| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca | 63.250.43.137 | 200 OK | 7.3 kB |
URL User Request GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca IP63.250.43.137:443
CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6514) Hash9aa0e027ebca0d0db04539799067e968 18341dedf1bc2d833043283ae2263b67bdb60975 7b8531a1a83161f7ee59336d09a8335291f0ad01dfc5066de4922aecc7719400
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 23
accept-ranges: bytes
x-cache: HIT
content-length: 7319
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css | 63.250.43.137 | 200 OK | 4.2 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1706) Hash777f0c2b9794cbb873d978820c9b584b d4ac2d02cec4eee83c76a8b2e44d79ce0b66c54a 180f30fad7b16e45ca01d7ced282e5fd55452d88e5bba85f294de936aaa6235a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
vary: Accept-Encoding
etag: W/"6621c546-3ed5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 4208
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db3499be7.css | 63.250.43.137 | 200 OK | 4.8 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db3499be7.css IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1706) Hash4f5c3cd1e41c11ef16fd409ed07cd455 49faae4b8ac5c08f231d13019c47d51c136faac7 c70d0a1b2de8909be74a36b93be49abe7977a6383dfb4f76a8706a5641258988
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/css/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db3499be7.css HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
vary: Accept-Encoding
etag: W/"6621c546-4c3b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 4786
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css | 63.250.43.137 | 200 OK | 172 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (64826) Size172 kB (171989 bytes) Hash80cbd6acc84066c2b832d33670e01c4f 07837f451e79273101c1d7a918e65d31b0f63e0d e40cd3fa960f230ba41252ab8d7d2ae69d951212efd8ae84dae77bc1bea30486
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
vary: Accept-Encoding
etag: W/"6621c546-14414c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 23
accept-ranges: bytes
x-cache: HIT
content-length: 171989
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css | 63.250.43.137 | 200 OK | 0 B |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/css/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: text/css
content-length: 0
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
etag: "6621c546-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js | 63.250.43.137 | 200 OK | 44 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (585) Hash43ebd2cb93e62b7b1f87e72f14446263 303dd01f898d680e1e5f6c9f94550ba2a4f8dc5b db093d945c5dc369f30743d0a2f6afcf204b72934cc281b6fb5185213db594be
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:14:07 GMT
vary: Accept-Encoding
etag: W/"6621c55f-2509e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 43453
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js | 63.250.43.137 | 200 OK | 3.9 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (547) Hash423ec59365a85ebded314ad7311ef508 41d14b0fbb6c2e98b1cce2c476ff22e79799ec7b 7ab2e59e0914ae8a584648bf864b74b320f9281399508a1cfb346e8243e539a5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
last-modified: Fri, 19 Apr 2024 01:14:06 GMT
etag: "6621c55e-2cef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 3936
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js | 63.250.43.137 | 200 OK | 2.4 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text Hash1cfa3b7f34a709e8eef13327014c6b27 426f8d6763301015baba293a9eaed5b0e35c5f50 82a13a046fc654ba15d460c12ad78d745ce2e1d0b89c9bec3faa8ce3a779b9e4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
last-modified: Fri, 19 Apr 2024 01:14:07 GMT
etag: "6621c55f-2111"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 2440
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js | 63.250.43.137 | 200 OK | 7.6 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (587) Hashd60873be6e7b5a14dedf919ffe2b8041 f672af1bfa9749bff05ad06574bb652bb9cf3a10 c0f4478bae253d6cf0b7e962ab05fe674172d435aa8226c2beaf4d7513799b1f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:14:06 GMT
vary: Accept-Encoding
etag: W/"6621c55e-6017"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 7647
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js | 63.250.43.137 | 200 OK | 125 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (567) Size125 kB (125254 bytes) Hash1661914e05c676ce450674555cc1e5b0 8564e04e8b6a06494f04a2026e853143d2aa0a66 3980a2fc735c16a01ce49bd9462513e27f799c0b2bc20c113a58097c2a1cca1e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
last-modified: Fri, 19 Apr 2024 01:14:06 GMT
etag: "6621c55e-74ddd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 125254
