www.agrlcole-online.site Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request autorize1674140314261924 Show response www.agrlcole-online.site/	953 KB 122 KB	888ms 829ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61ca16eadce4371284be353cd73f8be2636503475490fa0983f9f662c904d71a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 78f2ec835bb5b6fa-AMS content-encoding br content-type text/html; charset=UTF-8 date Wed, 25 Jan 2023 18:03:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToCV1pQfj15F014jLmlAeORtKNDPo03oQYWtk19iNO6wJ4LBo9Uh4Pwoe8UE1OaGOJpr%2FLYt5XdNI5xShEIKufQwUvCeAEX2VmTF0yndayh2XiWw6nnxr1h26cgdFEVUhqpFZEC5G7kAYH2sX4Hqk18EQ%2B648AA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	ppms.js Show response ca24.credit-agricole.pl/ppas/	72 KB 24 KB	241ms 82ms	Script application/javascript	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Full URL https://ca24.credit-agricole.pl/ppas/ppms.js Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash 559e729c20a906611c1cc59ed46bb970176f0f4fd7ac153700baaef221c076cd Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:09 GMT content-encoding gzip x-content-type-options nosniff Strict-Transport-Security max-age=15552000 last-modified Mon, 11 Apr 2022 08:51:54 GMT etag W/"6253ec2a-11e9b" transfer-encoding chunked vary Accept-Encoding content-type application/javascript cache-control max-age=21600 expires Thu, 26 Jan 2023 00:03:09 GMT
GET H/1.1	200 OK	265f0d0d-835d-4e15-8170-8ce06578a812.js Show response ca24.credit-agricole.pl/ppas/containers/	235 KB 62 KB	341ms 93ms	Script application/javascript	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Full URL https://ca24.credit-agricole.pl/ppas/containers/265f0d0d-835d-4e15-8170-8ce06578a812.js Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash c705bcac1093c845c99043e562caabe2ef79ccec0f7ebf3e652e2de6088fd8ef Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:09 GMT content-encoding gzip Strict-Transport-Security max-age=15552000 transfer-encoding chunked vary Accept-Encoding, Accept-Encoding, Cookie content-type application/javascript; charset=utf-8 cache-control public, must-revalidate, max-age=360 x-robots-tag none
GET		38364b14-1dc9-4199-b347-e96f73ab20ee https://ca24.credit-agricole.pl/	0 0
GET H/1.1	200 OK	tips.min.js Show response ca24.credit-agricole.pl/TIPS.MIN/	59 KB 23 KB	77ms 63ms	Script text/javascript	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Full URL https://ca24.credit-agricole.pl/TIPS.MIN/tips.min.js Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash 64a04296ba4daf7ff4738b655ee2e1e9ac2c70f1c6041491fb5ccb39608723e0 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options deny Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Wed, 25 Jan 2023 18:03:09 GMT Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff Last-Modified Fri, 14 Aug 2020 12:39:08 GMT Content-Encoding gzip ETag "6f9-eaf7-5acd5b4fc5300" ntCoent-Length 60151 X-Frame-Options deny Transfer-Encoding chunked Content-Type text/javascript Cache-Control private Connection close Accept-Ranges bytes
GET H2	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/51/5/intl/ru_ALL/	272 KB 76 KB	116ms 34ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/51/5/intl/ru_ALL/common.js Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4df0c666a9374049397522d767c3dd43e4380cda8716bc31a680536f0132b16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 18 Jan 2023 18:55:17 GMT content-encoding gzip x-content-type-options nosniff age 601672 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77404 x-xss-protection 0 last-modified Wed, 11 Jan 2023 03:05:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 18 Jan 2024 18:55:17 GMT
