ocsp.sectigo.com/
172.64.155.188 472 B IP 172.64.155.188:0
Hash 0c9f307e66541d3f5804faa8c5c0a057
a5e14dbc85e371877b403a2dd9bdab52137042d1
c497d44670d78b07144df90dc58dfc2098c161e57f9eb3ef17b3265152ebeb4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 20 May 2023 10:30:18 GMT
Expires: Sat, 27 May 2023 10:30:17 GMT
Etag: "a5e14dbc85e371877b403a2dd9bdab52137042d1"
Cache-Control: max-age=419544,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb583710f6eb4eb-OSL
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
85.119.122.20 746 B URL vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
IP 85.119.122.20:0
ASN #200805 Melita Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1339), with no line terminators
Hash 4f1c6f7d4578c9ed06d3490769d05774
f355bd3e53d888efd7b418be57736351ecde2336
1ad31bb9729a8a0bc3eee5cf1e43e9ac0f3a8f441b0d83a6c547c943737c570b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akrammurottal.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "53c-5fc1f35ce3cd5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 746
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
104.17.25.14200 OK 452 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
IP 104.17.25.14:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1061), with no line terminators
Hash dbc106ca6d0c4ee846b9480da7512270
38ddb471f69ea9d18a009abc518fa5aa693bcfe9
0e5c9c430c430273551c46e69d58bec076c4171a41f56ef0411e670a76651a7c
GET /ajax/libs/adblock-detect/1.0.5/index.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vallettaferryservices.com
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 13:47:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 452
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf5-425"
last-modified: Mon, 04 May 2020 16:04:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 468259
expires: Sat, 11 May 2024 13:47:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWzyM0P8FJdnQ%2B44EbhSW20zyYNUgb%2FGsj4E78ps8%2FHL1F3wZquTUIYQagpLE17sYC4yBSfHvu260rs2LGbu8NUDs17QevrB63GX1hBydl8TT8vG5Z4LZF2Usj9MbihjxF33s%2F1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cb58374199ffab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/config/init.js
85.119.122.20200 OK 364 B URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/config/init.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
Hash ba731501f1f862240fd5b99f9d466118
456f047f945f376f7b8257cb8311d08b047d0e22
14252886809fbed0c79fe36144bf8e8e5278672a0b9f749abda8181a645ee884
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/config/init.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "1f7-5fc1f35ce1d95-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 364
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.sectigo.com/
172.64.155.188 472 B IP 172.64.155.188:0
Hash 2c8cb24f1185d8dbaf0596151f6fe0f4
38efb199337658898ec924241da7af194ced9f70
4af51c66c29b47bb32376a3f9bcd9734d37948c1fddc2b9e8618d2d60d8567f3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 11:49:57 GMT
Expires: Fri, 26 May 2023 11:49:56 GMT
Etag: "38efb199337658898ec924241da7af194ced9f70"
Cache-Control: max-age=338374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb583742b68b4eb-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 8d1ffc63ece540992319c6f7637db168
b84a5580317750f11fea9fb0ca41710c88e66d38
905441c3ec5505f8196be1b4c4123cd1862bc6f03ce2bc5cf5fe37b21e07c907
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 13:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/app.ccab8aee.css
85.119.122.20200 OK 788 B URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/app.ccab8aee.css
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (2181), with no line terminators
Hash 108ad02f2daf10fc7529f1c8e3dd6b3a
8f4c4ae2f1edd215a9393db4843d37481d668259
d918c60f3e4b699d30b2c0e3ecf676ccb0846999c129b5cd64bdb03566248399
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/app.ccab8aee.css HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "885-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 788
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/app.f08ebc70.js
85.119.122.20200 OK 2.9 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/app.f08ebc70.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (6576), with no line terminators
Hash 9688d1e3d8b7fa23442503639d2452f3
a8ce827f2d0d979fbf6635e21118ce045f567c7e
6bb2742407ad7e6d0b921b6a8041e7724c5d862c5914495fb02d54c6e0eadb77
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/app.f08ebc70.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "19b0-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2949
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 8d1ffc63ece540992319c6f7637db168
b84a5580317750f11fea9fb0ca41710c88e66d38
905441c3ec5505f8196be1b4c4123cd1862bc6f03ce2bc5cf5fe37b21e07c907
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 13:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.akrammurottal.net/readme.html
103.147.154.77 155 kB URL www.akrammurottal.net/readme.html
IP 103.147.154.77:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Size 155 kB (154661 bytes)
Hash 51f350ecdd1e9bc4595c975e0a20fcb2
2eb1e4e721f754635b5a15c16d968333567f5485
81c2f90e48983683388ed2150c3f76c7913fccf7c75f0972beea3f5215d54ee3
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /readme.html HTTP/1.1
Host: www.akrammurottal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
vary: Accept-Encoding