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/sms_3.png | 63.250.43.137 | 200 OK | 4.7 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/sms_3.png IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash0cf9928073a1e7422986e7e6a24537c7 e598a1077453a031e322df052d229a26fab816f4 27f96514efe60c846ff36cddc2525111babf7affcce0ad41d2947355dd083b97
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/img/sms_3.png HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
content-type: image/png
content-length: 4652
last-modified: Fri, 19 Apr 2024 01:13:53 GMT
etag: "6621c551-122c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 21
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/dep/CA_logozero.png | 63.250.43.137 | 200 OK | 1.1 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/dep/CA_logozero.png IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typePNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced Hashb8156294155dcdf447582656213c6262 4ffa1b6ff5dc9e7b600d8088ffb2599385da04b1 67420ae4c136f67ba0354872087689249deef99059d210a0a8abb98c7aa9fe07
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/img/dep/CA_logozero.png HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: image/png
content-length: 1139
last-modified: Fri, 19 Apr 2024 01:14:11 GMT
etag: "6621c563-473"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/design.css | 63.250.43.137 | 200 OK | 73 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/design.css IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65261), with CRLF line terminators Hashc9ca182ff681d16d2c7b220213637bd7 5485778d13725e38bb52bad6fd14b43f708bfe2c 60ad586fc16f8696a1ac391ba03b2cc75d450571c6e44fc7e7c4d2e47344ea7d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/css/design.css HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: text/css
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
vary: Accept-Encoding
etag: W/"6621c546-22fb3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 72594
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlibPageErreur.min.f434b09157730b423058e364dda8b336.js | 63.250.43.137 | 200 OK | 929 B |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlibPageErreur.min.f434b09157730b423058e364dda8b336.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (568) Hashae0c05a432ddd30814c20e610a9fec87 208f39e3f1ea0de72845089add7f3da4637c9db0 4f650bad06c1fee4fd5ef7158ad92556c46db49ceef8dd52ae4a5c793874a5dc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/clientlibPageErreur.min.f434b09157730b423058e364dda8b336.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:14:06 GMT
vary: Accept-Encoding
etag: W/"6621c55e-755"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 929
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlibMireAuthentification.min.5e969969429038946546644a08b416ee.js | 63.250.43.137 | 200 OK | 4.6 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlibMireAuthentification.min.5e969969429038946546644a08b416ee.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (590) Hashb9dd81643dfaf28786a367b0d5921612 95ab69c79ce4821bb24808d02e4fe4cfe4e85f90 6bee41e9113556a9fdd727a0d39d5be85f634e7bbbb7561c7b648a2d4d1fbbf0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/clientlibMireAuthentification.min.5e969969429038946546644a08b416ee.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:14:06 GMT
vary: Accept-Encoding
etag: W/"6621c55e-5e69"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 4589
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/jQuery.min.affcbf7942d5bedb0785712.js | 63.250.43.137 | 200 OK | 44 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/jQuery.min.affcbf7942d5bedb0785712.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (585) Hash0788a8f61b6fefd5e24be8ee105ccbfe 913ab146281c5f797c7213989674694896b198d8 3895b1ae68326e2f741061e13771b1c944097c408f33c99699655e0364313076
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/jQuery.min.affcbf7942d5bedb0785712.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
last-modified: Fri, 19 Apr 2024 01:14:07 GMT
etag: "6621c55f-25b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 44439
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/jquery.min.js | 63.250.43.137 | 200 OK | 31 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/jquery.min.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators Hash2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/jquery.min.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
last-modified: Fri, 19 Apr 2024 01:14:07 GMT
etag: "6621c55f-15851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 30719
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlib-general.min.b5ff34b2035703897d75f3a3044f3a1e.js | 63.250.43.137 | 200 OK | 128 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/js/clientlib-general.min.b5ff34b2035703897d75f3a3044f3a1e.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (566) Size128 kB (128378 bytes) Hash229113d37de703d7189887acda7513da 060ade72048aa11bd6000dfcbca4533842f5bcaa eb8461077604851903d1b98dd1a970b7ee8aeacd16ca7c1b8097c45b857c5ffa