GET H2	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/51/5/intl/ru_ALL/	160 KB 58 KB	150ms 68ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/51/5/intl/ru_ALL/util.js Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1de07efaf4ffd93ccb0a47d4e2185504835c6d74f61d9dabbc1804195d31613c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 24 Jan 2023 19:07:17 GMT content-encoding gzip x-content-type-options nosniff age 82552 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 59739 x-xss-protection 0 last-modified Wed, 11 Jan 2023 03:05:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="maps-api-js" vary Accept-Encoding, Origin report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 24 Jan 2024 19:07:17 GMT
GET H/1.1	200 OK	tatry01_1920.f28963ee1529aa8362c8.jpg ca24.credit-agricole.pl/web-ca24/	378 KB 378 KB	54ms 53ms	Image image/jpeg	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ca24.credit-agricole.pl/web-ca24/tatry01_1920.f28963ee1529aa8362c8.jpg Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash 88a2e09afe60f4102ff2554430055172f6754e5545e03ace0710feedde55618d Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 05 Jan 2023 22:50:52 GMT Content-Security-Policy frame-ancestors 'none' X-Content-Type-Options nosniff Strict-Transport-Security max-age=15552000 Age 1710737 X-Cache HIT Connection keep-alive Content-Length 386670 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin Last-Modified Thu, 10 Nov 2022 08:27:22 GMT X-Frame-Options deny Content-Type image/jpeg Cache-Control public, max-age=2592000, immutable Accept-Ranges bytes Expires Sat, 4 Feb 2023 22:50:52 GMT
GET H/1.1	200 OK	ca-color-top.c8bd5adb63b9f872b79f.png ca24.credit-agricole.pl/web-ca24/	7 KB 8 KB	128ms 53ms	Image image/png	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ca24.credit-agricole.pl/web-ca24/ca-color-top.c8bd5adb63b9f872b79f.png Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash 5a6f9c5f1c09ebc5a2a98420e83e6fd10344ab339bab5dcfe3f2327f264e27a5 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 05 Jan 2023 22:50:55 GMT Content-Security-Policy frame-ancestors 'none' X-Content-Type-Options nosniff Strict-Transport-Security max-age=15552000 Age 1710734 X-Cache HIT Connection keep-alive Content-Length 7534 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin Last-Modified Thu, 10 Nov 2022 08:27:22 GMT X-Frame-Options deny Content-Type image/png Cache-Control public, max-age=2592000, immutable Accept-Ranges bytes Expires Sat, 4 Feb 2023 22:50:55 GMT
GET H/1.1	200 OK	exclamation.4fe516ee1ff6000c6f2d.svg ca24.credit-agricole.pl/web-ca24/	1 KB 2 KB	154ms 53ms	Image image/svg+xml	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ca24.credit-agricole.pl/web-ca24/exclamation.4fe516ee1ff6000c6f2d.svg Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash ae6608a40011f5d84a70db17087854a02e2c4c86797750f61850d0e7c701db0d Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 05 Jan 2023 22:50:55 GMT Content-Security-Policy frame-ancestors 'none' X-Content-Type-Options nosniff Strict-Transport-Security max-age=15552000 Age 1710734 X-Cache HIT Connection keep-alive Content-Length 1073 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin Last-Modified Thu, 10 Nov 2022 08:27:22 GMT X-Frame-Options deny Content-Type image/svg+xml Cache-Control public, max-age=2592000, immutable Accept-Ranges bytes Expires Sat, 4 Feb 2023 22:50:55 GMT