server: DomaiNesia
dn-request-id: 0f3b0b9b804a15fef8fc7db8fed63d4e
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=63072000; includeSubDomains; preload
static-cache-status: MISS
date: Mon, 22 May 2023 13:47:49 GMT
x-page-speed: DomaiNesia
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css
85.119.122.20200 OK 81 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0273d04d26a575b2698126dcd340c5a9
ef488214d4b44eae865461e5b12dea40ba080149
5054980ee59b0dcf8c8f22c5ed5c3fa50689aeb27511cf43dae23e7e707cd7fe
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "755dc-5fc1f35ce1d95-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
142.250.74.106200 OK 887 B URL GET HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
IP 142.250.74.106:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type gzip compressed data, max compression\012- data
Hash 5401c591e9a7e1726ffe340639284fbe
9ae7700c65ed8c329e16779edbfb78757cb5f7ef
e774ada98ee638ab3cd79d4bb8fa0d96269fbdd87799280edb6e7a7593168b35
GET /css2?family=Poppins:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 13:47:52 GMT
date: Mon, 22 May 2023 13:47:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vallettaferryservices.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:36 GMT
expires: Thu, 16 May 2024 00:16:36 GMT
cache-control: public, max-age=31536000
age: 480676
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 13:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188 471 B IP 172.64.155.188:0
Hash 096bb034dae21f2a6d1174761b9891a6
47c2594b3cf6bf07e0c29156fcfd15ad3ee7d182
9c97edaaf0ae175f354dd3fd9426364cbf8cc6e8ec4075d5841b30702467eb69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 20 May 2023 12:40:41 GMT
Expires: Sat, 27 May 2023 12:40:40 GMT
Etag: "47c2594b3cf6bf07e0c29156fcfd15ad3ee7d182"
Cache-Control: max-age=427426,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb583793a38b4eb-OSL
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL GET HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:443
ASN #9159 Credit Agricole S.A.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectwww.credit-agricole.fr
Fingerprint31:47:03:EB:DE:DA:48:E7:D1:F4:0E:86:F2:FE:6F:0D:FA:8B:9A:4C
ValidityTue, 16 Aug 2022 00:00:00 GMT - Wed, 16 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8a6438815d53936ba84ffbef78c8bcfc
e178faa510c663b51d88b5979bbc53c73fcaf3e1
5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 04 May 2023 13:03:33 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Thu, 04 May 2023 13:03:33 GMT
Cache-Control: max-age=2592000
Expires: Sat, 03 Jun 2023 13:03:33 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/svg+xml
Age: 1557860
X-Cache: HIT
X-Cache-Hits: 395525
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
172.67.188.229 0 B URL ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
IP 172.67.188.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vallettaferryservices.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpzW9wnVmDQd7OTNaYDJXA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 22 May 2023 13:47:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xpfpxlqmf4QOKafVUOjdCioXAS8=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TO83faCeuX%2FbUmwZl6KJTjg1%2F3VwsgKgSWWqyqhgrct32B4V%2B0FoAn3qDAyFYhtlUirI8jBfal3s9%2BmbTEw9aYW8ACbNZAJUXXu72BOtplP0gnqE34B2hPz8zAQ9ImmLxvv5lv9T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cb583786f5e1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/2.1e1a6a8e.js
85.119.122.20200 OK 1.4 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/2.1e1a6a8e.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3692), with no line terminators
Hash d38b9ebcc489e6fa0b3ca34a3f40391e
2d51234256d928175cafa9adbf1a257a3faadf4e
b43285d40ef2297fb3f7d1c435bc8ebed249bff774a20bacf34e7653e57c70b9
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/2.1e1a6a8e.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "e6f-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1383
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/4.0ec808a8.js
85.119.122.20200 OK 8.3 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/4.0ec808a8.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32728), with no line terminators
Hash 21b642fe7ec9d3a9564719a2bca31cd5
1ed2211f506b8da2c06afcde0d6aa23ed18b3002
081c15cc4b89fe7b4346ce18a3174086a750d0b40675d5e835f516411264a106
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/4.0ec808a8.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "8049-5fc1f35cdfe55-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL GET HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:443
ASN #9159 Credit Agricole S.A.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectwww.credit-agricole.fr
Fingerprint31:47:03:EB:DE:DA:48:E7:D1:F4:0E:86:F2:FE:6F:0D:FA:8B:9A:4C
ValidityTue, 16 Aug 2022 00:00:00 GMT - Wed, 16 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8a6438815d53936ba84ffbef78c8bcfc
e178faa510c663b51d88b5979bbc53c73fcaf3e1
5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 04 May 2023 13:03:35 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 03 May 2023 23:50:02 GMT
Cache-Control: max-age=2592000
Expires: Sat, 03 Jun 2023 13:03:35 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/svg+xml
Age: 1605472
X-Cache: HIT
X-Cache-Hits: 392708
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2
