mutuelleawoundjo.com/postnewl/pomo1.zip
200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/postnewl/pomo1.zip
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
Analyzer Verdict Alert fortinet Phishing
GET /postnewl/pomo1.zip HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 4
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: HIT
X-Varnish: HIT
X-Powered-By: Fastest Cache
X-Request-Id: a1dd1ee776d3849f036c1ae549bb131b
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 19:15:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M0UsXYqxgoQDCYbFUKo-Am82IOtJF-_ag0FzJRAGA0aH-q39Y0mRrw==
Age: 2024
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10181
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 19:49:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WxyNUe8zVLCCnGJ4Z07wvwYDMaFYb1cWwkIv5iDI3Qn9jZEWN930Qg==
age: 37918
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:49:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:49:04 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2853955
expires: Sat, 16 Sep 2023 19:49:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwPfJfH8pQ2Pohoujhz91Qw5bD132eUL6B3RbY09PxK%2BP%2BP%2F7P8WdA3dAqJwDXPffu7TxIKd0%2BE9joD3WJ8lYeCt8wO3tMDA%2BrJVxafVn2Yo9jXKMrN5mHkg8ARMxTa4UG5u1ke9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750e854d9c63b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mutuelleawoundjo.com/assets/css/bootstrap.min.css
200 OK 21 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65324)
Hash e076ec61ea13eef2df9b421b04549a92
5a450d5d55348c9db36c60d2c05f3c2329e5d08a
3d90aeedea968badb107f6084824679562ea2c53af75c72dbff979ee03104326
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 5dde5cdd59514cfca1afd2519db48b88
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/all.min.css
200 OK 12 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/all.min.css
IP
File type ASCII text, with very long lines (53592), with no line terminators
Hash 16d80f886c053851c432d86bc9af2519
9d3b480c50c9ca97d54ba10f5bf0d78f1b71f8e9
cff4a9e698820b8bac881442c8b5e7fcd386121076a57639ce1fef22e17ed12b
GET /assets/css/all.min.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 34c2b076e31e59e4bc953a8e5029536c
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/style.css
200 OK 7.1 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/style.css
IP
File type assembler source, ASCII text
Hash 7fb99bec393a490f8d91721d7fcf6b9b
dde4b1e830d8af6728bdd8bd3033a062766fb426
62b137e3e57e3c89e79eb61bd4f84453a64db31418ca30cdcafa3e0883bca8b5
GET /assets/css/style.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: a32f075e382d6194692e791e53f10571
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/animate.css
200 OK 4.4 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/animate.css
IP
File type ASCII text, with very long lines (460)
Hash d41eb8470e77d4ce68d05e1f5c10eed7
9feea4d68a2bdb3c7ddb0d48a2ff1135e7ebbeed
4520c4b64b1cf2cf7492298df279ffdc826f79a600c701493b927d1e983e24fa
GET /assets/css/animate.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 7ced148cf9727ef7bf6b8ab0d9057f52
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/style-magnific-popup.css
200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/style-magnific-popup.css
IP
Hash 7b8f05b1183b730e02e928a52cc60331
ff78eb959806180ee70e1b755ce1fceb52e8d987
fbb005c814afcef3efb933f74534fbb1cd519812ba53823c48cc3b69866674f6
GET /assets/css/style-magnific-popup.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: f9e6cb949871a9da981850139748840d
Content-Encoding: gzip
mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap
200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
GET /assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 1d002de34e0f81a6ab5c8a6fe662cb88
Content-Encoding: gzip
mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap
200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
GET /assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: b3407b5dfc7f5cb84f1a132537e471c0
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js
200 OK 1.3 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js