GET H/1.1	200 OK	ca-bottom.62d9a72003434ef4d544.png ca24.credit-agricole.pl/web-ca24/	3 KB 3 KB	154ms 53ms	Image image/png	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ca24.credit-agricole.pl/web-ca24/ca-bottom.62d9a72003434ef4d544.png Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash 186cba3f3acdd82e4a5ece7a9c6d2b4a9508569e6fcea7bbd0fe13208574d233 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 05 Jan 2023 22:50:55 GMT Content-Security-Policy frame-ancestors 'none' X-Content-Type-Options nosniff Strict-Transport-Security max-age=15552000 Age 1710734 X-Cache HIT Connection keep-alive Content-Length 2594 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin Last-Modified Thu, 10 Nov 2022 08:27:22 GMT X-Frame-Options deny Content-Type image/png Cache-Control public, max-age=2592000, immutable Accept-Ranges bytes Expires Sat, 4 Feb 2023 22:50:55 GMT
GET H2	404	opensans-light-webfont.cbdddd82806c040d1094.woff2 www.agrlcole-online.site/web-ca24/	0 0	148ms 147ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-light-webfont.cbdddd82806c040d1094.woff2 Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5krxJ%2B605T8wgPY7Ng14nXsB391aMo5fYJeb%2FpehYrkmy4U6ssVcYu2Gahx1V9b0mOW0grqD8shcuonfTbrlmiCYj6FXCdyt%2Be9JyxKD4dIHT0M1P90YJEym9lUFc7omfNarVRk%2BbwG0JZRR%2FEMSkiSEnomhDVE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8b0d62b6fa-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	opensans-semibold-webfont.a1002012dca0be4207de.woff www.agrlcole-online.site/web-ca24/	0 0	143ms 142ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-semibold-webfont.a1002012dca0be4207de.woff Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ok1wRb%2ByZfA9A0XC0PTmkHnzqTsNOhPZxOVFSPC10m5nmn4GcipYFVse%2FHGPgKfTPMY%2BGZdWdhZbg6B94PxxYgRDOvTjDS9zhwmnqJ2E6mQVuN78gETctZjhgpwrb69Rua7SpTB1BCkZPtpqnybJSOeRCPO4QA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8b0d63b6fa-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	opensans-bold-webfont.abb0d57f9767d0a5f7b1.woff2 www.agrlcole-online.site/web-ca24/	0 0	146ms 146ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-bold-webfont.abb0d57f9767d0a5f7b1.woff2 Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLGZ%2BJHXIyVaVFdibIo5cRVN1sYg4cVEyOT%2FIrV2KGAP0dRMeN%2FuNe0iAEtxKPB0FBlnhitTfBO%2FCUW%2FHzcuTb7odJiLF47pgSWDMXiWHQrCkkJj9MEiXkjcHlju4F1XEoEIDO1yj74bxY2R%2F5XVQ4AxTPugtmI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8b0d65b6fa-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	opensans-extrabold-webfont.055e630e6283c52c06a0.woff2 www.agrlcole-online.site/web-ca24/	0 0	154ms 153ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-extrabold-webfont.055e630e6283c52c06a0.woff2 Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAoymPjlscs%2FwwXKeAv88FnDNcxrAbI6s9PqRKe1%2FYMRhHmz2oZ%2BRnTLlI%2FNeJS0sIPxEyNnllvVBChhIE2csl%2Bqc4CfzC90bXMZ%2FIYfGAs8dnkmhYRqPOGOfcQx87fWI1VQ7BT44NNSL8aPwsEFjDlzin6Bauk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8b0d68b6fa-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	cawebfont.f560ccebbc02cf1d0d46.woff www.agrlcole-online.site/web-ca24/	0 0	138ms 138ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/cawebfont.f560ccebbc02cf1d0d46.woff?ts=202103301455 Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORsstOat1cI8GppPcOtS3Gb3ErCIXotisa6AtDssMlfczfXlY8dg3fdX8yzyWBUnT4oGoZIBkoMw%2FmCcDV7BXjCzo5%2Fg7h3vE6895aUzZcwlW%2BtHhQECKHV%2BoSESoQGCt%2F8zfWsolG%2F6hvyz%2F8ia7A4tPJFYNrk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8b0d6cb6fa-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	opensans-regular-webfont.38aa7ef26d1a28dcf0ab.woff2 