Overview

URLdev-bpbusines.pantheonsite.io/wp/37458/
IP 23.185.0.3 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 06:34:17 UTC
StatusLoading report..
IDS alerts0
Blocklist alert39
urlquery alerts
34
Phishing - La Banque postale
Tags None

Domain Summary (21)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.13.69.101
its.tradelab.fr (9) 93795 2013-05-09 11:23:20 UTC 2022-12-02 04:52:06 UTC 85.17.192.105
pkg-store.dl.mail.ru (1) 0 2020-05-26 20:50:12 UTC 2022-12-01 13:02:10 UTC 188.93.63.73 Domain (mail.ru) ranked at: 2105
dev-bpbusines.pantheonsite.io (41) 0 No data No data 23.185.0.3 Unknown ranking
secure.adnxs.com (10) 396 2012-05-22 16:37:37 UTC 2020-03-11 07:38:04 UTC 185.89.210.141
ib.adnxs.com (6) 241 2013-11-13 21:17:09 UTC 2020-03-22 02:54:33 UTC 185.89.211.116
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-12-01 18:17:59 UTC 142.250.74.132
cm.g.doubleclick.net (2) 202 2013-07-12 13:31:22 UTC 2022-12-01 21:27:21 UTC 142.250.74.98
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-12-01 18:10:44 UTC 104.17.24.14
cstatic.weborama.fr (2) 21619 2018-06-13 19:08:36 UTC 2020-05-07 16:03:35 UTC 93.184.221.133
www.google.de (1) 5462 2014-12-25 08:08:03 UTC 2022-12-02 00:40:14 UTC 142.250.74.163
ocsp.godaddy.com (3) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.24
cdn.tradelab.fr (4) 101153 2012-10-20 15:38:11 UTC 2020-04-29 06:53:05 UTC 152.195.132.24
mmtro.com (1) 18252 2017-01-30 04:51:09 UTC 2022-12-02 00:01:58 UTC 195.66.82.41
r3.o.lencr.org (6) 344 No data No data 23.36.77.32

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-01 2 dev-bpbusines.pantheonsite.io/wp/37458/ La Banque postale
2022-12-01 2 dev-bpbusines.pantheonsite.io/wp/37458/ La Banque postale

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/ Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/ Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/saved_resource Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/saved_resource(1) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/bsd Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/seg Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/px Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/4050178.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/px(1) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/px(2) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/seg(2) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/seg(1) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/LOGO-LBP-digital-fd-clair-RVB.svg Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/il_transverse_warning.svg Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/assets/js/main.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/common/log.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/f(1).txt Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/etc.clientlibs/labanquepostale/commons/client (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts/resources/fonts/lat (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts/resources/fonts/lat (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts/resources/fonts/lat (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/libs/granite/csrf/token.json Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/ill_citoyenne.svg Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts/resources/fonts/lat (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts/resources/fonts/lat (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts/resources/fonts/lat (...) Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/991001.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/uwt.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/oct.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/base.min.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/wamfactory_dpm.laposte.min.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/e1e16f7b41.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/wreport_wcm.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/991000.js Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/f.txt Phishing
2022-12-02 2 dev-bpbusines.pantheonsite.io/wp/37458/asset/bat.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.185.0.3
Date UQ / IDS / BL URL IP
2023-02-06 18:04:26 +0000 0 - 2 - 0 unfpa.org/webdav/site/global/shared/documents (...) 23.185.0.3
2023-02-06 04:57:28 +0000 0 - 0 - 2 dev-segmentoebisa.pantheonsite.io/login.php 23.185.0.3
2023-02-06 04:28:19 +0000 0 - 0 - 2 dev-segmentoebisa.pantheonsite.io/login.php 23.185.0.3
2023-02-06 00:57:56 +0000 0 - 0 - 2 dev-wpostalecj.pantheonsite.io/web/43926 23.185.0.3
2023-02-06 00:32:39 +0000 0 - 0 - 2 dev-wpostalecj.pantheonsite.io/web/11749/ 23.185.0.3


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-02-06 18:58:44 +0000 0 - 0 - 2 jonchris00011.firebaseapp.com/ 199.36.158.100
2023-02-06 18:23:39 +0000 3 - 1 - 35 dev-homeelectronicaitau-py.pantheonsite.io/ 23.185.0.2
2023-02-06 18:04:26 +0000 0 - 2 - 0 unfpa.org/webdav/site/global/shared/documents (...) 23.185.0.3
2023-02-06 17:24:47 +0000 0 - 0 - 1 raw.githubusercontent.com/rxflxction/rubeus/m (...) 185.199.108.133
2023-02-06 17:24:08 +0000 0 - 0 - 1 raw.githubusercontent.com/Chelloxy/Do-not-Try (...) 185.199.110.133