IP
File type ASCII text, with very long lines (2269), with CRLF line terminators
Hash 1397396350648dfb825604df63b03f9d
edfd49551f4641779cae86db20a89b07c61c8181
dec1c0a204256be5c7a449cdf1e9315af7562624a3fdd3c4cb2fe8f04e011a29
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.scrollTo-min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 4c2669afee190ea583242bbf6ff921a8
Content-Encoding: gzip
mutuelleawoundjo.com/js/app.e7213973.js
200 OK 11 kB URL HTTP/1.1 mutuelleawoundjo.com/js/app.e7213973.js
IP
File type Unicode text, UTF-8 text, with very long lines (36219)
Hash 74655632f56cf826f086d35e2e754375
4509cd8d6eefa9f6551ab61deca59a2d865b7358
ab93742b286ef958cad7350cad70db3850797ff837fd469348320df543149631
Analyzer Verdict Alert fortinet Phishing
GET /js/app.e7213973.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: d25df471d272ff60fbdcb78b8847292f
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash 05ffdfd26aa0140b0caca060a233cfea
05430a13018f966557e08c8fbe7676c78e7877b4
3f7fe07d4f589f0ac15867e3a47f9999f4bfa6724144e9038b6e024e08cb5877
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1938
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:04 GMT
Last-Modified: Mon, 26 Sep 2022 19:16:46 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js
200 OK 30 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash b7e92b08a6e5907ba8488a8091151d07
cf51b2308b5154f7116e7933456d2ad741e68d6f
b0b99d538931d32643e9d021920b4db9842774b74bdb3582f4e7d78f82bb0308
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 94610dfa4187f142805af3f90dcf770d
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/jquery.nav.js
200 OK 1.9 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery.nav.js
IP
File type ASCII text, with CRLF line terminators
Hash 4e9fe5cce09723a06ea516cd87b93583
691d2b563d0394611e4f6dcd2f720ad71d52d575
3056e91767288aa298f3553545d59381c353ef210a357f293e28cb485d2742e5
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.nav.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 5a95c37b444a98c40ea27eea39f6739b
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js
200 OK 7.7 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js
IP
File type ASCII text, with very long lines (21014), with CRLF line terminators
Hash b6c05412e241fce985169737ec2ffa06
93742215a64e9cfb6feac7ce6c88ead7b8c667fb
38f0fe6bf58b2cd41f0f2d53fe5d094bd7e67474f1e1985c3eb931a04ce9bf27
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: b327354e644e51f45005b09548513bd1
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/wow.js
200 OK 3.6 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/wow.js
IP
File type ASCII text, with CRLF line terminators
Hash f2f3fcc978521c728bcce24108d00b6a
eeae9d90b3330f622dead18d6545dd343fd32770
98bdf547bf0a038bf5183f73864a5e1baa5d36c35ddb791cf6bf734bc54dfe8a
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/wow.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 51912ad1cd780e794d9213bd0fd51b5e
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/bootstrap.min.js
200 OK 14 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (50758)
Hash 2e8e1f197b42775ab5106fa61de291e3
892b25b208b869fca845a3ef18d85412d4798b0b
0f11883c639fb5dd4ed4000da3bf4836567b3d4259e3fb4ace69bd0aac49539e
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 5534c776a8f34dccd9ebd79b0759e183
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/custom.js
200 OK 903 B URL HTTP/1.1 mutuelleawoundjo.com/assets/js/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash 16239eb2e834756028376cc33f68da56
54047e192d55f6846af0d1aeec35b68a242eb038
cc3c055d71a9005b5bf0738ab99edb0aae4000fa2fa7d4254d97dc9f7a8190c0
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/custom.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 8915a0c6e71bf39c5194f886f707e41c
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eb8a8850154f5ab3c71922f600e7c95d
f7f3c77cd7a9c0e7ecae7b8b47f80c372143cc2f
1e2174113140ef310c3a6480464d1ea051a5ad4f17a1c2eb87c1b1854fdaa6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E2174113140EF310C3A6480464D1EA051A5AD4F17A1C2EB87C1B1854FDAA6D0"
