Report - demo2.cloudwp.dev/trial-6vy6y62t/wp-content/plugins/credit-agricole/credit-agricole/region/pages/region.php

Report Overview

Submitted URL
demo2.cloudwp.dev/trial-6vy6y62t/wp-content/plugins/credit-agricole/credit-agricole/region/pages/region.php
IP
192.145.239.204
ASN
#22611 INMOTION
Submitted
2024-05-04 08:35:31
Access
public
Website Title
Inactive Location
Final URL
demo2.cloudwp.dev/inactive.htm
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	1.1 kB	43 kB	142.250.74.67
www.boldgrid.com	unknown	2015-02-20	2017-02-03	2024-04-10	463 B	5.1 kB	194.242.11.186
demo2.cloudwp.dev	unknown	2019-03-12	2019-04-13	2023-02-08	2.4 kB	23 kB	192.145.239.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	demo2.cloudwp.dev/trial-6vy6y62t/wp-content/plugins/credit-agricole/credit-agricole/region/pages/region.php	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	demo2.cloudwp.dev/inactive.htm	5.9 kB	2024-05-04	2024-05-04
Pretty URL demo2.cloudwp.dev/inactive.htm IP 192.145.239.204 ASN #22611 INMOTION Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 10:35:32 Last Seen2024-05-04 10:35:32 Times Seen1 Hash 8d94dda0becd04a49e1e12dd1e46d73a c27fdec893a15f04d54083756fadd6ad88fe2b96 01e611df9fba83784c501ee0ed5347570f0dfcabbfb07aca4517869243f72d66 Loading...

HTTP Transactions (8)

URL IP Response Size

demo2.cloudwp.dev/trial-6vy6y62t/wp-content/plugins/credit-agricole/credit-agricole/region/pages/region.php

192.145.239.204

301 Moved Permanently

246 B

URL User Request GET HTTP/2
demo2.cloudwp.dev/trial-6vy6y62t/wp-content/plugins/credit-agricole/credit-agricole/region/pages/region.php
IP
192.145.239.204:443
ASN
#22611 INMOTION

Certificate
IssuerSectigo Limited
Subject*.cloudwp.dev
Fingerprint7F:88:43:CA:7E:14:89:39:5D:BE:E3:8E:2F:2C:49:BA:FB:DE:59:20
ValidityTue, 27 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
246 B (246 bytes)
Hash
34e7e14b00c9dd2bccc95c97fc80b049
3489a6241b5a46a124b0eb5908dfeac166919eee
0ffeeccf9b904bc7cfe3a9d9554dc8e05907adec665e93a5921d79a9415ab5b0

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /trial-6vy6y62t/wp-content/plugins/credit-agricole/credit-agricole/region/pages/region.php HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 May 2024 08:35:07 GMT
content-type: text/html; charset=iso-8859-1
content-length: 246
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sun, 20 Apr 1975 05:05:00 GMT
location: https://demo2.cloudwp.dev/inactive.htm
x-proxy-cache: MISS
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2

142.250.74.67

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://demo2.cloudwp.dev/inactive.htm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22244, version 1.0
Size
22 kB (22244 bytes)
Hash
6a6b4d48d3990297f8feb86f96e8386e
beef652f807f9bb675aed8738aead08fdea31611
70716a99384f70e8f55280615bf0ddf84d17c5561769e1671ee736bda8c2796a

HTTP Headers

GET /s/josefinsans/v9/C6HYlRF50SGJq1XyXj04z04GofcKVZz6wtzX_QUIqsI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.cloudwp.dev
DNT: 1
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22244
date: Sat, 04 May 2024 08:35:08 GMT
expires: Sun, 04 May 2025 08:35:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Oct 2014 20:36:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2

142.250.74.67

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://demo2.cloudwp.dev/inactive.htm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19516, version 1.65
Size
20 kB (19516 bytes)
Hash
d4ca8d74b0e60bc12aff23761498c73d
403689d08005fec559afc2f3070d5d2817d62595
25706f2aee8b387e4ce26b4cbcf4a6b79d385c1415f21baa41706fc7ed4520ea

HTTP Headers

GET /s/exo2/v3/-A4eIjQkAwKL411pgtQ4VA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.cloudwp.dev
DNT: 1
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:12:54 GMT
expires: Fri, 02 May 2025 02:12:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Aug 2014 15:24:19 GMT
content-type: font/woff2
age: 195734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

demo2.cloudwp.dev/images/no-grid.svg

192.145.239.204

200 OK

3.4 kB

URL GET HTTP/2
demo2.cloudwp.dev/images/no-grid.svg
IP
192.145.239.204:443
ASN
#22611 INMOTION

Requested by
https://demo2.cloudwp.dev/inactive.htm
Certificate
IssuerSectigo Limited
Subject*.cloudwp.dev
Fingerprint7F:88:43:CA:7E:14:89:39:5D:BE:E3:8E:2F:2C:49:BA:FB:DE:59:20
ValidityTue, 27 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.4 kB (3408 bytes)
Hash
4fe3cf38bc372bced80de5e88a4f017a
c08cc6c3be0514dcc2ba642f7916653593061adc
31962ec4cf9147ff0d0f4bb850eff4052cc287fabaac8fe166acb38483055955

