cecafaonline.com Open in urlscan Pro
207.174.213.93  Malicious Activity! Public Scan

Submitted URL: http://davidmachinerygroup.com/model.php
Effective URL: https://cecafaonline.com/ca/agricolefrance/
Submission: On January 22 via manual from IN

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 207.174.213.93, located in Burlington, United States and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is cecafaonline.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 26th 2020. Valid for: a year.
This is the only time cecafaonline.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 207.174.214.139 394695 (PUBLIC-DO...)
12 207.174.213.93 394695 (PUBLIC-DO...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
13 2
Apex Domain
Subdomains
Transfer
12 cecafaonline.com
cecafaonline.com
659 KB
1 jquery.com
code.jquery.com
81 KB
1 davidmachinerygroup.com
davidmachinerygroup.com
218 B
13 3
Domain Requested by
12 cecafaonline.com cecafaonline.com
1 code.jquery.com cecafaonline.com
1 davidmachinerygroup.com 1 redirects
13 3

This site contains no links.

Subject Issuer Validity Valid
cecafaonline.com
Sectigo RSA Domain Validation Secure Server CA
2020-11-26 -
2021-11-26
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh

This page contains 1 frames:

Primary Page: https://cecafaonline.com/ca/agricolefrance/
Frame ID: FBAF972DBFBFEE8F2267DBA10850AFDB
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://davidmachinerygroup.com/model.php HTTP 302
    https://cecafaonline.com/ca/agricolefrance/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

741 kB
Transfer

2156 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://davidmachinerygroup.com/model.php HTTP 302
    https://cecafaonline.com/ca/agricolefrance/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cecafaonline.com/ca/agricolefrance/
Redirect Chain
  • http://davidmachinerygroup.com/model.php
  • https://cecafaonline.com/ca/agricolefrance/
23 KB
5 KB
Document
General
Full URL
https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
f4c4a3e3425f675b29e4ef93cee4d932f4e16829eb9d1a1e3007c817e5c21c30

Request headers

:method
GET
:authority
cecafaonline.com
:scheme
https
:path
/ca/agricolefrance/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:27 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
5416
content-type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 22 Jan 2021 12:54:27 GMT
Server
nginx/1.19.5
Content-Type
text/html; charset=UTF-8
Content-Length
0
Location
https://cecafaonline.com/ca/agricolefrance/
X-Server-Cache
false
clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/
1 MB
311 KB
Stylesheet
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
3d4fa9831c884b27ffdec69d695b8825dfb1db9d4b7fe9239f0dd292416f5c59

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 03:18:10 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
clientlibStoreLocatorT33Part.min.f72730de703c2d266b7fde791cfa1701.css
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/
16 KB
4 KB
Stylesheet
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlibStoreLocatorT33Part.min.f72730de703c2d266b7fde791cfa1701.css
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
516b533f35fd31de9fbd049d12e81b64e3e193ae336ac5d97c5daa231bc19fa8

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 03:18:10 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3654
clientlibStoreLocatorT34Part.min.d6f5a64818501f04345746b0e2618b09.css
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/
20 KB
5 KB
Stylesheet
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlibStoreLocatorT34Part.min.d6f5a64818501f04345746b0e2618b09.css
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
be9c2e6f4c408e6a26c48e614bd8dc0600ed393839c07cdc7c1d6142d4fe3bed

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 03:18:10 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4577
clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/
126 B
183 B
Stylesheet
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
b8dfef32142bfb01be95f98c5b2b4f9e387db96bfb6638a6488353d0ab867dd9

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 03:18:14 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
129
npc.css
cecafaonline.com/ca/agricolefrance/etc/designs/ca/
65 B
152 B
Stylesheet
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc.css
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
7ea0b4e54c37dd905880465555342c30ec1b0c2a741d2d5ca16c033c1566754c

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Wed, 11 Mar 2020 03:18:12 GMT
server
Apache
accept-ranges
bytes
content-length
65
content-type
text/css
logo.png
cecafaonline.com/ca/agricolefrance/
29 KB
29 KB
Image
General
Full URL
https://cecafaonline.com/ca/agricolefrance/logo.png
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
af884a315bcd9416a98878e5f5359273033633ab837e9316938827a62124ab8d

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Wed, 11 Mar 2020 03:37:04 GMT
server
Apache
accept-ranges
bytes
content-length
29487
content-type
image/png
jquery-3.4.1.js
code.jquery.com/
274 KB
81 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Origin
https://cecafaonline.com
Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:27 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-4472c"
vary
Accept-Encoding
x-hw
1611320067.dop209.fr8.t,1611320067.cds264.fr8.hn,1611320067.cds288.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
82889
bg.jpg
cecafaonline.com/ca/agricolefrance/img/
97 KB
98 KB
Image
General
Full URL
https://cecafaonline.com/ca/agricolefrance/img/bg.jpg
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
1743e231c64b15f6a1a1f1b27709bdad707f31c2a1bf0dafb96c436b13a1833d

Request headers

Referer
https://cecafaonline.com/ca/agricolefrance/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Sat, 22 Feb 2020 03:21:58 GMT
server
Apache
accept-ranges
bytes
content-length
99261
content-type
image/jpeg
npcicons.woff2
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/npcicons/
28 KB
28 KB
Font
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/npcicons/npcicons.woff2
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
bfc677b38005de15554d5c097efa3611424a38887e22eac860736813274c82c6

Request headers

Origin
https://cecafaonline.com
Referer
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Wed, 11 Mar 2020 03:18:12 GMT
server
Apache
accept-ranges
bytes
content-length
28788
content-type
font/woff2
OpenSans-Semibold.woff2
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/opensans/
60 KB
61 KB
Font
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/opensans/OpenSans-Semibold.woff2
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
51f0bacf9e49a400a5a2947ef6b14127ef3241b0760d97721e0aedd7add66456

Request headers

Origin
https://cecafaonline.com
Referer
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Wed, 11 Mar 2020 03:18:12 GMT
server
Apache
accept-ranges
bytes
content-length
61548
content-type
font/woff2
OpenSans-Bold.woff2
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/opensans/
60 KB
60 KB
Font
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/opensans/OpenSans-Bold.woff2
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
9c4e734217f5e99191b4a74930a3d1c20fbbd82c5f5f3fb6d910867c2bd064ce

Request headers

Origin
https://cecafaonline.com
Referer
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Wed, 11 Mar 2020 03:18:12 GMT
server
Apache
accept-ranges
bytes
content-length
61364
content-type
font/woff2
OpenSans-Regular.woff2
cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/opensans/
58 KB
59 KB
Font
General
Full URL
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-resources/fonts/opensans/OpenSans-Regular.woff2
Requested by
Host: cecafaonline.com
URL: https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.174.213.93 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
Software
Apache /
Resource Hash
d90fd15b1195709c30038dc52c6836fe9804a48d419134a4f19a3b9856007a8f

Request headers

Origin
https://cecafaonline.com
Referer
https://cecafaonline.com/ca/agricolefrance/etc/designs/ca/npc/clientlib-part.min.d47449a234bc4b4c909a1f229a23a136.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 12:54:28 GMT
last-modified
Wed, 11 Mar 2020 03:18:12 GMT
server
Apache
accept-ranges
bytes
content-length
59836
content-type
font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| isshow

0 Cookies