Last-Modified: Mon, 26 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20006
Expires: Tue, 27 Sep 2022 01:22:30 GMT
Date: Mon, 26 Sep 2022 19:49:04 GMT
Connection: keep-alive
smtpjs.com/v3/smtp.js
200 OK 871 B IP
ASN #20860 Iomart Cloud Services Limited
File type Unicode text, UTF-8 (with BOM) text, with very long lines (841), with CRLF line terminators
Hash 3834e1b9e65ca954b7479464ea1e5118
437df45dbf59c3a3414236f44e3bcd5045bfe314
fc33c6b2c79aafa930e841962ae3c25bf8f56cbc20ec48fc2b0ddd0aa6ee23b6
GET /v3/smtp.js HTTP/1.1
Host: smtpjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 17:17:51 GMT
accept-ranges: bytes
etag: "162f436b85b7d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Mon, 26 Sep 2022 19:49:04 GMT
content-length: 871
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutuelleawoundjo.com/postnewl/assets/images/logo-awoundjo-5.png
200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/postnewl/assets/images/logo-awoundjo-5.png
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
GET /postnewl/assets/images/logo-awoundjo-5.png HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 11dd64b5d2e92bd2c0efc9e219f46740
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK
200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK
IP
File type ASCII text, with very long lines (1720)
Hash cdcb015be920742d96bb88e43a26b46f
f25eb5e8949ff905928a13da3515617224359a17
34608cf798dde8a248655b56f56c3f7b5f87fbfbb68909cbe5313ddebd666e04
GET /gtm.js?id=GTM-PJVDLCK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 19:49:04 GMT
expires: Mon, 26 Sep 2022 19:49:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2
200 OK 74 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 74288, version 1.0\012- data
Hash eac60e8a656781e13d2a674b4d9051c0
0039be9d8a99d1e5cf200ca3e08757692020460e
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
Analyzer Verdict Alert fortinet Phishing
GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/assets/css/all.min.css
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: font/woff2
Content-Length: 74288
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
Accept-Ranges: bytes
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 14f0f65c51221265faccf89bc7c5934c
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 19:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 19:26:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5NOnOeWa-CMXghtCUubdfLstkxXBAOw2pyjhn2VtIanqxKQ9z0QiHg==
Age: 2298
chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js
200 OK 1.2 kB URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js
IP
Hash 17307ebdbe19457b8cdeb139a6915b45
e362d5e19cc43f451edf7e28a07ec58bed872bf8
03152d3468d04ea7362d145d1d27f8252fec8c1850282a12c436d236b786d0b9
GET /mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 665NS8U4vl19eXnx/titPpEFH+G/BSOnVGYDo91HGTi9o9LXgqUPfa32Q2m4a1rPO3zf4iJ9a+Q=
x-amz-request-id: 6AVYG18ERA49KZWF
Last-Modified: Thu, 04 Mar 2021 11:53:42 GMT
ETag: "58baea52eec25dc489c1c9cc50788276"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 17, 18
X-EdgeConnect-Origin-MEX-Latency: 133, 135
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1790
Expires: Mon, 26 Sep 2022 20:18:54 GMT
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Length: 1220
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1fa96a6fa37fc05c604b2a34beff7896
93b56310b6b992f36080079f74ea0a8e1ecba0fd
936cd86c352461fb525b2ee9fb7ef781f07e7bd1577ee28274289e9ff5c9432c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "936CD86C352461FB525B2EE9FB7EF781F07E7BD1577EE28274289E9FF5C9432C"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3387
Expires: Mon, 26 Sep 2022 20:45:31 GMT
Date: Mon, 26 Sep 2022 19:49:04 GMT
Connection: keep-alive
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
200 OK 71 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
IP
File type ASCII text, with very long lines (65526)
Hash 61c327aabe36df4be395c1f12023048f
617e668d85eae5ee6af6d21f864d6075a1076573
9f9b003f2ff98f34e1982845f220bac828208438c0767c515622104a48ae64fa
GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 19:36:09 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 00:54:41 GMT
ETag: W/"a6ded537fb332d02118ef685e5bc5d87"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: js0k3ahiDWtxQaeJScN57ejIDaA4I7a36noUbslQsjhczR5REWFeYg==
Age: 68064
Vary: Accept-Encoding, Origin
api.countapi.xyz/hit/mutuelleawoundjo/key
200 OK 14 B URL HTTP/1.1 api.countapi.xyz/hit/mutuelleawoundjo/key
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash f417dd5f4667096051b7a5a486d2381b
63f6a85b438ae57534b1f34dd5df93c34dbe6f55
9c78a4599d740d9105b32fa407a0d59a3ef0d99d2a874e5a94e0e8915d5f2666
GET /hit/mutuelleawoundjo/key HTTP/1.1
Host: api.countapi.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mutuelleawoundjo.com
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 14
Connection: keep-alive
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-Worker: 0
X-Version: unknown
X-Path: mutuelleawoundjo/key
ocsp.digicert.com/
200 OK 471 B IP
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:04 GMT
Last-Modified: Mon, 26 Sep 2022 19:15:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
mutuelleawoundjo.com/assets/images/icone.png
200 OK 39 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/images/icone.png
IP
File type PNG image data, 264 x 268, 8-bit/color RGBA, non-interlaced\012- data
Hash a5dcf913de33f6742eb9e64b72ebcdac
5d13943fcffa7fabeff12eb7bf4777f210cb8847
67b6b3d2eb1a4099c8d41247c0ac4996d5870fd60253951ba40ec4a9c6b45ca3
GET /assets/images/icone.png HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 2413c8a1bfcc3ce7a12493485bac391d
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1975
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:04 GMT
Last-Modified: Mon, 26 Sep 2022 19:16:09 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1975
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:04 GMT
Last-Modified: Mon, 26 Sep 2022 19:16:09 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js
200 OK 91 kB URL HTTP/2 connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js
IP
File type ASCII text, with very long lines (18671)
Hash f37f464245bcae274703d8a8c0216fa3
654ecfa576dc65f0578a89f4d750837aca26b8a9
9bc2ebd99725eeadcc867f670e55b757709a160bc4d2d30ba5472be156a5855e
GET /fr_FR/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9a4798b202f3f1a3c0fce6e786857dff
etag: "7b3bcac67afe484c6829a5be8d4771fc"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Sep 2022 20:00:42 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 839GQkW8ridHA9iowCFvow==
x-fb-debug: 84DXaRu3P+0JCKvt2vm4rCNVKpCfVkqzK0fMChZfzykrNdaPKrX8+jIhh2btAZlZjcOWU3rWSg9dw2p9mPYBVA==
content-length: 91444
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 19:49:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1976
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:05 GMT
Last-Modified: Mon, 26 Sep 2022 19:16:09 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: kOps3AEwQCN8GFnlqtcJZAcXmbPQJmcn2U6W2ZIqvm3vMYGBMAyd274J6pJ/kgDY5XnYO74t8gUO76GplJUCeg==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 19:49:04 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
307 Temporary Redirect 0 B URL HTTP/1.1 mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us1.list-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 307 Temporary Redirect
Server: AkamaiGHost
Content-Length: 0
Location: https://mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
Cache-Control: max-age=0
Expires: Mon, 26 Sep 2022 19:49:05 GMT
Date: Mon, 26 Sep 2022 19:49:05 GMT
Connection: keep-alive
Set-Cookie: _abck=84CA2EA3D9F67E7B155C838AA4099189~-1~YAAQrU0kF+/+BFaDAQAAuo9YewjXsoHMmep6mkg6l3ZI9MBEIAsNkNm4QGtd1t/1xTytM4I1LnXIi5PGgsmsyCepqgkG/w3NhDE86SQ0bqGF0VKPU2V5SIiH7MllgZ1TIWrlg+/IU/UPfUvFVS9xxdaUa1M9GltYMOVJG3iSEynEqqaMqIjkjE3Jrh5h2zcg6JY4W788sKY+8xRhOBVFbtBgwR3yPSOs60Iu/Js26MpD9H1K4q4ok0dbGww2LAm433rnXzwXRDHDBgzZ7OwpczRFAuisYoNkumG+i5oWaGnO6TT4dW/87MSsfKKlR8OYNV9tts04WDl00vQBN1RVZD7eXSpxTDkRYyo9VA==~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Tue, 26 Sep 2023 19:49:05 GMT; Max-Age=31536000; SameSite=None; Secure