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/js/clientlib-general.min.b5ff34b2035703897d75f3a3044f3a1e.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 01:14:06 GMT
vary: Accept-Encoding
etag: W/"6621c55e-81a1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
content-length: 128378
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/npcicons-crunchy/npcicons-crunchy.woff2 | 63.250.43.137 | 200 OK | 16 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/npcicons-crunchy/npcicons-crunchy.woff2 IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16124, version 1.0 Hash7eefcde0bd0f11ff896e571772c36544 7e205d90e6f19f35ee0f73f51d67f9377b8a0b64 2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/fonts/npcicons-crunchy/npcicons-crunchy.woff2 HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:35 GMT
content-type: font/woff2
content-length: 16124
last-modified: Fri, 19 Apr 2024 01:14:10 GMT
etag: "6621c562-3efc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://miencauenvca-ec3508.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 13
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/0523-ZDG-assu-2roues-8.jpg | 63.250.43.137 | 200 OK | 156 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/0523-ZDG-assu-2roues-8.jpg IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x960, components 3 Size156 kB (156028 bytes) Hashaff38a796a3f9f03f5294fac4347810c 8efcfb977ac17abf10594b3bf09ae8cfde18885d 2c00ba44e57bf1d4f5448c95ef2bc8a7b2f12383d02df3a9b81abd10398b17df
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/img/0523-ZDG-assu-2roues-8.jpg HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
content-type: image/jpeg
content-length: 156028
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
etag: "6621c546-2617c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/202212_jecorenove_zdg.jpg | 63.250.43.137 | 200 OK | 824 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/202212_jecorenove_zdg.jpg IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3 Size824 kB (823656 bytes) Hash1994d59abfdc53f87d0c67ab4195544e 29623963d760621dc0188e8dcb51c7f85748dd02 4cb7daace5fdae788251ee123a4fc8f4490f4c2e8672dee9e57e812674c81be0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/img/202212_jecorenove_zdg.jpg HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
content-type: image/jpeg
content-length: 823656
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
etag: "6621c546-c9168"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 23
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Bold.woff2 | 63.250.43.137 | 200 OK | 39 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Bold.woff2 IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39264, version 3.19726 Hash003e90cf8cb3f8b4bef30d6764da18ed 512e44f40b54d0e5e081dda9fd5ea8a4429a508c 319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Bold.woff2 HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:35 GMT
last-modified: Fri, 19 Apr 2024 01:14:10 GMT
etag: "6621c562-9960"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://miencauenvca-ec3508.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: font/woff2
content-length: 39264
x-cacheable: YES
age: 13
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Light.woff2 | 63.250.43.137 | 200 OK | 40 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Light.woff2 IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40280, version 3.19726 Hash7624ae091962735719fb82bf900c22b7 393477ccdcd62b914d90dd379dd7d677d761e416 e266d1f2bcf1da0faff6964637fdcd9a4e47c50a7a56be74424f409f30c83c5e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Light.woff2 HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:35 GMT
content-type: font/woff2
content-length: 40280
last-modified: Fri, 19 Apr 2024 01:14:10 GMT
etag: "6621c562-9d58"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://miencauenvca-ec3508.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 13
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Book.woff2 | 63.250.43.137 | 200 OK | 42 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Book.woff2 IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41728, version 3.19726 Hashd838b98f75e3cb9574f9b8b796eb1e8f fcdf131af872ce9ecda9a437cdf67d23c5940d97 3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Book.woff2 HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:35 GMT
last-modified: Fri, 19 Apr 2024 01:14:10 GMT
etag: "6621c562-a300"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://miencauenvca-ec3508.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: font/woff2
content-length: 41728
x-cacheable: YES
age: 13
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Medium.woff2 | 63.250.43.137 | 200 OK | 42 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Medium.woff2 IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41488, version 3.19726 Hash68ce85d44fef05344ea74f94f3e6b472 3a380914e04ef35820bbe619e1f902d4b250a997 ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-Medium.woff2 HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:35 GMT