85.119.122.20200 OK 103 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 102788, version 1.0\012- data
Size 103 kB (102788 bytes)
Hash df8803afe71155fa95130772bd0da593
bd7f2ac4af45ec77fe3f9f7310099e5b950af54e
9e0871a566b5aca8cac810404e207cb1eea58dbb04c5c97a7a860140edb9b5d0
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2 HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "19184-5fc1f35ce2d35"
Accept-Ranges: bytes
Content-Length: 102788
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
158.191.172.47200 OK 244 kB URL GET HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
IP 158.191.172.47:443
ASN #9159 Credit Agricole S.A.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectwww.credit-agricole.fr
Fingerprint31:47:03:EB:DE:DA:48:E7:D1:F4:0E:86:F2:FE:6F:0D:FA:8B:9A:4C
ValidityTue, 16 Aug 2022 00:00:00 GMT - Wed, 16 Aug 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size 244 kB (243919 bytes)
Hash b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 04 May 2023 13:03:42 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 03 May 2023 12:49:51 GMT
Content-Length: 243919
Cache-Control: max-age=2592000
Expires: Sat, 03 Jun 2023 13:03:42 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/jpeg
Age: 1645082
X-Cache: HIT
X-Cache-Hits: 60514
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
85.119.122.20200 OK 1.3 kB URL User Request GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
IP 85.119.122.20:443
ASN #200805 Melita Limited
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1349), with no line terminators
Hash 5c1fefb80dc10925ac86e35411527177
32b64178801025b71fcb836c8e4d3a316dd51b02
cacb3fe20c8e74150f58c05e83a938e4fb075928aa32c13e4f818a454cb377ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akrammurottal.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "53c-5fc1f35ce3cd5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 746
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
185.244.209.62200 OK 430 B URL GET HTTP/2 cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
IP 185.244.209.62:443
ASN #58286 Electric-IT Business S.R.L.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (444), with no line terminators
Hash c4b637111c63f67ab151ff4586b71f6b
d4505f2b05a5aa3590aec1a3e511b3d1e5318b89
c52dea90aadf2229e52d8b2bf5e0e63bcbeba9adb2defaf28992e13010da025f
GET /npm/@adonisjs/framework@5.0.13/index.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 22 May 2023 13:47:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.13
x-jsd-version-type: version
etag: W/"1ae-myc90tb7oItlxVsc5EMaDyV2uOM"
age: 1740218
x-served-by: cache-fra-eddf8230108-FRA, cache-ams21038-AMS
x-cache: HIT, HIT
vary: Accept-Encoding, Accept-Encoding
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-05-22T06:43:59+00:00, 2023-05-22T06:51:18+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2
ns.cdn-services.com/ip
172.67.188.229200 OK 315 B IP 172.67.188.229:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4F:68:30:DE:5D:92:48:05:68:CF:BD:E5:27:6D:F5:D7:4F:0D:6B:30
ValidityMon, 15 Aug 2022 00:00:00 GMT - Tue, 15 Aug 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (375), with no line terminators
Hash 1282b746a5b3d38449b1f3c9b7b324a9
7cc15f64536252fff92d225cc3fc562d4159addf
a5a5388b6a7b527d536a20b7023fa325e2601b102f79370c671022b82bc21140
Analyzer Verdict Alert fortinet Malware
GET /ip HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vallettaferryservices.com/
Origin: https://vallettaferryservices.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 13:47:54 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: cook-session=eyJ1c2VySUQiOiI2OTI0MCJ9; path=/; secure; httponly
cook-session.sig=2N8gV9sWvflMC8NKGPBrCDHMdGg; path=/; secure; httponly
etag: W/"13b-pshkIJqkPrHKkE2ZVch18nKhMnQ"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzqyWR9cXpTKtHobr78vxULOZXWfDqefg%2Beg118QGMbYMctIsoO35X4pUFC8qnFFi1EgQwI%2FfqEh6yxHd2sBctaMqPkaeZgbcCvMRkP67qdCLfyCQxD6GTWM6IfpRF6%2FT1%2F6QUAz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cb583783dd50b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/vendor.d0887c5f.js
85.119.122.20200 OK 462 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/vendor.d0887c5f.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
Size 462 kB (462437 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/vendor.d0887c5f.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 13:47:52 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "70e65-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
172.67.188.229101 Switching Protocols 0 B URL GET HTTP/1.1 ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
IP 172.67.188.229:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4F:68:30:DE:5D:92:48:05:68:CF:BD:E5:27:6D:F5:D7:4F:0D:6B:30
ValidityMon, 15 Aug 2022 00:00:00 GMT - Tue, 15 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vallettaferryservices.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpzW9wnVmDQd7OTNaYDJXA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 22 May 2023 13:47:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xpfpxlqmf4QOKafVUOjdCioXAS8=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TO83faCeuX%2FbUmwZl6KJTjg1%2F3VwsgKgSWWqyqhgrct32B4V%2B0FoAn3qDAyFYhtlUirI8jBfal3s9%2BmbTEw9aYW8ACbNZAJUXXu72BOtplP0gnqE34B2hPz8zAQ9ImmLxvv5lv9T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cb583786f5e1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400