ocsp.sectigo.com/
172.64.155.188 472 B IP 172.64.155.188:0
Hash 0c9f307e66541d3f5804faa8c5c0a057
a5e14dbc85e371877b403a2dd9bdab52137042d1
c497d44670d78b07144df90dc58dfc2098c161e57f9eb3ef17b3265152ebeb4e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 20 May 2023 10:30:18 GMT
Expires: Sat, 27 May 2023 10:30:17 GMT
Etag: "a5e14dbc85e371877b403a2dd9bdab52137042d1"
Cache-Control: max-age=388222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb88025dead0b3d-OSL
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
85.119.122.20 746 B URL vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
IP 85.119.122.20:0
ASN #200805 Melita Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1339), with no line terminators
Hash 4f1c6f7d4578c9ed06d3490769d05774
f355bd3e53d888efd7b418be57736351ecde2336
1ad31bb9729a8a0bc3eee5cf1e43e9ac0f3a8f441b0d83a6c547c943737c570b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://akrammurottal.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "53c-5fc1f35ce3cd5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 746
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
104.17.24.14200 OK 452 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
IP 104.17.24.14:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1061), with no line terminators
Hash dbc106ca6d0c4ee846b9480da7512270
38ddb471f69ea9d18a009abc518fa5aa693bcfe9
0e5c9c430c430273551c46e69d58bec076c4171a41f56ef0411e670a76651a7c
GET /ajax/libs/adblock-detect/1.0.5/index.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vallettaferryservices.com
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 22:29:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 452
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf5-425"
last-modified: Mon, 04 May 2020 16:04:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2986
expires: Sat, 11 May 2024 22:29:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDR4EBiXX0pzQwCZk78GhlvXwC%2BES9eoorGp5mTeaBPEMdmV5peXDwOIbYhGr8db0GigBUu2TCo%2BBYIroqiRqNR7NCNtewIZs8KNXLD8RedFLggidek3MKmj40iCbtV0VB7Kx6Ev"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cb880290deab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
151.101.65.229200 OK 299 B URL GET HTTP/2 cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
IP 151.101.65.229:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
Hash ba3f5b921b05df858f6af6995e355e7a
9b273dd2d6fba08b65c55b1ce4431a0f2576b8e3
6dcf40fd04d3387edc5d792b6c7d978af1ba834014f7028765f9342db989f6ee
GET /npm/@adonisjs/framework@5.0.13/index.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.13
x-jsd-version-type: version
etag: W/"1ae-myc90tb7oItlxVsc5EMaDyV2uOM"
content-encoding: br
accept-ranges: bytes
date: Mon, 22 May 2023 22:29:54 GMT
age: 3279961
x-served-by: cache-fra-eddf8230108-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 299
X-Firefox-Spdy: h2
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/config/init.js
85.119.122.20200 OK 364 B URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/config/init.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
Hash ba731501f1f862240fd5b99f9d466118
456f047f945f376f7b8257cb8311d08b047d0e22
14252886809fbed0c79fe36144bf8e8e5278672a0b9f749abda8181a645ee884
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/config/init.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "1f7-5fc1f35ce1d95-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 364
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
akrammurottal.net/readme.html
103.147.154.77 605 B URL akrammurottal.net/readme.html
IP 103.147.154.77:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 51f350ecdd1e9bc4595c975e0a20fcb2
2eb1e4e721f754635b5a15c16d968333567f5485
81c2f90e48983683388ed2150c3f76c7913fccf7c75f0972beea3f5215d54ee3
Analyzer Verdict Alert fortinet Phishing
GET /readme.html HTTP/1.1
Host: akrammurottal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
vary: Accept-Encoding
server: DomaiNesia
dn-request-id: ae0bbaa878200bf67e053993a7abf7cd
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=63072000; includeSubDomains; preload