Last 5 reports on domain: dev-bpbusines.pantheonsite.io
Date UQ / IDS / BL URL IP
2023-02-03 20:40:33 +0000 0 - 0 - 2 dev-bpbusines.pantheonsite.io/wp/78327/ 23.185.0.3
2022-12-04 11:51:56 +0000 0 - 0 - 4 dev-bpbusines.pantheonsite.io/wp/ 23.185.0.3
2022-12-02 16:33:21 +0000 68 - 0 - 36 dev-bpbusines.pantheonsite.io/wp 23.185.0.3
2022-12-02 16:32:57 +0000 62 - 0 - 33 dev-bpbusines.pantheonsite.io/wp/38615 23.185.0.3
2022-12-02 06:34:17 +0000 34 - 0 - 39 dev-bpbusines.pantheonsite.io/wp/37458/ 23.185.0.3


Last 4 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-19 06:28:37 +0000 27 - 0 - 3 dev.awit.ae/bpostale-business/78647 185.148.47.122
2022-10-26 17:48:31 +0000 0 - 0 - 34 dev-bpauthentique.pantheonsite.io/labanquepos (...) 23.185.0.2
2022-10-26 17:48:13 +0000 0 - 0 - 36 dev-bpauthentique.pantheonsite.io/labanquepos (...) 23.185.0.2
2022-11-19 17:12:37 +0000 0 - 0 - 5 protectioncompte.mom/ 91.229.239.170

JavaScript

Executed Scripts (27)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (108)


Request Response
                                        
                                            GET /wp/37458/ HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.185.0.3
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Connection: keep-alive
Content-Length: 162
Location: https://dev-bpbusines.pantheonsite.io/wp/37458/
Server: nginx
X-Pantheon-Styx-Hostname: styx-fe3fe4-c-6f455f7586-w4tdq
X-Styx-Req-Id: 773af7f1-71a9-11ed-b44e-4a12cea051da
Cache-Control: public, max-age=86400
Date: Fri, 02 Dec 2022 06:34:05 GMT
X-Served-By: cache-ams12766-AMS, cache-bma1683-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 42, 1
X-Timer: S1669962845.108633,VS0,VE2
Vary: Cookie, Cookie
X-Robots-Tag: noindex
Age: 42027
Accept-Ranges: bytes
Via: 1.1 varnish, 1.1 varnish


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - openphish: La Banque postale
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6725
Expires: Fri, 02 Dec 2022 08:26:10 GMT
Date: Fri, 02 Dec 2022 06:34:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4712
Expires: Fri, 02 Dec 2022 07:52:37 GMT
Date: Fri, 02 Dec 2022 06:34:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2527
Cache-Control: max-age=103154
Date: Fri, 02 Dec 2022 06:34:05 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:13:19 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: JxExJYMQWrf62XGa2eMuyUUwCpn630EP4RlyQMgPsd7cpAY6iCr3lMvDnwj0Jjl/5L3cDOT8khg=
x-amz-request-id: 0WKY4PNK1V0TVQ5H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 05:45:59 GMT
age: 2886
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 06:19:52 GMT
cache-control: public,max-age=3600
age: 853
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /wp/37458/ HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
content-encoding: gzip
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 0a6c98c3-720b-11ed-a182-b27c140de4ff
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12726-AMS, cache-bma1659-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1669962845.406148,VS0,VE29
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 27587
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1449)
Size:   27587
Md5:    cd10c03cfc3663c97c9683dbc0ef2a13
Sha1:   a5e48d1259b9b7a9d861c14340e43c532e32714b
Sha256: 600b1d4f6759581f2dad777e2cc0f1883aef8307a23d90977d881b82b87b34ca

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - openphish: La Banque postale
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 06:34:05 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wp/37458/asset/saved_resource HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
content-encoding: gzip
etag: W/"638795c4-2b"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 8e4310e8-7196-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12759-AMS, cache-bma1659-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669962846.583747,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 118
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 59
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    84455fcbb9d61b5b76c43701007a7240
Sha1:   a39c2c1d2f997ea63adb3ac27e436a7e2374fe70
Sha256: 13c7df46eca6672ea379cb53820afa12862aed2f6e349f5fcaefd1f4d884bbc9

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/saved_resource(1) HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
content-encoding: gzip
etag: W/"638795c4-2b"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 8e45ca20-7196-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12782-AMS, cache-bma1659-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669962846.584261,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 118
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 59
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    84455fcbb9d61b5b76c43701007a7240
Sha1:   a39c2c1d2f997ea63adb3ac27e436a7e2374fe70
Sha256: 13c7df46eca6672ea379cb53820afa12862aed2f6e349f5fcaefd1f4d884bbc9

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
etag: W/"638795c4-b0f"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 5180c4ee-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12759-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.581475,VS0,VE27
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 599
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (477)
Size:   599
Md5:    cac57a3c4bf741d845e6f013a4ed6f7a
Sha1:   fb84e768c3c246ee3c3e0d43cc116d1376f00449
Sha256: e0d97d039af1dba42f2cb50e5a844b38617b18752c48ca95a5ee6186e40b72e5

Alerts:
  urlquery:
    - Phishing - La Banque postale
                                        
                                            GET /wp/37458/assets/css/spinner.css HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
etag: W/"638795c4-317"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51811147-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12753-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.580807,VS0,VE35
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 380
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   380
Md5:    00ca23199a1a85f3c2cf38dabfeef853
Sha1:   f7da43579189b67a2e02e26b47da70d38562078e
Sha256: af6ea681e0934131dc76799700e56c6416398f7ca618b6e66039276248286d30

Alerts:
  urlquery:
    - Phishing - La Banque postale
                                        
                                            GET /wp/37458/asset/bsd HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-11"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 83b30ec7-7194-11ed-95ce-ceec288c9991
content-encoding: gzip
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21047-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.589293,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 37
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   37
Md5:    0c0982212f5443915a3b3afa003dab34
Sha1:   368c52b8f5718a0471bc5cbf6934d19d2884f9ce
Sha256: 76b2e00f0ce7e3a16b06bc1afa8697b53c18c1cf62e74755ae8b19eed401369f

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/seg HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-0"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 82b80006-7194-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12738-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.596039,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/jquery/3.4.1/jquery.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dev-bpbusines.pantheonsite.io
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 02 Dec 2022 06:34:05 GMT
content-length: 69049
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-4472c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8600010
expires: Wed, 22 Nov 2023 06:34:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2Hxx2b%2BdXLruqFkbI0V8lsg4XyKFRRS1McTaU0rtP9TBmmgnghz2gPVBXyz42xf5q%2B5A7x%2Bp2ez2Tmf4VJvbfGXyDItaRhE09XYLpwd20CBUt%2FbI06MBTV8kxVJ14J3gHA0l8tC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 773208e918150b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   69049
Md5:    7c286e6d8efea0a5a4001f1d303b084d
Sha1:   7af68edb8af057d92a5267c635285b81e2d75ba3
Sha256: 9f0e70f01fea22da5fcb038a5a0df0807fcb33cf30de95af1d7c5ce4d84105ae
                                        
                                            GET /wp/37458/asset/px HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-0"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 82614d3d-7194-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12765-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.595282,VS0,VE24
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/4050178.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
etag: "638795c4-0"
expires: Thu, 01 Dec 2022 16:23:37 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 82f0c175-7194-11ed-95ce-ceec288c9991
cache-control: public, max-age=120
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12720-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.596842,VS0,VE25
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/px(1) HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-0"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 83f025a9-7194-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12740-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.599338,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/px(2) HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-0"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 84952238-7194-11ed-a182-b27c140de4ff
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12778-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.600763,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/seg(2) HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-0"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 84c954ea-7194-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12740-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.602385,VS0,VE23
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/seg(1) HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
etag: "638795c4-0"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 8425456e-7194-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21050-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.600192,VS0,VE26
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
content-encoding: gzip
etag: W/"638795c4-1b8e7"
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 85a0e9c3-7194-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21030-AMS, cache-bma1659-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669962846.594771,VS0,VE30
vary: Accept-Encoding
x-robots-tag: noindex
age: 47
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 48720
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1596)
Size:   48720
Md5:    62d31eb88dba4caaf44df4fe1077e09b
Sha1:   a51994ef0a180ddf1d4eb0c0e7a052a05916fcb2
Sha256: 0b927f74d6b20771facd456fb2cf1f8aea7e95aead8fb57187cb26862f44b78d

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/LOGO-LBP-digital-fd-clair-RVB.svg HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: image/svg+xml
                                        
access-control-allow-origin: *
content-encoding: gzip
etag: W/"638795c4-dd1"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 51847142-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21038-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.604333,VS0,VE32
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1769
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1769
Md5:    465fcc6d1d6409eaf92e55dc2ec54b9c
Sha1:   f66b37435dce27bfb96f67e6a26a1c970a020b07
Sha256: d52e0a622c8803029104fd93862c189827263036e4be5d9e8960a916d808a30d

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/il_transverse_warning.svg HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: image/svg+xml
                                        
access-control-allow-origin: *
content-encoding: gzip
etag: W/"638795c4-438"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 51846271-720b-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21022-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.605236,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 574
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1080), with no line terminators
Size:   574
Md5:    9d55298064d0b1f7253fbd98dc91225a
Sha1:   3dbc3e08fb91dd45d34af878c4dc31a1b51045e3
Sha256: 8bc2bdf82cd3be7623805b8abb5c118a2c092f220490447cd06da9dea418c278