last-modified: Fri, 19 Apr 2024 01:14:10 GMT
etag: "6621c562-a210"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://miencauenvca-ec3508.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: font/woff2
content-length: 41488
x-cacheable: YES
age: 13
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-BookItalic.woff2 | 63.250.43.137 | 200 OK | 56 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-BookItalic.woff2 IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 55756, version 0.0 Hash4d95475e40456865a2a177907f05c594 74a5f84d3ae21573cd2731fefc01724118b77ba7 a3c2bad0d5980ef5310af17d779ceee01a266f1efdc2ae08224deb8f7b8efa0d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/fonts/gotham/Gotham-BookItalic.woff2 HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/css/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:35 GMT
content-type: font/woff2
content-length: 55756
last-modified: Fri, 19 Apr 2024 01:14:10 GMT
etag: "6621c562-d9cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://miencauenvca-ec3508.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 13
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/token.json | 63.250.43.137 | 200 OK | 2 B |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/token.json IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/token.json HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
last-modified: Fri, 19 Apr 2024 01:13:33 GMT
etag: "6621c53d-2"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-type: application/json
content-length: 2
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/dep/CA_logo.png | 63.250.43.137 | 200 OK | 19 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/dep/CA_logo.png IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typePNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced Hash71cb5c78702e00ffb116f88d9280896a d32b9b4f245643b1e4477f923b12a4d17d50cc3d f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/img/dep/CA_logo.png HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
content-type: image/png
content-length: 18782
last-modified: Fri, 19 Apr 2024 01:14:11 GMT
etag: "6621c563-495e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/favicon.png | 63.250.43.137 | 200 OK | 26 kB |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/assets/img/favicon.png IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x782, components 3 Hashb97344aec9a8c00a0037b00de3cb65b8 b2499fd6933a79e99d530e2dcbc09a36feef7d4e d9225828a2b4df13f9895b1ea331221239370d7787927c0038b30a725cf3d908
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/assets/img/favicon.png HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:47 GMT
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
etag: "6621c546-64f1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: image/png
content-length: 25841
x-cacheable: YES
age: 1
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/undefined | 63.250.43.137 | 200 OK | 0 B |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/undefined IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/pages/undefined HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
content-type: application/octet-stream
content-length: 0
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
etag: "6621c546-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 22
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/undefinedjsonp/inbenta.js | 63.250.43.137 | 404 Not Found | 146 B |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/undefinedjsonp/inbenta.js IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/pages/undefinedjsonp/inbenta.js HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 25 Apr 2024 13:59:48 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/undefined | 63.250.43.137 | 200 OK | 0 B |
URL GET HTTP/2miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/undefined IP63.250.43.137:443
Requested byhttps://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca CertificateIssuerSectigo Limited Subject*.ingress-florina.ewp.live Fingerprint2D:3A:E3:5D:A8:DA:82:A3:12:E5:67:D5:9A:58:E4:57:0C:93:C1:BC ValidityTue, 09 May 2023 00:00:00 GMT - Sat, 25 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Credit Agricole |
GET /wp-content/plugins/crdahtpps/pages/undefined HTTP/1.1
Host: miencauenvca-ec3508.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://miencauenvca-ec3508.ingress-florina.ewp.live/wp-content/plugins/crdahtpps/pages/auth.php?regImg=&lca
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:59:25 GMT
content-type: application/octet-stream
content-length: 0
last-modified: Fri, 19 Apr 2024 01:13:42 GMT
etag: "6621c546-0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
x-cacheable: YES
age: 23
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|