static-cache-status: HIT
date: Mon, 22 May 2023 22:29:52 GMT
x-page-speed: DomaiNesia
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/app.ccab8aee.css
85.119.122.20200 OK 788 B URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/app.ccab8aee.css
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (2181), with no line terminators
Hash 108ad02f2daf10fc7529f1c8e3dd6b3a
8f4c4ae2f1edd215a9393db4843d37481d668259
d918c60f3e4b699d30b2c0e3ecf676ccb0846999c129b5cd64bdb03566248399
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/app.ccab8aee.css HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "885-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 788
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash f3067a930052a9d2eae346f68b946098
755b2fe3eb24e39feedb00f8a06d9f486477acc0
ebc2bd404a562b20b6111ed244400f84f926d69b8189f370bf26d4e5ba4266e5
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "71297CAFB19D1B57C278D8957D02B0333FC548E1"
Expires: Tue, 23 May 2023 09:00:00 GMT
Last-Modified: Mon, 22 May 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2727
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cb88029dad40b51-OSL
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/app.f08ebc70.js
85.119.122.20200 OK 2.9 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/app.f08ebc70.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (6576), with no line terminators
Hash 9688d1e3d8b7fa23442503639d2452f3
a8ce827f2d0d979fbf6635e21118ce045f567c7e
6bb2742407ad7e6d0b921b6a8041e7724c5d862c5914495fb02d54c6e0eadb77
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/app.f08ebc70.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "19b0-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2949
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 8d1ffc63ece540992319c6f7637db168
b84a5580317750f11fea9fb0ca41710c88e66d38
905441c3ec5505f8196be1b4c4123cd1862bc6f03ce2bc5cf5fe37b21e07c907
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 22:29:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css
85.119.122.20200 OK 81 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0273d04d26a575b2698126dcd340c5a9
ef488214d4b44eae865461e5b12dea40ba080149
5054980ee59b0dcf8c8f22c5ed5c3fa50689aeb27511cf43dae23e7e707cd7fe
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "755dc-5fc1f35ce1d95-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/vendor.d0887c5f.js
85.119.122.20200 OK 154 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/vendor.d0887c5f.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (34560)
Size 154 kB (154528 bytes)
Hash 15eebb61b8d8ee3a3a577b5f023e862b
d6a3ba360cfbeb8e01dcc74a34669d4fc06dc3d0
873f1709d8ac6196e7b00b2abea4eae262756f42fd53157808efadef4898ad13
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/vendor.d0887c5f.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "70e65-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 22:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vallettaferryservices.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:36 GMT
expires: Thu, 16 May 2024 00:16:36 GMT
cache-control: public, max-age=31536000
age: 511999
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 22:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188 471 B IP 172.64.155.188:0
Hash 096bb034dae21f2a6d1174761b9891a6
47c2594b3cf6bf07e0c29156fcfd15ad3ee7d182
9c97edaaf0ae175f354dd3fd9426364cbf8cc6e8ec4075d5841b30702467eb69
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 20 May 2023 12:40:41 GMT
Expires: Sat, 27 May 2023 12:40:40 GMT
Etag: "47c2594b3cf6bf07e0c29156fcfd15ad3ee7d182"
Cache-Control: max-age=397731,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb8802dfb5f0b3d-OSL
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL GET HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:443
ASN #9159 Credit Agricole S.A.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectwww.credit-agricole.fr
Fingerprint31:47:03:EB:DE:DA:48:E7:D1:F4:0E:86:F2:FE:6F:0D:FA:8B:9A:4C
