creditag30.temp.swtest.ru Open in urlscan Pro
77.222.40.7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.alliedpayments.ca/wp-admin/css/SAS.html
Effective URL:
http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Submission Tags: 7150963
Submission: On June 02 via api (June 2nd 2021, 4:18:28 am UTC) from NL

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 77.222.40.7, located in Russian Federation and belongs to SWEB-AS, RU. The main domain is creditag30.temp.swtest.ru.

This is the only time creditag30.temp.swtest.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	174.138.112.60 174.138.112.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 13	77.222.40.7 77.222.40.7	44112 (SWEB-AS) (SWEB-AS)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
19	5

2 174.138.112.60 (Toronto, Canada) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.alliedpayments.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 77.222.40.7 (Russian Federation) 1 redirects

ASN44112 (SWEB-AS, RU)
PTR: vh290.sweb.ru

creditag30.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Virgin Islands (British))

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	swtest.ru 1 redirects creditag30.temp.swtest.ru	651 KB
4	gstatic.com fonts.gstatic.com	58 KB
2	alliedpayments.ca 1 redirects www.alliedpayments.ca	517 B
1	googleapis.com fonts.googleapis.com	1 KB
1	telegram.org api.telegram.org
19	5

	Domain	Requested by
13	creditag30.temp.swtest.ru	1 redirects creditag30.temp.swtest.ru
4	fonts.gstatic.com	fonts.googleapis.com
2	www.alliedpayments.ca	1 redirects
1	fonts.googleapis.com	creditag30.temp.swtest.ru
1	api.telegram.org	creditag30.temp.swtest.ru
19	5

This site contains no links.

Subject Issuer	Validity	Valid
www.alliedpayments.ca R3	`2021-04-11` - `2021-07-10`	3 months	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2020-03-24` - `2022-05-23`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Frame ID: 956E5DFFEB3EC3E99524F182E254F839
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.alliedpayments.ca/wp-admin/css/SAS.html HTTP 301
https://www.alliedpayments.ca/wp-admin/css/SAS.html Page URL
http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/ HTTP 302
http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

37 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

710 kB
Transfer

1663 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.alliedpayments.ca/wp-admin/css/SAS.html HTTP 301
https://www.alliedpayments.ca/wp-admin/css/SAS.html Page URL
http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/ HTTP 302
http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.alliedpayments.ca/wp-admin/css/SAS.html HTTP 301
https://www.alliedpayments.ca/wp-admin/css/SAS.html

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

SAS.html Show response
www.alliedpayments.ca/wp-admin/css/
Redirect Chain

http://www.alliedpayments.ca/wp-admin/css/SAS.html
https://www.alliedpayments.ca/wp-admin/css/SAS.html

193 B
308 B

333ms
112ms

Document
text/html

174.138.112.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.alliedpayments.ca/wp-admin/css/SAS.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.112.60 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Caddy nginx/1.17.8 /
Resource Hash: b0c2a8f41f73ef97ab663deb08697271f5680e2db8e5d23a574d42030aa20932

Request headers

:method: GET
:authority: www.alliedpayments.ca
:scheme: https
:path: /wp-admin/css/SAS.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Wed, 02 Jun 2021 04:18:11 GMT
etag: W/"60b64e38-c1"
last-modified: Tue, 01 Jun 2021 15:11:52 GMT
server: Caddy nginx/1.17.8
vary: Accept-Encoding
content-length: 170

Redirect headers

content-type: text/html; charset=utf-8
location: https://www.alliedpayments.ca/wp-admin/css/SAS.html
server: Caddy
date: Wed, 02 Jun 2021 04:18:11 GMT
content-length: 86

GET
H/1.1

200
OK

Primary Request region.php Show response
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/
Redirect Chain

http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/
http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier

9 KB
3 KB

67ms
67ms

Document
text/html

77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 / PHP/7.1.33
Resource Hash: 3ba99f170fb058b3e37a78b5757eecc71d31ee8a905e7641a063523a6db4b899

Request headers

Host: creditag30.temp.swtest.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.alliedpayments.ca/wp-admin/css/SAS.html

Response headers

Server: nginx/1.19.1
Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx/1.19.1
Date: Wed, 02 Jun 2021 04:18:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4
Connection: keep-alive
Keep-Alive: timeout=10
X-Powered-By: PHP/7.1.33
Set-Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
location: 5c6dcc23a9ad090/region.php?particulier#_5c6dcc23a9ad090cf

GET
H/1.1 401
Unauthorized sendMessage
api.telegram.org/bot1330351045:AAGydyDiUMC1H-iEa2QN75PpsMbijNDvZkQ/ 0
0 1170ms
1143ms Image
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.telegram.org/bot1330351045:AAGydyDiUMC1H-iEa2QN75PpsMbijNDvZkQ/sendMessage?chat_id=1294072902&text=Click%20CA
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 , Virgin Islands (British), ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://creditag30.temp.swtest.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection

GET
H/1.1 200
OK bootstrap.min.css
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/ 138 KB
21 KB 66ms
66ms Stylesheet
text/css 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/bootstrap.min.css
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6c86e14-22688-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK helpers.css
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/ 40 KB
5 KB 122ms
62ms Stylesheet
text/css 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/helpers.css
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 007d273e883c81c8c462037d144b2a46cc07d4999a80395c2e29d61538134fac