www.agrlcole-online.site/web-ca24/	0 0	154ms 154ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-regular-webfont.38aa7ef26d1a28dcf0ab.woff2 Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbmPb6ALNeDFe6ug4tKvPMUQuOtwYrQqZfihCJZlqyJtmKvi9MKzyjvH5yuWODc6qklgU%2F9XK9ls7YLY4CY5F%2BjfVDmH%2BlUVWKVuH%2BuOeyA67f3vajgHQSb12I8XYLZ%2Fgn1w5FnssK3yKqLPY1Vs2KGaqYOmx2w%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8b0d6eb6fa-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	flag-pl.2115d36b89c9c6ae4c50.svg ca24.credit-agricole.pl/web-ca24/	814 B 1 KB	132ms 55ms	Image image/svg+xml	193.0.242.176 LUKAS-BANK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ca24.credit-agricole.pl/web-ca24/flag-pl.2115d36b89c9c6ae4c50.svg Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.0.242.176 Wroclaw, Poland, ASN24756 (LUKAS-BANK-AS, PL), Reverse DNS Software / Resource Hash 1000326dceb975a45e4c7f2cd02e31e28ce1de4452c749dcdc7936dafa5741d4 Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.agrlcole-online.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 05 Jan 2023 22:50:55 GMT Content-Security-Policy frame-ancestors 'none' X-Content-Type-Options nosniff Strict-Transport-Security max-age=15552000 Age 1710734 X-Cache HIT Connection keep-alive Content-Length 814 X-XSS-Protection 1; mode=block Referrer-Policy strict-origin Last-Modified Thu, 10 Nov 2022 08:27:22 GMT X-Frame-Options deny Content-Type image/svg+xml Cache-Control public, max-age=2592000, immutable Accept-Ranges bytes Expires Sat, 4 Feb 2023 22:50:55 GMT
GET H3	404	opensans-bold-webfont.e6c894a5fe25fdd50a28.woff www.agrlcole-online.site/web-ca24/	0 0	128ms 127ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-bold-webfont.e6c894a5fe25fdd50a28.woff Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpzPCmf8eIANI1MJFZ9nV9LmAZaYoAQDCTe39nqSurqXRnq7ocFTdOP6zKbZZwfLdsIxp%2Bd2MMCYEfqzz%2FZwYFCFIsTHDnuEajsIektvAm5SX6roiX96PQg%2BnOj95YcQMhCCFbqtTKQlD%2Fld6BX7tfiskYba9x4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8bf87db981-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	opensans-light-webfont.eea98364b03f026a718f.woff www.agrlcole-online.site/web-ca24/	0 0	126ms 126ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-light-webfont.eea98364b03f026a718f.woff Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia0b8pxe%2B7tCv9547XhBpeDbajOW2YwNDkFpLM7ZRwZuEUrQCp6kzgNJFaZ2oaqDTriZGFKz9CYime8gM0jDmiAzdRaPHHE%2BZUPEsWZThZj%2FzWy3nFiqZIBL%2BYwRlo2YBrhkmpFNCKQhWc08a6K2q3pAjj7wI9c%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8bf880b981-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	opensans-extrabold-webfont.851f33ee5e56e8516ead.woff www.agrlcole-online.site/web-ca24/	0 0	140ms 140ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-extrabold-webfont.851f33ee5e56e8516ead.woff Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOrq4iP9l0YQtT38L1gS8mqOwSE%2BmmHIwsO4Q0rmqlRkw3gMoWrSnGH6CAXSEV3rPdZ6XeDr1Yck%2Fk%2BPdprnmgUgEotuVYAryCGltP07FmYiqGh9feNORkJe4ni%2FnRnRBpPoutea0bDTJmzRy%2BUnGQdYb4tVQ8E%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8c08a5b981-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	opensans-regular-webfont.80a2faaf8fd1c518495d.woff www.agrlcole-online.site/web-ca24/	0 0	132ms 132ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.agrlcole-online.site/web-ca24/opensans-regular-webfont.80a2faaf8fd1c518495d.woff Requested by Host: www.agrlcole-online.site URL: https://www.agrlcole-online.site/autorize1674140314261924 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.agrlcole-online.site/autorize1674140314261924 Origin https://www.agrlcole-online.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Wed, 25 Jan 2023 18:03:10 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upSgJCzkujuaYXYw4TVMH1yrqxfpaB4kL%2BivT8G5ebMWUt%2FLjfDjae%2Fo8wrH3buGnkIOotCi1d77OECINdfpRephQJ29z0Ke4IUsDojj%2F%2FwzKxGQTlEOiaO0E%2BqOuB%2FKGY7lc9gJaRzeosUt%2BgDE6eHl8HapCiw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 78f2ec8c18acb981-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ca24.credit-agricole.pl