ValidityTue, 16 Aug 2022 00:00:00 GMT - Wed, 16 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8a6438815d53936ba84ffbef78c8bcfc
e178faa510c663b51d88b5979bbc53c73fcaf3e1
5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 04 May 2023 13:03:33 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 03 May 2023 12:49:39 GMT
Cache-Control: max-age=2592000
Expires: Sat, 03 Jun 2023 13:03:33 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/svg+xml
Age: 1676415
X-Cache: HIT
X-Cache-Hits: 404784
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
188.114.96.1 0 B URL ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vallettaferryservices.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yNmccpwspGl1oADLrZXvaw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 22 May 2023 22:29:55 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xB/BgGnmDLbeuRnKvuQYy/Hssvc=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhbfYLWtXiN%2Fld8GUzdKpl5%2FWaHKNF2ZgKysvWQ7L1RrZOJHWwJ70zHvjNQke%2Bv9GdjFOzJeGNIhABl3LuxBWQbFgyjTBxJKOOurpRxJdmy1RvmkwG9JEa5cy3jKKWpQsT7vfL2U"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cb8802cf9bdb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/2.1e1a6a8e.js
85.119.122.20200 OK 1.4 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/2.1e1a6a8e.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3692), with no line terminators
Hash d38b9ebcc489e6fa0b3ca34a3f40391e
2d51234256d928175cafa9adbf1a257a3faadf4e
b43285d40ef2297fb3f7d1c435bc8ebed249bff774a20bacf34e7653e57c70b9
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/2.1e1a6a8e.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:55 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "e6f-5fc1f35ce0df5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1383
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/4.0ec808a8.js
85.119.122.20200 OK 8.3 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/4.0ec808a8.js
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32728), with no line terminators
Hash 21b642fe7ec9d3a9564719a2bca31cd5
1ed2211f506b8da2c06afcde0d6aa23ed18b3002
081c15cc4b89fe7b4346ce18a3174086a750d0b40675d5e835f516411264a106
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/js/4.0ec808a8.js HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:55 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "8049-5fc1f35cdfe55-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL GET HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:443
ASN #9159 Credit Agricole S.A.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectwww.credit-agricole.fr
Fingerprint31:47:03:EB:DE:DA:48:E7:D1:F4:0E:86:F2:FE:6F:0D:FA:8B:9A:4C
ValidityTue, 16 Aug 2022 00:00:00 GMT - Wed, 16 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8a6438815d53936ba84ffbef78c8bcfc
e178faa510c663b51d88b5979bbc53c73fcaf3e1
5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 04 May 2023 13:03:33 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Wed, 03 May 2023 12:49:39 GMT
Cache-Control: max-age=2592000
Expires: Sat, 03 Jun 2023 13:03:33 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/svg+xml
Age: 1676416
X-Cache: HIT
X-Cache-Hits: 404785
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2
85.119.122.20200 OK 103 kB URL GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2
IP 85.119.122.20:443
ASN #200805 Melita Limited
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 102788, version 1.0\012- data
Size 103 kB (102788 bytes)
Hash df8803afe71155fa95130772bd0da593
bd7f2ac4af45ec77fe3f9f7310099e5b950af54e
9e0871a566b5aca8cac810404e207cb1eea58dbb04c5c97a7a860140edb9b5d0
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2 HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/css/vendor.677b4d5b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:55 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "19184-5fc1f35ce2d35"
Accept-Ranges: bytes
Content-Length: 102788
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
158.191.172.47200 OK 244 kB URL GET HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
IP 158.191.172.47:443
ASN #9159 Credit Agricole S.A.