bm_sz=0652C0214F92F52E8FC60FF3185DCC92~YAAQrU0kF/D+BFaDAQAAuo9YexG9qCsYdUYqILo2N2Ff7FqAbjB4NilvwB9VUuwb6ey6HIN8stlxy3fdavCbyx84Nb47L0ULcgvMYn2BygjOgu/5/WFfd2r1fH89LcM6vf/p1INAFJxNc4QNIE1MK854psgcVD0uUmSu4fq9hXd9YHFkv3IotWROfeOvhFNVWpK0SUoLduksBPLDXL3vBucZ17uv5Pu0HAqppyDFx2FWn5PyYTHLyapxniBRAsHJietmseiUNDoHHlj9t6lq9htWnWCg/eR37uD/X12+E6Mn6m03hNYCxQ==~4403781~3617090; Domain=.list-manage.com; Path=/; Expires=Mon, 26 Sep 2022 23:49:05 GMT; Max-Age=14400; SameSite=None; Secure
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V/0Zd8/G5krY+8n/LeJUCA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4s3aBUKilWwOZ8COYrManO0cdBU=
www.facebook.com/tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1664221743432&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664221743432.619799177&it=1664221743205&coo=false&rqm=GET
200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1664221743432&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664221743432.619799177&it=1664221743205&coo=false&rqm=GET
IP
File type gzip compressed data, from Unix\012- data
Hash b79c7092b0df8a101f7cbbf0d28a7fda
36c53c824f4ceef7686d45442ac4392b690af9f2
128f70cee0091e33d66f099021e40d2a07cc0d0d8dec8e8537179294340b7554
GET /tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1664221743432&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664221743432.619799177&it=1664221743205&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Mon, 26 Sep 2022 19:49:05 GMT
X-Firefox-Spdy: h2
mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
200 OK 684 B URL HTTP/2 mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
IP
File type ASCII text, with very long lines (1167), with no line terminators
Hash 111b6265c60e39d7eeb1848fa8c53b86
fd7239ba1c52499260fa7177254efef89b86b062
e2954b81bcba73f41b6615a975f2b1d13064b11a84b2d3f92ec6b5f3919fb7d5
GET /subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us1.list-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mutuelleawoundjo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
content-type: application/json; charset=utf-8
content-length: 684
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 26 Sep 2022 19:54:05 GMT
date: Mon, 26 Sep 2022 19:49:05 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.faadfc831289f74398406f9828003652.7b39cae2b319f829e6366ef258812fcaa18c21212bd4472612fe48384e2ae439; expires=Tue, 26-Sep-2023 19:49:05 GMT; Max-Age=31536000; path=/
_mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_abck=14DA5711BD0965EFDA340E0AB660DC3F~-1~YAAQrU0kF//+BFaDAQAA65BYewicfE5UWdx1oU7qbL96fe7QES0bllJpHBxGdybJFhGGiy6im1rt99OwQeOWIPEmOcmmwPkromyBDx2z5zQmW2qmowdrJqci2YxBmuBvoxRkvUPPDs59nnEAiKbUNZKihn1zORMVp3fBsMENlV1WUOlsycxHCiIgERAfk6CSO6HDXiDUk2icVtZv4VkbayZQiBeFh/4c29JltL7pRJKR8ciPYFegaiX6/WVyB32pra7j4pANqPPLBg+wfq15jFDQO/7eZgJo7XPJgUGPpDSB2GmRN/x+RZ9B4gaOfVZZyzebQ3GO5DNkBV5OLpMaXmYLeVJ4lNpoIbZmta7r6wYOCFhCUCtZrLcZwXSUGwwR2A==~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Tue, 26 Sep 2023 19:49:05 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=15FFA32DF7C1BADE87ABEA47E138BF25~000000000000000000000000000000~YAAQrU0kFwD/BFaDAQAA65BYexHRmgppR6L31t4scDUA9YOzfCG8GRRPL844Jw7UEvlISeedXnAKp49H3z+6FjhqWC5zViPwlO4cLZi3mHo3XW3CDUi90ko93sf4eXE0aVIaodlg1t2K1L+cRwf62myvDCwT3/c1BGrSNUKBSGrtuJtT+LAQz6dP1J0uW7sYIfon4V29me+v4e3jT1NY5ZaPQ4/e2Aigg3IWGDU+ZaHHGBXAnFiePYZlFXCW1xFKajCzhvz5rvbWSUy3vMTA6+6rvj83lVYC56W5yuCjBUCMCSrZ9NVNC5ew2MkpWNxrfex465LeYAlE3H6xFlT03z3m9ze3iDKwL8L3SYN05CivCRyBGpeGt01vAugHNSGTxHGsm2PUJyqGbUeY+mfDR06b; Domain=.us1.list-manage.com; Path=/; Expires=Mon, 26 Sep 2022 21:49:05 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=4BAC41E5FDD488A911A17D320E2CC9CE~YAAQrU0kFwH/BFaDAQAA65BYexGq95h5wJNFLKzNb71cTthYtMw7sp1L/+wxnLYo/5VcTuvLeP2jdbrCGpyMzZeFpNE/+vqGZsH5G4XF9UEUVI9gWiEArWSKAcXR6qyznT0UtTtxe0TJqIqggw099xlVs5wG7uFZ/FmP2sABKTrqQEfrxt6KmPjdB5sX0CGpjQoBLbWPgqhfkNRw5GM0pXudsTcAd7RW7B2gF5K7K4S8J4317EVHPkrHef5qf1jQ8NTffesTAXb+aU8c+vN1K9g+8t2x3s54AFCuP2ModnUPo77ZtV0t5Q==~4403781~3617090; Domain=.list-manage.com; Path=/; Expires=Mon, 26 Sep 2022 23:49:05 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/popup.js