URL

blob:https://ca24.credit-agricole.pl/38364b14-1dc9-4199-b347-e96f73ab20ee

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| _paq object| Piwik object| AnalyticsTracker function| piwik_log function| d22 function| inputMask string| SYNC_EVENT string| ONCE_PER_PAGE_VIEW_ACTION string| ONCE_PER_SESSION_ACTION string| VARIABLE_NAME string| COOKIE_PREFIX string| GLOBAL_CONFIG_NAME function| ppmsWebStorage object| sevenTag object| dataLayer object| ppms

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.agrlcole-online.site/	1970-01-20 09:11:11	Name: stg_traffic_source_priority Value: 1
			www.agrlcole-online.site/	1969-12-31 23:59:59	Name: stg_externalReferrer Value:
			www.agrlcole-online.site/	1970-01-20 17:56:45	Name: stg_last_interaction Value: Wed%2C%2025%20Jan%202023%2018:03:10%20GMT
			www.agrlcole-online.site/	1970-01-20 17:56:45	Name: stg_returning_visitor Value: Wed%2C%2025%20Jan%202023%2018:03:10%20GMT

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.agrlcole-online.site/autorize1674140314261924 Message: Not allowed to load local resource: blob:https://ca24.credit-agricole.pl/38364b14-1dc9-4199-b347-e96f73ab20ee
network	error	URL: https://www.agrlcole-online.site/web-ca24/cawebfont.f560ccebbc02cf1d0d46.woff?ts=202103301455 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-semibold-webfont.a1002012dca0be4207de.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-bold-webfont.abb0d57f9767d0a5f7b1.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-light-webfont.cbdddd82806c040d1094.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-extrabold-webfont.055e630e6283c52c06a0.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-regular-webfont.38aa7ef26d1a28dcf0ab.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-light-webfont.eea98364b03f026a718f.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-bold-webfont.e6c894a5fe25fdd50a28.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-regular-webfont.80a2faaf8fd1c518495d.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.agrlcole-online.site/web-ca24/opensans-extrabold-webfont.851f33ee5e56e8516ead.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ca24.credit-agricole.pl
maps.googleapis.com
www.agrlcole-online.site
ca24.credit-agricole.pl
193.0.242.176
2a00:1450:4001:827::200a
2a06:98c1:3121::3
1000326dceb975a45e4c7f2cd02e31e28ce1de4452c749dcdc7936dafa5741d4
186cba3f3acdd82e4a5ece7a9c6d2b4a9508569e6fcea7bbd0fe13208574d233
1de07efaf4ffd93ccb0a47d4e2185504835c6d74f61d9dabbc1804195d31613c
559e729c20a906611c1cc59ed46bb970176f0f4fd7ac153700baaef221c076cd
5a6f9c5f1c09ebc5a2a98420e83e6fd10344ab339bab5dcfe3f2327f264e27a5
61ca16eadce4371284be353cd73f8be2636503475490fa0983f9f662c904d71a
64a04296ba4daf7ff4738b655ee2e1e9ac2c70f1c6041491fb5ccb39608723e0
88a2e09afe60f4102ff2554430055172f6754e5545e03ace0710feedde55618d
ae6608a40011f5d84a70db17087854a02e2c4c86797750f61850d0e7c701db0d
b4df0c666a9374049397522d767c3dd43e4380cda8716bc31a680536f0132b16
c705bcac1093c845c99043e562caabe2ef79ccec0f7ebf3e652e2de6088fd8ef