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerSectigo Limited
Subjectwww.credit-agricole.fr
Fingerprint31:47:03:EB:DE:DA:48:E7:D1:F4:0E:86:F2:FE:6F:0D:FA:8B:9A:4C
ValidityTue, 16 Aug 2022 00:00:00 GMT - Wed, 16 Aug 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size 244 kB (243919 bytes)
Hash b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 04 May 2023 13:03:38 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: sync-xhr=('https://*.credit-agricole.fr')
Last-Modified: Thu, 04 May 2023 13:03:35 GMT
Content-Length: 243919
Cache-Control: max-age=2592000
Expires: Sat, 03 Jun 2023 13:03:38 GMT
Content-Security-Policy: frame-ancestors 'self'
Content-Type: image/jpeg
Age: 1589180
X-Cache: HIT
X-Cache-Hits: 61361
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
85.119.122.20200 OK 1.3 kB URL User Request GET HTTP/1.1 vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html
IP 85.119.122.20:443
ASN #200805 Melita Limited
Certificate IssuerSectigo Limited
Subjectvallettaferryservices.com
FingerprintA8:47:F6:45:2F:1F:BA:DF:B8:40:3C:2F:75:FB:33:52:38:7B:3C:AB
ValidityThu, 16 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1349), with no line terminators
Hash 5c1fefb80dc10925ac86e35411527177
32b64178801025b71fcb836c8e4d3a316dd51b02
cacb3fe20c8e74150f58c05e83a938e4fb075928aa32c13e4f818a454cb377ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html HTTP/1.1
Host: vallettaferryservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://akrammurottal.net/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 22:29:54 GMT
Server: Apache/2.4.57 (Ubuntu)
Last-Modified: Sat, 20 May 2023 12:31:00 GMT
ETag: "53c-5fc1f35ce3cd5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 746
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
142.250.74.106200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
IP 142.250.74.106:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (1136), with no line terminators
Hash 20537057ea6c73337cdc77b139767f3c
353181e25b8bac755eca2151f3aeeb093758e0e0
459da25a87017ee1cad7c7006d94df13abc39aee2e69f38cde9042823188bd78
GET /css2?family=Poppins:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vallettaferryservices.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 22:29:54 GMT
date: Mon, 22 May 2023 22:29:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ns.cdn-services.com/ip
188.114.96.1200 OK 315 B IP 188.114.96.1:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4F:68:30:DE:5D:92:48:05:68:CF:BD:E5:27:6D:F5:D7:4F:0D:6B:30
ValidityMon, 15 Aug 2022 00:00:00 GMT - Tue, 15 Aug 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (375), with no line terminators
Hash 1282b746a5b3d38449b1f3c9b7b324a9
7cc15f64536252fff92d225cc3fc562d4159addf
a5a5388b6a7b527d536a20b7023fa325e2601b102f79370c671022b82bc21140
Analyzer Verdict Alert fortinet Malware
GET /ip HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vallettaferryservices.com/
Origin: https://vallettaferryservices.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 22:29:55 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: cook-session=eyJ1c2VySUQiOiI2MjIxNCJ9; path=/; secure; httponly
cook-session.sig=YAToGDjhHTfHFmRhofHouhzyr_8; path=/; secure; httponly
etag: W/"13b-pshkIJqkPrHKkE2ZVch18nKhMnQ"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzqNgPfDxPDaegsbUvBHzddGRFQe6MWC5gW%2BKv1GJaBHS7yI3GRX7X1IVk16cWiuBmmwxiAvnzJZyphanMrEiMx%2BuQmWU6ctVUYHIDJ9SQBIsnDou7dvwdBf9XY4bvNrmmTv7GSp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cb8802cdf7a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
188.114.96.1101 Switching Protocols 0 B URL GET HTTP/1.1 ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
IP 188.114.96.1:443
Requested by https://vallettaferryservices.com/wp-content/plugins/secure/agricole/acceder-a-mes-comptes/index.html#/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint4F:68:30:DE:5D:92:48:05:68:CF:BD:E5:27:6D:F5:D7:4F:0D:6B:30
ValidityMon, 15 Aug 2022 00:00:00 GMT - Tue, 15 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vallettaferryservices.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yNmccpwspGl1oADLrZXvaw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 22 May 2023 22:29:55 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xB/BgGnmDLbeuRnKvuQYy/Hssvc=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhbfYLWtXiN%2Fld8GUzdKpl5%2FWaHKNF2ZgKysvWQ7L1RrZOJHWwJ70zHvjNQke%2Bv9GdjFOzJeGNIhABl3LuxBWQbFgyjTBxJKOOurpRxJdmy1RvmkwG9JEa5cy3jKKWpQsT7vfL2U"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7cb8802cf9bdb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400