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/assets/js/main.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-71f"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 5184fd2a-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12780-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.607629,VS0,VE38
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 560
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Size:   560
Md5:    f253ff3968dd80cefec84b09c5437a0f
Sha1:   0392cd7e1d577b7079bd0590673409711b4b3f77
Sha256: 1bfc467e8165b7296c7d9b8953c1069981e2bd9401ea63ed2d18b285c2ae59a2

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/common/log.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-329"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51851bb5-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12738-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.608550,VS0,VE35
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 419
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   419
Md5:    45bdf328a2b2a3b7e6ed74f266e18808
Sha1:   9630fa83905b07b5a1433e7560596afff1d5f0d6
Sha256: 0a32f4d23aba5363b8d708fb8cd149ac87ed29958a28c0aafd887558d0f5c4ea

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/f(1).txt HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
content-encoding: gzip
etag: W/"638795c4-9e0"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 5184ee97-720b-11ed-b44e-4a12cea051da
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12767-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.598716,VS0,VE44
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1119
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2528), with no line terminators
Size:   1119
Md5:    f7bf09284ae316d5c3e93a382e4a5f5f
Sha1:   f4c578ae0bf340d5ab34d5c73894db6a1b466dd6
Sha256: 7a851e7bae4d74f50e2741d60c35ab6e8a8c1080c8ffedf2f84458217d239434

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "957D7546E094B32FD4F025675AC7A9243B5975DBCDBA132FF8F7610A256862B8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8915
Expires: Fri, 02 Dec 2022 09:02:40 GMT
Date: Fri, 02 Dec 2022 06:34:05 GMT
Connection: keep-alive

                                        
                                            GET /etc.clientlibs/labanquepostale/commons/clientlibs/designsystem/base/resources/svg-icons.svg HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
content-encoding: gzip
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51a9a3ca-720b-11ed-a182-b27c140de4ff
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21029-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.845956,VS0,VE120
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   9660
Md5:    fa3978a8cbd72747241a7d4eb0daffe9
Sha1:   e0fa350cc5bd2db799a954a2590be3e3e85413cf
Sha256: 2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:11:15 GMT
cache-control: public,max-age=3600
age: 1370
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp/37458/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
content-encoding: gzip
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 51ab85c2-720b-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21078-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.859300,VS0,VE114
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   9660
Md5:    fa3978a8cbd72747241a7d4eb0daffe9
Sha1:   e0fa350cc5bd2db799a954a2590be3e3e85413cf
Sha256: 2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/base-fonts/resources/fonts/lato/Lato-Regular.ttf HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
content-encoding: gzip
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51a09af2-720b-11ed-a182-b27c140de4ff
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21022-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.789848,VS0,VE181
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   9660
Md5:    fa3978a8cbd72747241a7d4eb0daffe9
Sha1:   e0fa350cc5bd2db799a954a2590be3e3e85413cf
Sha256: 2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-bpbusines.pantheonsite.io&d.r=1669962844120 HTTP/1.1 
Host: cstatic.weborama.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         93.184.221.133
HTTP/2 200 OK
content-type: text/html
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 22174
cache-control: max-age=604800
date: Fri, 02 Dec 2022 06:34:06 GMT
etag: "282943589+gzip"
expires: Fri, 09 Dec 2022 06:34:06 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (ska/F775)
vary: Accept-Encoding
x-cache: HIT
content-length: 207
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   207
Md5:    156d13a9471aa8d01e8aafd7330dc5b1
Sha1:   99dfd9a28e98032e6e6d510f32e4ddb1ddac4343
Sha256: 1b6f17ea3e1cbc6b005b2c76299fb8fa1832119d8fe5386f019125ee5b44a9a4
                                        
                                            GET /wp/37458/asset/base-fonts/resources/fonts/lato/Lato-Light.ttf HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
content-encoding: gzip
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 51ad6964-720b-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12773-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.872073,VS0,VE127
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   9660
Md5:    fa3978a8cbd72747241a7d4eb0daffe9
Sha1:   e0fa350cc5bd2db799a954a2590be3e3e85413cf
Sha256: 2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /libs/granite/csrf/token.json HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
content-encoding: gzip
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 3e6abe50-720b-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 06:34:06 GMT
x-served-by: cache-ams21083-AMS, cache-bma1659-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1669962846.084551,VS0,VE21
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 32
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   9660
Md5:    fa3978a8cbd72747241a7d4eb0daffe9
Sha1:   e0fa350cc5bd2db799a954a2590be3e3e85413cf
Sha256: 2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/ill_citoyenne.svg HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: image/svg+xml
                                        
access-control-allow-origin: *
content-encoding: gzip
etag: W/"638795c4-f3f"
expires: Fri, 02 Dec 2022 06:34:05 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51cd77af-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:06 GMT
x-served-by: cache-ams12722-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.084535,VS0,VE26
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1475
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1475
Md5:    826e7a4a4676eb3cb3823a4f9e8f9deb
Sha1:   17aa9f72f0aea7f3abae9e340ec27d08a1d3b859
Sha256: 97607fb052141b0869f310cb458748723725e92e690f689d7791b6051f1f8f2c

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /iframe/external_libs.v2.js HTTP/1.1 
Host: cstatic.weborama.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-bpbusines.pantheonsite.io&d.r=1669962844120
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         93.184.221.133
HTTP/2 200 OK
content-type: text/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 22152
cache-control: max-age=604800
date: Fri, 02 Dec 2022 06:34:06 GMT
etag: "3142978827+gzip"
expires: Fri, 09 Dec 2022 06:34:06 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (ska/F68B)
vary: Accept-Encoding
x-cache: HIT
content-length: 3062
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8579), with no line terminators
Size:   3062
Md5:    7671f8fcc99aee9ca8ab26ca1e2fde9e
Sha1:   a4fe9860d1c1fe5f65f8de511754dc3570a90592
Sha256: f05e772820ca83b004d5d5e21fda87b97cd68c847c62868fc9cf882203ee2d63
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2531
Cache-Control: max-age=98094
Date: Fri, 02 Dec 2022 06:34:06 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:49:00 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp/37458/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 51cf0a75-720b-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:06 GMT
x-served-by: cache-ams21071-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.092101,VS0,VE126
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 41705
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   41705
Md5:    7975d206adcd1ec8077c8323717cff89
Sha1:   c684dfde0fcb3c3c1197cee7445db35b3c3a83e2
Sha256: 14b6473393d28cb2238953df048b0154c641d3f7c2eae26224b958ca26ae997a

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/base-fonts/resources/fonts/lato/Lato-Light.woff HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 51cfc2fd-720b-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:06 GMT
x-served-by: cache-ams21022-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.094084,VS0,VE127
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 41705
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   41705
Md5:    7975d206adcd1ec8077c8323717cff89
Sha1:   c684dfde0fcb3c3c1197cee7445db35b3c3a83e2
Sha256: 14b6473393d28cb2238953df048b0154c641d3f7c2eae26224b958ca26ae997a

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
cache-control: public, max-age=600
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 51cfa7cf-720b-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 06:34:06 GMT
x-served-by: cache-ams12743-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.090961,VS0,VE131
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 41705
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Size:   41705
Md5:    7975d206adcd1ec8077c8323717cff89
Sha1:   c684dfde0fcb3c3c1197cee7445db35b3c3a83e2
Sha256: 14b6473393d28cb2238953df048b0154c641d3f7c2eae26224b958ca26ae997a

Alerts:
  urlquery:
    - Phishing - La Banque postale
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 06:34:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 06:34:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /px?id=991000&t=2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
AN-X-Request-Uuid: 657dec28-3f4d-436f-99be-fd0ca45d30ce
Set-Cookie: uuid2=311980042644465614; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146 HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.211.116
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
AN-X-Request-Uuid: 98eb313c-eb61-4506-9d38-4c671293ebe3
Set-Cookie: uuid2=4714383904862597152; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.211.116
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
AN-X-Request-Uuid: e9870d9b-aeef-4045-b264-ccb83a879a5c
Set-Cookie: uuid2=605637017569325902; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /px?id=991001&t=2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
AN-X-Request-Uuid: fb8bfde0-277c-420b-9d26-c7456bcc9151
Set-Cookie: uuid2=1678960935105727446; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146 HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.211.116
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
AN-X-Request-Uuid: 381ea99d-83f9-4c82-aa1a-5204f932c88f
Set-Cookie: uuid2=2515684236490157735; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:06 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.de
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 06:34:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 06:34:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P1z+ArwXhYM0cxwuHnT1OQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VYnfaiPfRIHC+iTmN3pQU2bp7PE=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 06:34:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 06:34:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bounce?%2Fpx%3Fid%3D991000%26t%3D2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 16b2094a-d318-4a14-a032-751e80e9b5e8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146 HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.211.116
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={"a":991001,"l":[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],"i":1,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=2602146
AN-X-Request-Uuid: 03fdc8a6-496a-483d-b323-2cba58dd5d26
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.211.116
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
AN-X-Request-Uuid: b4857c3a-f180-4027-8520-641ad2d7a2f2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /bounce?%2Fpx%3Fid%3D991001%26t%3D2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 7e732175-9834-474a-a017-e6218b5f37c2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146 HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.211.116
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={"a":991000,"l":[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],"i":1,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=2602146
AN-X-Request-Uuid: 8cc4d88e-496b-42ec-82f3-15bcf4b0f760
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:20:29 GMT
Expires: Fri, 02 Dec 2022 20:20:29 GMT
ETag: "b2d80b5ce044d1d645a23d041f7ce44700cfae5f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    a47a470ddda1d6ff9482bc6422159479
Sha1:   b2d80b5ce044d1d645a23d041f7ce44700cfae5f
Sha256: 38f0b531032a3c665c4175d12603c0975a5df655b6dca9d4db200a7d2fac4604
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:20:29 GMT
Expires: Fri, 02 Dec 2022 20:20:29 GMT
ETag: "b2d80b5ce044d1d645a23d041f7ce44700cfae5f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    a47a470ddda1d6ff9482bc6422159479
Sha1:   b2d80b5ce044d1d645a23d041f7ce44700cfae5f
Sha256: 38f0b531032a3c665c4175d12603c0975a5df655b6dca9d4db200a7d2fac4604
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:20:29 GMT
Expires: Fri, 02 Dec 2022 20:20:29 GMT
ETag: "b2d80b5ce044d1d645a23d041f7ce44700cfae5f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    a47a470ddda1d6ff9482bc6422159479
Sha1:   b2d80b5ce044d1d645a23d041f7ce44700cfae5f
Sha256: 38f0b531032a3c665c4175d12603c0975a5df655b6dca9d4db200a7d2fac4604
                                        
                                            GET /?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146 HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None uuid=2802531333849943867; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node1.tradelab.fr


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /?type=tlsync&uuid2=0&callback=tl_sync HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None uuid=1364649178480445363; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   35
Md5:    2a90c359fca5fec1628ed6f4981ca14a
Sha1:   51f93a6f4ecc169a1b68af9cc8d88aeb48acfaba
Sha256: f353a80eada99a0963a87deb4d3a6cc4008e0386193ea66d5fa8e4e74994b490
                                        
                                            GET /?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146 HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None uuid=7890382669069009598; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node3.tradelab.fr


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /?type=tp&advid=2602146&uuid=1364649178480445363&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669962846%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669962844%2C%22prev_vis_ts%22%3A1669962844%2C%22curr_vis_ts%22%3A1669962846%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 302 Found
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=1364649178480445363; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None iev0=eJyrVjIyMzAyNDFTsqpWKiopVrIyNDOztDQzsjAxNzEw0FEqSs4rUbICMVJKiyAMoEgmhFVcAJKrrQUAfO4THg==; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None
Access-Control-Allow-Origin: *
X-Powered-By: Tradelab ITS / node3.tradelab.fr
Location: https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 06:34:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /seg?add=2491894:0&t=2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:07 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
AN-X-Request-Uuid: e58a0059-02c6-4bc0-aa57-d50353c8951f
Set-Cookie: uuid2=7031172592444309514; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /pixel?google_nid=tradelab_dmp&google_cm HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.98
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
date: Fri, 02 Dec 2022 06:34:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 285
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Dec-2022 06:49:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   285
Md5:    99eacce2df6348525adbb66179b6a122
Sha1:   9ae2089704548b1c8545021a9de724f71fa8fb84
Sha256: cd793d1e2bdcc66fa07e118627012f0d24684aa085f149eed09b86a06ade7384
                                        
                                            GET /pixel?google_nid=tradelab_dmp&google_cm=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.98
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://its.tradelab.fr/?type=tlsync_dbm&google_error=3
date: Fri, 02 Dec 2022 06:34:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   256
Md5:    71887a73cc8a27e417a04a9a689586c0
Sha1:   d3128cba3bfccf3eb54562cccc344d30ca175703
Sha256: 86083e6edab8fa44c3d8b0b5ff3a7292f6bdf16e2a3046f90a285f036b0ce96b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 06:34:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?type=tlsync_dbm&google_error=3 HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=6497525202034381519; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:07 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node4.tradelab.fr


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /fseg/2135.js?add=12608265 HTTP/1.1 
Host: cdn.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         152.195.132.24
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 1093
cache-control: max-age=1800
date: Fri, 02 Dec 2022 06:34:07 GMT
etag: "1bbd-59ff7646fd68a-gzip"
expires: Fri, 02 Dec 2022 07:04:07 GMT
last-modified: Tue, 03 Mar 2020 18:22:54 GMT
server: ECAcc (lhb/6364)
vary: Accept-Encoding
x-cache: HIT
content-length: 2594
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (518)
Size:   2594
Md5:    e8e2acc1934a78e938bb2f88981f126c
Sha1:   04e508ff2ef2b20c1edabb2861528cb353ee7775
Sha256: c33fd65b0d81fa1bfb50c0e3ff4ac82c26aa752ea196874322466bed02496acd

Alerts:
  urlquery:
    - Phishing - La Banque postale
                                        
                                            GET /bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:07 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 01520447-0452-4d43-8967-cfdf17e46eaf
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVVo0ctQ!]tbP6j2F-XstGt!@Dsp$vh5]; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:07 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:34:07 GMT
Connection: keep-alive

                                        
                                            GET /wp/37458/asset/991001.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-158f"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 5184a547-720b-11ed-b44e-4a12cea051da
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21030-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.598044,VS0,VE41
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2706
Md5:    24bac09845f2f0a66769b11ee130bc06
Sha1:   bdc10cb9347832635418915cc7ac36da1ad7a7e7
Sha256: ebb80a84b305bf7f20a69a3dd02cd0a6d3decf4395c30dd83e5c76492b6dc802

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:34:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Fri, 02 Dec 2022 09:05:04 GMT
Date: Fri, 02 Dec 2022 06:34:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:15:42 GMT
age: 83905
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /conv/991000.js HTTP/1.1 
Host: cdn.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         152.195.132.24
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 544
cache-control: max-age=1800
date: Fri, 02 Dec 2022 06:34:07 GMT
etag: "15a7-5c445be4e9274-gzip"
expires: Fri, 02 Dec 2022 07:04:07 GMT
last-modified: Tue, 08 Jun 2021 18:58:28 GMT
server: ECAcc (lhb/62AF)
vary: Accept-Encoding
x-cache: HIT
content-length: 2034
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (832)
Size:   2034
Md5:    866cef51cc7a1af978bd63d062ad7597
Sha1:   fc1a7e138eff4b50c0a722a777684720ff1a1450
Sha256: 339200fc612e99e909baf07bd33255243a505dbbb0b92ebe802b0ec89c843053

Alerts:
  urlquery:
    - Phishing - La Banque postale
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
age: 31354
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11402
Md5:    1c80b8025242ddfcc816ec612456b99e
Sha1:   aa944d10fe4a44b790b01ef62edc0f85a6d558e3
Sha256: a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:19:21 GMT
age: 83686
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8863
Md5:    156e9ea97b774cbd8361072e4041b6c8
Sha1:   fc71ae3cae92ed6011904bb2367f23bf4e69fab4
Sha256: 58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 32360
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 31572
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7732
Md5:    379a4a1b95d3aa3c5a4f8e7f9abb030f
Sha1:   d45dceb3dc58a07197aa5077582b5b1cd2ff791a
Sha256: 1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bBj-TXtavCuORZ9qBoZeVj-GXeRljAeW-98HY7lTk5_VRSKF4_07VQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 04:22:38 GMT
age: 7890
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4834
Md5:    cd8ad22c2eb1eb91c76970fa449f1bc4
Sha1:   0de97f3a4964038222bd751e043e413113e6db9d
Sha256: 668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
                                        
                                            GET /?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F37458%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669962846%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669962844%2C%22prev_vis_ts%22%3A1669962844%2C%22curr_vis_ts%22%3A1669962846%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:08 GMT
Content-Length: 43
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:08 GMT; Secure; SameSite=None uuid=7914231535238578383; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:08 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669962846%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669962844%2C%22prev_vis_ts%22%3A1669962844%2C%22curr_vis_ts%22%3A1669962846%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=4184347343244255138; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:08 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node1.tradelab.fr


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /seg?add=12608265&t=2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
AN-X-Request-Uuid: e97c897a-52c2-418e-aff0-4cef78c40a60
Set-Cookie: uuid2=696755890937424380; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /bounce?%2Fseg%3Fadd%3D12608265%26t%3D2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:08 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 65c3197a-b15b-4602-a6e9-c2cf1c6693e6
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?]o0ctQ!]tbP6j2F-XstGt!@Dt_$w5Na; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            GET /fseg/2135.js?add=12608266 HTTP/1.1 
Host: cdn.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         152.195.132.24
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 1098
cache-control: max-age=1800
date: Fri, 02 Dec 2022 06:34:12 GMT
etag: "1bbd-59ff7646fd68a-gzip"
expires: Fri, 02 Dec 2022 07:04:12 GMT
last-modified: Tue, 03 Mar 2020 18:22:54 GMT
server: ECAcc (ska/F73F)
vary: Accept-Encoding
x-cache: HIT
content-length: 2594
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (518)
Size:   2594
Md5:    e8e2acc1934a78e938bb2f88981f126c
Sha1:   04e508ff2ef2b20c1edabb2861528cb353ee7775
Sha256: c33fd65b0d81fa1bfb50c0e3ff4ac82c26aa752ea196874322466bed02496acd

Alerts:
  urlquery:
    - Phishing - La Banque postale
                                        
                                            GET /conv/991001.js HTTP/1.1 
Host: cdn.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         152.195.132.24
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 1167
cache-control: max-age=1800
date: Fri, 02 Dec 2022 06:34:12 GMT
etag: "158f-5c445be5b05ff-gzip"
expires: Fri, 02 Dec 2022 07:04:12 GMT
last-modified: Tue, 08 Jun 2021 18:58:28 GMT
server: ECAcc (lhb/630F)
vary: Accept-Encoding
x-cache: HIT
content-length: 2023
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (808)
Size:   2023
Md5:    76ab9cb9225329cbb283ca854ec51436
Sha1:   0b6c85a3be3979ecb9c5464c793fad122794b9a9
Sha256: e44c53266fbef09b992000993e8e46ed1ad51742ab33fb389b2eb934c66c0b5d

Alerts:
  urlquery:
    - Phishing - La Banque postale
                                        
                                            GET /seg?add=12608266&t=2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
AN-X-Request-Uuid: edd99f83-5976-458e-9998-0918aeafdf9e
Set-Cookie: uuid2=6320364616668290379; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669962846%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669962844%2C%22prev_vis_ts%22%3A1669962844%2C%22curr_vis_ts%22%3A1669962846%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=1286783975802021638; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:12 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node5.tradelab.fr


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F37458%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669962846%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F37458%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669962844%2C%22prev_vis_ts%22%3A1669962844%2C%22curr_vis_ts%22%3A1669962846%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1 
Host: its.tradelab.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         85.17.192.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.20.1
Date: Fri, 02 Dec 2022 06:34:12 GMT
Content-Length: 43
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:12 GMT; Secure; SameSite=None uuid=3379790615286591059; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 06:34:12 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    45cf913e5d9d3c9b2058033056d3dd23
Sha1:   30cb5d44e276505b1d4c053c8b25525da228db30
Sha256: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
                                        
                                            GET /bounce?%2Fseg%3Fadd%3D12608266%26t%3D2 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 06:34:12 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 8bfaf186-9ec4-413f-b97c-34fcb16d9492
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?_o0ctQ!]tbP6j2F-XstGt!@Dwp$xsYq; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 06:34:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 31579
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6564
Md5:    58a28fc1cbcacdb07b3ca175281982b5
Sha1:   9bc47ee49fc070d0997e49a719bd9758685ad583
Sha256: d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
                                        
                                            GET /packages/shop/0_2016937distrib15/win32/nw.dll HTTP/1.1 
Host: pkg-store.dl.mail.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         188.93.63.73
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx/1.18.0
Date: Fri, 02 Dec 2022 06:34:06 GMT
Content-Length: 160184320
Last-Modified: Sat, 19 Nov 2022 15:24:40 GMT
Connection: keep-alive
ETag: "6378f538-98c3800"
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /wp/37458/asset/uwt.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-ddec"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51825aa9-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21048-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.590588,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/css/bootstrap.min.css HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
etag: W/"638795c4-2606e"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 5180d567-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21062-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.580267,VS0,VE34
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp/37458/asset/oct.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-ddec"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 51828a2c-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12762-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.593699,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/base.min.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-8aad4"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 5184c12c-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams21034-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.605715,VS0,VE33
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/wamfactory_dpm.laposte.min.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-1398"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 518273b2-720b-11ed-b44e-4a12cea051da
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12757-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.592978,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/e1e16f7b41.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-4071"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 5182f907-720b-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12770-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.594189,VS0,VE30
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/wreport_wcm.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-3e68"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 51824b8f-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12747-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.591983,VS0,VE35
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/991000.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-15a7"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 518328ae-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12771-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.597402,VS0,VE27
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /tro.js HTTP/1.1 
Host: mmtro.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         195.66.82.41
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 02 Dec 2022 06:34:05 GMT
vary: Accept-Encoding
x-rid: 63899c5dbbbdd6c448bbbe18
cache-control: private, max-age=259200
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 5
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp/37458/asset/f.txt HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/plain
                                        
content-encoding: gzip
etag: W/"638795c4-9c44"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 5181dfe7-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12724-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.587016,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/bat.js HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
etag: W/"638795c4-976d"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 5181fc1b-720b-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12765-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.589860,VS0,VE30
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp/37458/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css HTTP/1.1 
Host: dev-bpbusines.pantheonsite.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/37458/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.185.0.3
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
etag: W/"638795c4-3cf1d"
expires: Fri, 02 Dec 2022 06:34:04 GMT
last-modified: Wed, 30 Nov 2022 17:41:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 5180c9d9-720b-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 06:34:05 GMT
x-served-by: cache-ams12778-AMS, cache-bma1659-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669962846.582067,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2


--- Additional Info ---