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6c86e16-9faa-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK fonts.css
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/ 1 KB
598 B 123ms
62ms Stylesheet
text/css 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/fonts.css
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 98b62b715000035bde65a6ada525f27da578202c9996ef4acfd8bcd725a7374c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6c86e15-570-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK main.css
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/ 10 KB
3 KB 126ms
65ms Stylesheet
text/css 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/main.css
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: b5ec4481a0e5b1ea5153b691b2247a74b765bb3a62757d851438a4393170272c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6c86e17-285c-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK calogo.png
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/images/ 18 KB
19 KB 148ms
147ms Image
image/png 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/images/calogo.png
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: "6ce7b03-495e-5adc450a8fa80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 18782

GET
H/1.1 200
OK jquery.min.js Show response
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/ 86 KB
30 KB 134ms
73ms Script
application/x-javascript 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/jquery.min.js
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6d86d83-15851-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK popper.min.js Show response
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/ 20 KB
7 KB 127ms
65ms Script
application/x-javascript 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/popper.min.js
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6d86d86-4f74-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK bootstrap.min.js Show response
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/ 58 KB
15 KB 63ms
63ms Script
application/x-javascript 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/bootstrap.min.js
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6d86d81-e6b2-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK fontawesome.js Show response
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/ 1 MB
378 KB 92ms
92ms Script
application/x-javascript 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/fontawesome.js
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6d86d82-10314e-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK main.js Show response
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/ 4 KB
1 KB 150ms
148ms Script
application/x-javascript 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/js/main.js
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 3fbc9360e36438e4cdcda3f25cb6dad97b6fe96cbba9455ad4bb75183e5fc2dc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/5c6dcc23a9ad090/region.php?particulier
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: W/"6d86d85-111f-5adc450a8fa80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 35ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

Requested by

Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a413b8856c38ae77289c0e1933e8e42687b2b6dd6e0d4355f0918d57db521b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://creditag30.temp.swtest.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 04:18:12 GMT
server: ESF
date: Wed, 02 Jun 2021 04:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Jun 2021 04:18:12 GMT

GET
H/1.1 200
OK particuliers.jpg
creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/images/ 167 KB
167 KB 89ms
89ms Image
image/jpeg 77.222.40.7
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/images/particuliers.jpg
Requested by: Host: creditag30.temp.swtest.ru
URL: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/main.css
Protocol: HTTP/1.1
Server: 77.222.40.7 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh290.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 40eebb3469219ff9cea327b5f7ae1f68ba59a52d539e4a07303cdd8c8cbfc7cb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: creditag30.temp.swtest.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/main.css
Cookie: PHPSESSID=e8f3f4d0d6617475c77b0b34926036ec
Connection: keep-alive
Cache-Control: no-cache
Referer: http://creditag30.temp.swtest.ru/C-Agricole_11/C-Agricole/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 04:18:12 GMT
Last-Modified: Wed, 26 Aug 2020 09:19:22 GMT
Server: nginx/1.19.1
ETag: "6ce7b09-29c96-5adc450a8fa80"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 171158

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://creditag30.temp.swtest.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:32:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 20739
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:32:33 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://creditag30.temp.swtest.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 07:46:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
age: 73886
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
expires: Wed, 01 Jun 2022 07:46:46 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 37ms
18ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://creditag30.temp.swtest.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 12:56:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
age: 55286
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
expires: Wed, 01 Jun 2022 12:56:46 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
14 KB 32ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://creditag30.temp.swtest.ru
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:07:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
age: 33051
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
expires: Wed, 01 Jun 2022 19:07:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			creditag30.temp.swtest.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: e8f3f4d0d6617475c77b0b34926036ec

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
creditag30.temp.swtest.ru
fonts.googleapis.com
fonts.gstatic.com
www.alliedpayments.ca
174.138.112.60
2001:67c:4e8:f004::9
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
77.222.40.7
007d273e883c81c8c462037d144b2a46cc07d4999a80395c2e29d61538134fac
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
3ba99f170fb058b3e37a78b5757eecc71d31ee8a905e7641a063523a6db4b899
3fbc9360e36438e4cdcda3f25cb6dad97b6fe96cbba9455ad4bb75183e5fc2dc
40eebb3469219ff9cea327b5f7ae1f68ba59a52d539e4a07303cdd8c8cbfc7cb
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
98b62b715000035bde65a6ada525f27da578202c9996ef4acfd8bcd725a7374c
a413b8856c38ae77289c0e1933e8e42687b2b6dd6e0d4355f0918d57db521b40
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
b0c2a8f41f73ef97ab663deb08697271f5680e2db8e5d23a574d42030aa20932
b5ec4481a0e5b1ea5153b691b2247a74b765bb3a62757d851438a4393170272c
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b

creditag30.temp.swtest.ru Open in urlscan Pro 77.222.40.7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

37 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

710 kBTransfer

1663 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

1 Cookies

Indicators

creditag30.temp.swtest.ru Open in urlscan Pro
77.222.40.7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

37 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

710 kB
Transfer

1663 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!