200 OK 31 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/popup.js
IP
File type ASCII text, with very long lines (65526)
Hash 5c12d2567f40bab7ff5adbf75f229353
82a77b9817a8ca92da908b9d90820a2e689647a4
a7fa5d25ff7ee48bfebe7e943c5627ef614d38a8e29f573c38ff4aa6ef9e40d3
GET /js/signup-forms/popup/unique-methods/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/popup.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:45:04 GMT
Last-Modified: Wed, 21 Sep 2022 19:36:09 GMT
ETag: W/"fe6f13bb1de76cc8d50b4039ab084813"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lt_VgpeFJ2gh-JLu4lgTO8BAppb7y0goUHRZ8_8E9E1GO8K8CZqEig==
Age: 7442
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/common.css
200 OK 2.6 kB URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/common.css
IP
Hash 5a84634ee22bc0c5a93b372f7fbd9de0
2c203265bc2f2db6c891572cb465a43ca9d6b821
73719191cf07bc2e06f2b509c496321e7de0683ac1ff6b928bbe6a67e3db6e3d
GET /css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/common.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:45:06 GMT
Last-Modified: Wed, 21 Sep 2022 19:36:09 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UkMXOMSPpHkgqTKiPp0DqJwKcOX7TuzPQyC9yMmTvQXFtiNnLtF_1A==
Age: 7440
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/banner.css
200 OK 439 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/banner.css
IP
Hash bab44801ec505a80a429748752285898
a8917d5696408a2c4d6bdd84e717765f8b26a3e4
784ca688890c4757427ee02c906c7dcf1b115ce4ff78307e170e75ee664d20b0
GET /css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/banner.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:45:06 GMT
Last-Modified: Wed, 21 Sep 2022 19:36:10 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5r_EGMVYyJK60O4cGHP9Bk3qbNYheCbQ5L8tg3PvAZPLEkLD_Leg8g==
Age: 7440
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/layout-2.css
200 OK 455 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/layout-2.css
IP
Hash cf00c7e6b7868062bf758deaa7b83864
cff15cad13c248593f1810ca4ee885e1c883c684
0557ff79eeacb19e8553149dd9c71e906d41f4646cb88005fc08df4ee485a5d4
GET /css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/layout-2.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:45:08 GMT
Last-Modified: Wed, 21 Sep 2022 19:36:10 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EILMt4uJ_1HRxC0GywYoO40dUMv4FcohkVg3BiVv35GHnxivy47HAQ==
Age: 7438
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/modal.css
200 OK 940 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/modal.css
IP
Hash d67b9dcb001d0ed64cbc0ba9da2d77a1
a0320024d0421b2834df9ea7032087b648576ae3
493abf97f7246bde2ad899d82171edf77edca18bfdad04d8097f16134f582d26
GET /css/signup-forms/popup/568bb917e86ba69e8ac408b9b523a5ecc5ff85ef/modal.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 26 Sep 2022 17:45:06 GMT
Last-Modified: Wed, 21 Sep 2022 19:36:10 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nOdRVJjEq8_vLmXqb0dgLM1B1J09A9vaCINgeadM9BlUo4Ox3tcUxg==
Age: 7440
Vary: Accept-Encoding, Origin
ocsp.pki.goog/s/gts1d4/Hjqn5zXy5ws
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Hjqn5zXy5ws
IP
Hash 8a1e7eeabf592670c0510aa3a9c06966
4574fd440ec42d804a081ae6f68bfef8fbaa8962
70df014cdcd9b2c5654ae0cd3b4210251de6d28244d428a45714a0a857eb75f4
POST /s/gts1d4/Hjqn5zXy5ws HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
200 OK 2.9 kB URL HTTP/1.1 downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8ccb03508055e57adb4cccc5f0d12922
e1eb2628d634cd2bd35d2801988569188a3874de
df434c9b18358d341df42cf1ed468fca285fd39089b9e4c0b6a6fae49a298046
GET /images/signup-forms/popup/textBadge.svg HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://downloads.mailchimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 19:36:10 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 08:58:23 GMT
ETag: W/"08dce9f767c64a8247f61eb5897a5a7f"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ez5vZqp4IE0yePVDIfatf753QoZtwRYIE1EtTF2w948E4md8LBOM4g==
Age: 39045
Vary: Accept-Encoding, Origin
mcusercontent.com/218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg
200 OK 14 kB URL HTTP/2 mcusercontent.com/218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 403x386, components 3\012- data
Hash 0f1cf5d4478ee14cc64897c68bd94d92
270ca9cc00645ee007cf85ba67fb47808a81606d
5b34413ac0f98689c908346e61e426e6ad3ee010c967639716d8496d80177d3c
GET /218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg HTTP/1.1
Host: mcusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtFigaAkDmRBU7k_uymvYBwuLxZ5PjaWsu_Zc4x2mT7G4wDhvNzioSdt2yxjb3GREKLpBNXTKo76AF9mmBp550-ajYcjud7
expires: Mon, 26 Sep 2022 20:49:05 GMT
date: Mon, 26 Sep 2022 19:49:05 GMT
cache-control: public, max-age=3600
last-modified: Fri, 19 Feb 2021 09:47:44 GMT
etag: "0f1cf5d4478ee14cc64897c68bd94d92"
x-goog-generation: 1613728064711770
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13547
content-type: image/jpeg
x-goog-hash: crc32c=CmQyAQ==, md5=Dxz11EeO4UzGSJfGi9lNkg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 13547
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Hjqn5zXy5ws
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Hjqn5zXy5ws
IP
Hash 8a1e7eeabf592670c0510aa3a9c06966
4574fd440ec42d804a081ae6f68bfef8fbaa8962
70df014cdcd9b2c5654ae0cd3b4210251de6d28244d428a45714a0a857eb75f4
POST /s/gts1d4/Hjqn5zXy5ws HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:49:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 5.0 kB IP
ASN #20940 Akamai International B.V.
Hash e5b1062dc13055edd19cf8f246d96483
298b914bd76e2e268ae05f78983ced91e49b84f0
e0763082a9eb49c102594cafc26af6aa43c218feb66ec8d50166b4494d8f3ff2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4197
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:49:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4197
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:49:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4197
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:49:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 78675
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 18:14:05 GMT
age: 5701
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1
200 OK 12 kB URL HTTP/2 socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1
IP
File type ASCII text, with no line terminators
Hash bf18c2d4763ed1be3d3079aae6bbf3e7
4eef8d36eb6244a81993c13fc72e770a21e34ea3
52d21ffd046df08ccdb8c12d2266a4279cf5a44ce0ed6029c6f19bbabb27be82
GET /new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://mutuelleawoundjo.com
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: http://mutuelleawoundjo.com
x-fb-debug: TMl2bV2/Alm0vP7W7SzQFEKhOG0lPSs5VibtOvF3hbeWd4ggRkdZWR8VGoqaRm7Pm1QHs3cnmH8rLP90REzDug==
date: Mon, 26 Sep 2022 19:49:05 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 79891
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 77306
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
Hash ba2579e93f0eac3aa5cc8a69dac3d3d9
2ff775ab5370d3e9c5f9646436dade9eac2664bb
6c9d8abb30a0b7e5e850e25a8170474699f9542594093453d1cc1e11c101cf41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 77930
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unpkg.com/sweetalert/dist/sweetalert.min.js
302 Found 0 B URL HTTP/2 unpkg.com/sweetalert/dist/sweetalert.min.js
IP
GET /sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 19:49:04 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /sweetalert@2.1.2/dist/sweetalert.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GDXNE1EENWZ493FVZBN9P06P-fra
cf-cache-status: HIT
age: 100
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 750e854e58c3b51b-OSL
X-Firefox-Spdy: h2
mutuelleawoundjo.com/js/chunk-vendors.30130055.js
200 OK 0 B URL HTTP/1.1 mutuelleawoundjo.com/js/chunk-vendors.30130055.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /js/chunk-vendors.30130055.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Server: nginx/1.23.0
Date: Mon, 26 Sep 2022 19:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 varnish (Varnish/7.1)
X-Varnish-Cache: MISS
X-Varnish: MISS
X-Powered-By: Fastest Cache
X-Request-Id: 358dcf72925c71faf2f74811efdd861a
Content-Encoding: gzip
91.234.194.177
157.240.200.14
34.96.122.219
104.17.24.14
93.184.220.29
96.6.17.210