HTTP Headers

GET /images/no-grid.svg HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/inactive.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:35:08 GMT
content-type: image/svg+xml
content-length: 3408
last-modified: Mon, 05 Dec 2016 20:49:18 GMT
x-proxy-cache: REVALIDATED
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg

192.145.239.204

200 OK

4.4 kB

URL GET HTTP/2
demo2.cloudwp.dev/images/boldgrid-logo-vertical-black.svg
IP
192.145.239.204:443
ASN
#22611 INMOTION

Requested by
https://demo2.cloudwp.dev/inactive.htm
Certificate
IssuerSectigo Limited
Subject*.cloudwp.dev
Fingerprint7F:88:43:CA:7E:14:89:39:5D:BE:E3:8E:2F:2C:49:BA:FB:DE:59:20
ValidityTue, 27 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
4.4 kB (4396 bytes)
Hash
505b5c5156843b9559c8995f8e446610
5e9d6444bab2b41923d218eb162b8ab71915ba37
b38980a3f9f0116e7039b450aa5ed8a501a20175b8e49dcd651b7eeeb86ce0e6

HTTP Headers

GET /images/boldgrid-logo-vertical-black.svg HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/inactive.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:35:08 GMT
content-type: image/svg+xml
content-length: 4396
last-modified: Fri, 02 Dec 2016 20:50:58 GMT
x-proxy-cache: REVALIDATED
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

demo2.cloudwp.dev/favicon.ico

192.145.239.204

200 OK

1.2 kB

URL GET HTTP/2
demo2.cloudwp.dev/favicon.ico
IP
192.145.239.204:443
ASN
#22611 INMOTION

Requested by
https://demo2.cloudwp.dev/inactive.htm
Certificate
IssuerSectigo Limited
Subject*.cloudwp.dev
Fingerprint7F:88:43:CA:7E:14:89:39:5D:BE:E3:8E:2F:2C:49:BA:FB:DE:59:20
ValidityTue, 27 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1189 bytes)
Hash
6af2b6286c753a22bf1dd95100bd3093
004c513c359ae3c57ed85910f27804def11e2d26
9a187b9fc2a7a7ebeae725b685c4a33848f94b2cf69d276a227401c10a268058

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/inactive.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:35:08 GMT
content-type: image/x-icon
content-length: 1189
last-modified: Tue, 21 Apr 2015 20:19:14 GMT
etag: "5536b0c2-4a5"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

www.boldgrid.com/assets/logos/boldgrid-logo-horizontal-black.svg

194.242.11.186

200 OK

4.4 kB

URL GET HTTP/2
www.boldgrid.com/assets/logos/boldgrid-logo-horizontal-black.svg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://demo2.cloudwp.dev/inactive.htm
Certificate
IssuerLet's Encrypt
Subjectwww.boldgrid.com
Fingerprint13:6D:5D:42:25:12:7C:89:D6:32:25:18:E3:43:83:62:FC:0E:37:AC
ValidityTue, 09 Apr 2024 19:10:27 GMT - Mon, 08 Jul 2024 19:10:26 GMT

File type
SVG Scalable Vector Graphics image
Size
4.4 kB (4386 bytes)
Hash
8352fd7a8e282a481392b0b72b1fdff6
0f703c505394f52fbe102c2a6a33c29a117c18e8
939989648e08fc305937cbef60f18d6ea6dfb392039fdfdd9725426245500299

HTTP Headers

GET /assets/logos/boldgrid-logo-horizontal-black.svg HTTP/1.1
Host: www.boldgrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demo2.cloudwp.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:35:09 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 1816511
cdn-uid: 999114aa-e057-4549-9245-b0a9de1f5f31
cdn-requestcountrycode: NO
cache-control: public, max-age=31536000
etag: W/"582a2639-1122"
expires: Sun, 04 May 2025 08:35:09 GMT
last-modified: Mon, 14 Nov 2016 21:01:45 GMT
pragma: public
x-powered-by: W3 Total Cache/2.7.1
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 05/04/2024 08:35:09
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 10d90d13c5673ba4338814747c62b9c5
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2

demo2.cloudwp.dev/inactive.htm

192.145.239.204

200 OK

12 kB

URL User Request GET HTTP/2
demo2.cloudwp.dev/inactive.htm
IP
192.145.239.204:443
ASN
#22611 INMOTION

Certificate
IssuerSectigo Limited
Subject*.cloudwp.dev
Fingerprint7F:88:43:CA:7E:14:89:39:5D:BE:E3:8E:2F:2C:49:BA:FB:DE:59:20
ValidityTue, 27 Feb 2024 00:00:00 GMT - Mon, 17 Mar 2025 23:59:59 GMT

File type

Size
12 kB (11694 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /inactive.htm HTTP/1.1
Host: demo2.cloudwp.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:35:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 09 Jul 2021 17:42:39 GMT
x-proxy-cache: REVALIDATED
x-robots-tag: noindex, nofollow, noarchive, nosnippet
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2