450

HTTP Headers

GET /new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-14260d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 171970
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js

63.250.43.2

200 OK

198 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (566), with CRLF line terminators
Size
198 kB (198211 bytes)
Hash
95aed53d2048e08bb4c0d9af389e10c8
a35071ef43157a914af03e47e94b04628bd4be14
195b69ab2ae781960c93611145857fc5709bc0a8556fef0b7536e0f456c5e2f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/js/client-edited.js HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:22 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-c2a1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45487
x-cache: HIT
accept-ranges: bytes
content-length: 198211
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js

151.101.86.132

200 OK

58 kB

URL HTTP/2
cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
IP
151.101.86.132:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (55009)
Size
58 kB (58282 bytes)
Hash
9f32c7b6634934b6934cfb7d33db6077
65190ad5976e89276df3d92cb698cd9306aedd25
85fc26877b736d3d28d43f5eab74addf03f1e85288ab5a1f60f7f556e1c19a79

HTTP Headers

GET /3315/tc_PortailClientCreditAgricole_1.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uYv82oHFPM69xTtYvxDcuSCg1n9Mf82/vKVp3ezPaSBf1tDeHVYrrVPb1hZH3VecrkTyZt2lsHg=
x-amz-request-id: 2QF64GYDMJHT46SY
cache-control: max-age=86400, must-revalidate
last-modified: Fri, 22 Jul 2022 12:56:43 GMT
etag: "6477af242f57fe3f52b893205a44526c"
content-type: application/javascript
server: AmazonS3
x-cdn: FASTLY
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 31536000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 10:42:30 GMT
via: 1.1 varnish
age: 17725
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1663065751.579716,VS0,VE0
vary: Accept-Encoding
content-length: 58282
X-Firefox-Spdy: h2

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg

158.191.172.47

200 OK

244 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size
244 kB (243919 bytes)
Hash
b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:46:10 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:46:10 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:46:03 GMT
Content-Length: 243919
Content-Type: image/jpeg
Age: 856580
X-Cache: HIT
X-Cache-Hits: 39662
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Book.woff2

63.250.43.2

200 OK

42 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Book.woff2
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 41728, version 3.19726\012- data
Size
42 kB (41728 bytes)
Hash
d838b98f75e3cb9574f9b8b796eb1e8f
fcdf131af872ce9ecda9a437cdf67d23c5940d97
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/fonts/Gotham-Book.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 41728
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-a300"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45487
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Bold.woff2

63.250.43.2

200 OK

39 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Bold.woff2
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 39264, version 3.19726\012- data
Size
39 kB (39264 bytes)
Hash
003e90cf8cb3f8b4bef30d6764da18ed
512e44f40b54d0e5e081dda9fd5ea8a4429a508c
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/fonts/Gotham-Bold.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 39264
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-9960"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45486
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Light.woff2

63.250.43.2

200 OK

40 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Light.woff2
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 40280, version 3.19726\012- data
Size
40 kB (40280 bytes)
Hash
7624ae091962735719fb82bf900c22b7
393477ccdcd62b914d90dd379dd7d677d761e416
e266d1f2bcf1da0faff6964637fdcd9a4e47c50a7a56be74424f409f30c83c5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/fonts/Gotham-Light.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 40280
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-9d58"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45486
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Medium.woff2

63.250.43.2

200 OK

42 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Medium.woff2
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 41488, version 3.19726\012- data
Size
42 kB (41488 bytes)
Hash
68ce85d44fef05344ea74f94f3e6b472
3a380914e04ef35820bbe619e1f902d4b250a997
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/fonts/Gotham-Medium.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 41488
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-a210"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45486
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2

63.250.43.2

404 Not Found

146 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff

63.250.43.2

404 Not Found

146 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10366 bytes)
Hash
8c1314c7778ea0d32e8c69dae0c38b6d
c4772b9b182f9f905fead84f3761fe296073ca65
5fc8dc23f9b4d150b834aa69b358edd9f9f5f449607df07d579df66098d8aac6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10366
x-amzn-requestid: c66a0e06-d45c-4d16-ba0c-bf6a2368cfc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVQPkH2RoAMFX2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ec730-5174741f2d86d3ea018e452f;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 05:44:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0ieBLVDdyIQuPO5pdM8wzjY2XwaMhLJhJWAUtsLfgiWTKVBTOws1tQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:04 GMT
etag: "c4772b9b182f9f905fead84f3761fe296073ca65"
content-type: image/jpeg
age: 45867
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:16:59 GMT
age: 44732
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7965 bytes)
Hash
47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 41432
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10849 bytes)
Hash
838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 46813
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9945 bytes)
Hash
c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 46811
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9606 bytes)
Hash
6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 45972
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/favicon.ico

63.250.43.2

204 No Content

0 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/favicon.ico
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 12 Sep 2022 22:44:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 43107
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf

63.250.43.2

404 Not Found

146 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:31 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/npcicons-crunchy.woff2

63.250.43.2

200 OK

16 kB

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/npcicons-crunchy.woff2
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 16124, version 1.0\012- data
Size
16 kB (16124 bytes)
Hash
7eefcde0bd0f11ff896e571772c36544
7e205d90e6f19f35ee0f73f51d67f9377b8a0b64
2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/fonts/npcicons-crunchy.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:27 GMT
content-type: font/woff2
content-length: 16124
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-3efc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45484
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg

158.191.172.47

200 OK

6.3 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
6.3 kB (6260 bytes)
Hash
6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:45:55 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:45:55 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:45:54 GMT
Content-Type: image/svg+xml
Age: 856595
X-Cache: HIT
X-Cache-Hits: 410982
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg

158.191.172.47

200 OK

4.7 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.7 kB (4738 bytes)
Hash
cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:52 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:52 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:51 GMT
Content-Type: image/svg+xml
Age: 945339
X-Cache: HIT
X-Cache-Hits: 437685
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg

158.191.172.47

200 OK

4.7 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.7 kB (4738 bytes)
Hash
cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:51 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:51 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:51 GMT
Content-Type: image/svg+xml
vha6-origin: cats-rd17-prd
Age: 945340
X-Cache: HIT
X-Cache-Hits: 440779
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg

158.191.172.47

200 OK

4.7 kB

URL HTTP/1.1
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP
158.191.172.47:0
ASN
#9159 Credit Agricole S.A.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.7 kB (4738 bytes)
Hash
cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb

HTTP Headers

GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:59 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:59 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:59 GMT
Content-Type: image/svg+xml
Age: 945331
X-Cache: HIT
X-Cache-Hits: 437628
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefinedjsonp/inbenta.js

63.250.43.2

404 Not Found

146 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefinedjsonp/inbenta.js
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/undefinedjsonp/inbenta.js HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:31 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined

63.250.43.2

404 Not Found

0 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/undefined HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined

63.250.43.2

404 Not Found

0 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /new-ca/undefined HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub

63.250.43.2

404 Not Found

0 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

noreply-bb5653.ingress-bonde.ewp.live/libs/granite/csrf/token.json

63.250.43.2

404 Not Found

0 B

URL HTTP/2
noreply-bb5653.ingress-bonde.ewp.live/libs/granite/csrf/token.json
IP
63.250.43.2:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /libs/granite/csrf/token.json HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP