mutuelleawoundjo.com/postnewl/pomo1.zip
91.234.194.177200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/postnewl/pomo1.zip
IP 91.234.194.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
Analyzer Verdict Alert fortinet Phishing
GET /postnewl/pomo1.zip HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 6f42a7bcbe4aaba1fa7d42ea47f11853
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 6f42a7bcbe4aaba1fa7d42ea47f11853
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8124
Expires: Tue, 21 Mar 2023 09:24:05 GMT
Date: Tue, 21 Mar 2023 07:08:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15574
Expires: Tue, 21 Mar 2023 11:28:15 GMT
Date: Tue, 21 Mar 2023 07:08:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 06:27:23 GMT
content-type: application/json
age: 2478
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10420
Expires: Tue, 21 Mar 2023 10:02:22 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W1Gi1ZhJhQNWsw0JQcq/GPCwx3gu7gsf8G16Vwjv22jwagk0bYWYGOX8N0Ed2Hk2y9iH3U0WEgE=
x-amz-request-id: Q9TW2CQ66E4DY2T5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 06:59:01 GMT
age: 581
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.24.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 990870
expires: Sun, 10 Mar 2024 07:08:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0ezR%2FhL%2BRJypEf06IKV%2BZ0JrqaFA52dTF3vY8K%2F6JlH6gd5lkC6CtwEzsE0TRWDSbL%2BuQ5JaAmKtr5MwA068m9inOfX6pz1H7Jm7RGC%2Bk%2FyOqTQ7cSB6ty8yXprIsYCAshT90WO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab45d7b3f08b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mutuelleawoundjo.com/assets/css/style.css
91.234.194.177200 OK 7.1 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/style.css
IP 91.234.194.177:0
File type assembler source, ASCII text
Hash 3b402010e8a147b7a577178db3c69dab
21a9b270777e07b1734b19628a6a3260a7663b43
402b59a2c5ac7c85a9d811940283a9b436426fca18c2e1e209e8b50acea458ae
GET /assets/css/style.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 45a79f2b6e0c4fd88d9e8f0d783725e9
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 45a79f2b6e0c4fd88d9e8f0d783725e9
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mutuelleawoundjo.com/assets/css/style-magnific-popup.css
91.234.194.177200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/style-magnific-popup.css
IP 91.234.194.177:0
Hash 7b8f05b1183b730e02e928a52cc60331
ff78eb959806180ee70e1b755ce1fceb52e8d987
fbb005c814afcef3efb933f74534fbb1cd519812ba53823c48cc3b69866674f6
GET /assets/css/style-magnific-popup.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: decb22b062da5d31ab4eea73a9cc0fc1
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: decb22b062da5d31ab4eea73a9cc0fc1
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/animate.css
91.234.194.177200 OK 4.4 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/animate.css
IP 91.234.194.177:0
File type ASCII text, with very long lines (460)
Hash 4adee009653c309283ce65c4a7f5f10f
0b9bda7dd53af479e12d5010515308ac0478560d
e60768c7a13eef3135b05b4b8c57698a14d4f7fc2457f5a5f1e672b3b4a95dbf
GET /assets/css/animate.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 13fc8e9bcb507018c031066d08db4f86
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 13fc8e9bcb507018c031066d08db4f86
Content-Encoding: gzip
mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap
91.234.194.177200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap
IP 91.234.194.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
GET /assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: ec419911dd7ea6cd47ef955abb282510
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: ec419911dd7ea6cd47ef955abb282510
Content-Encoding: gzip
mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap
91.234.194.177200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap
IP 91.234.194.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
GET /assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 1dde1aee6ef656f311bcceed4041139a
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 1dde1aee6ef656f311bcceed4041139a
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/all.min.css
91.234.194.177200 OK 12 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/all.min.css
IP 91.234.194.177:0
File type ASCII text, with very long lines (53592), with no line terminators
Hash 16d80f886c053851c432d86bc9af2519
9d3b480c50c9ca97d54ba10f5bf0d78f1b71f8e9
cff4a9e698820b8bac881442c8b5e7fcd386121076a57639ce1fef22e17ed12b
GET /assets/css/all.min.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 05c764a5873e2493d4ba4e269775f601
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 05c764a5873e2493d4ba4e269775f601
Content-Encoding: gzip
mutuelleawoundjo.com/assets/css/bootstrap.min.css
91.234.194.177200 OK 21 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/css/bootstrap.min.css
IP 91.234.194.177:0
File type ASCII text, with very long lines (65324)
Hash ce578363212522af918556ef95b47122
bebb1286fc11b3f1fdbbe12db425ee9d524eb9b3
ab9610e9cfaa6e58ec43ea67c0646749382f4a39f50dde37e2ecbf64858e9c55
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 2295332447862022f2fe9dbf5435f199
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 2295332447862022f2fe9dbf5435f199
Content-Encoding: gzip
mutuelleawoundjo.com/js/app.e7213973.js
91.234.194.177200 OK 11 kB URL HTTP/1.1 mutuelleawoundjo.com/js/app.e7213973.js
IP 91.234.194.177:0
File type Unicode text, UTF-8 text, with very long lines (36219)
Hash f5618f8e0a7bd32749b004ffd0319b2b
fba0303294a0380047cf8d77e92bc39d1cc3affe
8a7562c9cc86f6e6201f8b7d78d784653ec9a37f36542a5e7d7953442430a220
Analyzer Verdict Alert fortinet Phishing
GET /js/app.e7213973.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 94792d0372953b702fe419cb2e45c3cc
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 94792d0372953b702fe419cb2e45c3cc
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3f24ce366b94406426ed4d11da90eb9b
e0caa66ec2616ab0c3bded00f62dc432b6015d71
09c4a9f610206b142a305cbd30b1f4d41d6cebdbfa21b820663516a5fba7bd63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09C4A9F610206B142A305CBD30B1F4D41D6CEBDBFA21B820663516A5FBA7BD63"
Last-Modified: Tue, 21 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14359
Expires: Tue, 21 Mar 2023 11:08:01 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive
mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js
91.234.194.177200 OK 1.3 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js
IP 91.234.194.177:0
File type ASCII text, with very long lines (2269), with CRLF line terminators
Hash 1397396350648dfb825604df63b03f9d
edfd49551f4641779cae86db20a89b07c61c8181
dec1c0a204256be5c7a449cdf1e9315af7562624a3fdd3c4cb2fe8f04e011a29
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.scrollTo-min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 8efbfeb4ef382474082f27f1859f6235
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 8efbfeb4ef382474082f27f1859f6235
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js
91.234.194.177200 OK 7.7 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js
IP 91.234.194.177:0
File type ASCII text, with very long lines (21014), with CRLF line terminators
Hash b6c05412e241fce985169737ec2ffa06
93742215a64e9cfb6feac7ce6c88ead7b8c667fb
38f0fe6bf58b2cd41f0f2d53fe5d094bd7e67474f1e1985c3eb931a04ce9bf27
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: ce760bce07899888d194773829120f5b
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: ce760bce07899888d194773829120f5b
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/bootstrap.min.js
91.234.194.177200 OK 14 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/bootstrap.min.js
IP 91.234.194.177:0
File type ASCII text, with very long lines (50758)
Hash 2e8e1f197b42775ab5106fa61de291e3
892b25b208b869fca845a3ef18d85412d4798b0b
0f11883c639fb5dd4ed4000da3bf4836567b3d4259e3fb4ace69bd0aac49539e
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 36bcb3c2c9d3307c98e5b9e91f9f0921
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 36bcb3c2c9d3307c98e5b9e91f9f0921
Content-Encoding: gzip
smtpjs.com/v3/smtp.js
109.169.71.112200 OK 871 B IP 109.169.71.112:0
ASN #20860 Iomart Cloud Services Limited
File type Unicode text, UTF-8 (with BOM) text, with very long lines (841), with CRLF line terminators
Hash 3834e1b9e65ca954b7479464ea1e5118
437df45dbf59c3a3414236f44e3bcd5045bfe314
fc33c6b2c79aafa930e841962ae3c25bf8f56cbc20ec48fc2b0ddd0aa6ee23b6
GET /v3/smtp.js HTTP/1.1
Host: smtpjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 17:17:51 GMT
accept-ranges: bytes
etag: "162f436b85b7d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 21 Mar 2023 07:08:41 GMT
content-length: 871
X-Firefox-Spdy: h2
mutuelleawoundjo.com/assets/js/jquery.nav.js
91.234.194.177200 OK 1.9 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery.nav.js
IP 91.234.194.177:0
File type ASCII text, with CRLF line terminators
Hash 4e9fe5cce09723a06ea516cd87b93583
691d2b563d0394611e4f6dcd2f720ad71d52d575
3056e91767288aa298f3553545d59381c353ef210a357f293e28cb485d2742e5
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.nav.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 1bf658cd1c2853ab4136838207feeac0
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 1bf658cd1c2853ab4136838207feeac0
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/wow.js
91.234.194.177200 OK 3.6 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/wow.js
IP 91.234.194.177:0
File type ASCII text, with CRLF line terminators
Hash f2f3fcc978521c728bcce24108d00b6a
eeae9d90b3330f622dead18d6545dd343fd32770
98bdf547bf0a038bf5183f73864a5e1baa5d36c35ddb791cf6bf734bc54dfe8a
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/wow.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: f39370130e333b1a49cca28d89336a7f
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: f39370130e333b1a49cca28d89336a7f
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/plugins.js
91.234.194.177200 OK 987 B URL HTTP/1.1 mutuelleawoundjo.com/assets/js/plugins.js
IP 91.234.194.177:0
File type ASCII text, with very long lines (1276), with CRLF line terminators
Hash 7d5f08c8f499b062d7c7a0796e85ed19
0b2b955198d2b689f0571d21f2255ebb95e84b2a
62f9392d09a010d5f5f19a43c2b0731548887e939d0b3ce8e7214d0b4b20a976
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/plugins.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: de591d81e60e836bed63a32231a03c22
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: de591d81e60e836bed63a32231a03c22
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js
91.234.194.177200 OK 30 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js
IP 91.234.194.177:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 1c53d96a3a3e7377e973c0e8cc182244
e9a4d706126070ef863f9e4befa3bb30443049de
5a94334fb849fa2575f1b5f02253d2a87eadd56c30f1876113e372f41eddf307
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: f3972e5a262ef67b2baf9271934d403b
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: f3972e5a262ef67b2baf9271934d403b
Content-Encoding: gzip
mutuelleawoundjo.com/assets/js/custom.js
91.234.194.177200 OK 903 B URL HTTP/1.1 mutuelleawoundjo.com/assets/js/custom.js
IP 91.234.194.177:0
File type ASCII text, with CRLF line terminators
Hash 16239eb2e834756028376cc33f68da56
54047e192d55f6846af0d1aeec35b68a242eb038
cc3c055d71a9005b5bf0738ab99edb0aae4000fa2fa7d4254d97dc9f7a8190c0
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/custom.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 619159a9fa30178251fa8525ead6ae80
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 619159a9fa30178251fa8525ead6ae80
Content-Encoding: gzip
mutuelleawoundjo.com/js/chunk-vendors.30130055.js
91.234.194.177200 OK 68 kB URL HTTP/1.1 mutuelleawoundjo.com/js/chunk-vendors.30130055.js
IP 91.234.194.177:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 46c36c68605a61746e49276bdf8b39ba
e6aecf70e39aa711c537056c723994cde1ad5d8a
6bd878feeebced785e31e718f0594b04dbf9559e08a8c03b9d32b01becb53f1b
Analyzer Verdict Alert fortinet Phishing
GET /js/chunk-vendors.30130055.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 206086f986858642c88f477ed6d25439
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 206086f986858642c88f477ed6d25439
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mutuelleawoundjo.com/postnewl/assets/images/logo-awoundjo-5.png
91.234.194.177200 OK 2.0 kB URL HTTP/1.1 mutuelleawoundjo.com/postnewl/assets/images/logo-awoundjo-5.png
IP 91.234.194.177:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Hash e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2
GET /postnewl/assets/images/logo-awoundjo-5.png HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: ada9c1cccb6baf2b7d3ceec75d1d9b49
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: ada9c1cccb6baf2b7d3ceec75d1d9b49
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 53fc885d393a909d58d2f3d067f2268b
78b5b7d30330f9867bcf3491205e536ddff329f1
6a1434b4e7bf22a44646435aa34b12ac6989144f82ee194d11a0130047317c19
GET /gtm.js?id=GTM-PJVDLCK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 07:08:42 GMT
expires: Tue, 21 Mar 2023 07:08:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 21 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 06:14:33 GMT
age: 3249
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2
91.234.194.177200 OK 74 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2
IP 91.234.194.177:0
File type Web Open Font Format (Version 2), TrueType, length 74288, version 1.0\012- data
Hash eac60e8a656781e13d2a674b4d9051c0
0039be9d8a99d1e5cf200ca3e08757692020460e
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
Analyzer Verdict Alert fortinet Phishing
GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/assets/css/all.min.css
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: font/woff2
Content-Length: 74288
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 1e53d86965dcdeab8c2dc858540cde0b
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
Accept-Ranges: bytes
fc-cache-status: MISS
X-Request-Id: 1e53d86965dcdeab8c2dc858540cde0b
chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js
96.6.17.210200 OK 1.2 kB URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js
IP 96.6.17.210:0
Hash 17307ebdbe19457b8cdeb139a6915b45
e362d5e19cc43f451edf7e28a07ec58bed872bf8
03152d3468d04ea7362d145d1d27f8252fec8c1850282a12c436d236b786d0b9
GET /mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2N8UORbDyR3Vy7YCyJMZoh8JU8WyCmiiXAzuW56BtxGpkLBbpiBKQkyvXhwvUoKz0woYeDDPlD0=
x-amz-request-id: TY16FM4VNF4QA6YK
Last-Modified: Thu, 04 Mar 2021 11:53:42 GMT
ETag: "58baea52eec25dc489c1c9cc50788276"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 0, 0, 6, 8
X-EdgeConnect-Origin-MEX-Latency: 107, 109, 107, 107
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Tue, 21 Mar 2023 07:38:42 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Length: 1220
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5ddc43c921b886daaaac1b000d49519
e7b7e43165fc80b8f515f5da61e6592d7b30190a
5f4f21601eb9e942f7dd1328092f992d1229009fbd336cf1c4301f28c31bc3bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F4F21601EB9E942F7DD1328092F992D1229009FBD336CF1C4301F28C31BC3BF"
Last-Modified: Mon, 20 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9923
Expires: Tue, 21 Mar 2023 09:54:05 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9138
Expires: Tue, 21 Mar 2023 09:41:00 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
54.230.111.124200 OK 72 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
IP 54.230.111.124:0
File type ASCII text, with very long lines (65526)
Hash 7388e71ed6d7773bb6ca05ffae97ae59
b5887c2704ddaf34407dee0f13ed8f7ea8469a76
87a233e2c1a82d28f7926dd53d8b7fdac4a1e90c8f2d26b1c5fadf62bfb4d330
GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 18:27:57 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 14:28:43 GMT
ETag: W/"3281ba63652083b7a938a78b62fe19d4"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zRbhiE0tjwXm6KYNCpPsWCGBVObPkMpZ8AFH_pVFlzYy-PIXh2rbYQ==
Age: 60001
Vary: Accept-Encoding, Origin
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=112582
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:25:04 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
mutuelleawoundjo.com/assets/images/icone.png
91.234.194.177200 OK 39 kB URL HTTP/1.1 mutuelleawoundjo.com/assets/images/icone.png
IP 91.234.194.177:0
File type PNG image data, 264 x 268, 8-bit/color RGBA, non-interlaced\012- data
Hash eda9707ac00d9ff2a03b6793614419c6
77e912009ceda1323d968c46e1db63e2c5b36c2c
58dced7600085179a6186295ec0c1086cd6210d1ba3689cb3d1fa9ee0067c4c7
GET /assets/images/icone.png HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 2a2c8264c2fac3b9030cc72e625ccd22
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 2a2c8264c2fac3b9030cc72e625ccd22
Content-Encoding: gzip
api.countapi.xyz/hit/mutuelleawoundjo/key
161.35.138.20200 OK 15 B URL HTTP/1.1 api.countapi.xyz/hit/mutuelleawoundjo/key
IP 161.35.138.20:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash d0930d353385a77f2a59d06a319fcb78
c294204f110f0ab05a05d8787c5ed49f692e9055
3597cfa9963ea7d257a2ba3d0d2e377daeb5c33bca5bda5e30cb7085918ebf2a
GET /hit/mutuelleawoundjo/key HTTP/1.1
Host: api.countapi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mutuelleawoundjo.com
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 15
Connection: keep-alive
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-Worker: 0
X-Version: unknown
X-Path: mutuelleawoundjo/key
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=112582
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:25:04 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: guXLG9EG/JG8RD5G9GDOYph5quVvacb3GXqYMqFpuXUZA57I6daitBkVaGo7eR8iQ3IvwdbDVQmwO/VFu892AA==
content-length: 27907
x-fb-trip-id: 1904183273
date: Tue, 21 Mar 2023 07:08:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js
31.13.72.12200 OK 91 kB URL HTTP/2 connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (18743)
Hash 0e42aa302c3c1edc64e308b92a35e467
91f176f3a3aac2ddf6e3d97d55b77b009d83a0c2
48731dc72605585f27cd687cf34a9ea489710297f00385250358ff0441d6b260
GET /fr_FR/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 730e421aee17a1e2b60a9b771923c82a
etag: "266c8f727a5f2d5d10659f4062b60028"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Mar 2023 07:16:38 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: DkKqMCw8Htxk4wi5KjXkZw==
x-fb-debug: MhpC1zhm33ZLjLpITz4busTS+TwaGTn3y6NPq9h+deEqZX80S/LQB3m3e9nXGcWFr166jJgzbaaZTYkXNMof/w==
content-length: 91082
x-fb-trip-id: 1904183273
date: Tue, 21 Mar 2023 07:08:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=112582
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:25:04 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471
mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
104.110.24.122307 Temporary Redirect 0 B URL HTTP/1.1 mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
IP 104.110.24.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us1.list-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 307 Temporary Redirect
Server: AkamaiGHost
Content-Length: 0
Location: https://mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
Cache-Control: max-age=0
Expires: Tue, 21 Mar 2023 07:08:42 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive
Set-Cookie: _abck=4ACF95E38A4FA915A759021146BA544F~-1~YAAQrU0kF2IHl+SGAQAAdaz/AgmLLQMCgta6+NB81d03772pKqa7pz15Yn1WL82jUwBXm1TWhk8/2zdlFhN50PUK9nVsDhpwDI8m3dz/YDH1D+P76attD+n2BZkh0o6pvsuedKoH1ukSsJfCGwlhWCqCvm3YZJnnEg41YVeYNaOrW60Wn5VYufcdLyWFzKSmB2TlWEteMV7yIXYXR9XY5TA+yOkQd4OFeAa4NGZy5PaG83fNyT09+hKw8VC8Ge6wMwi7wNB5rtlu8fiyN+fHGP0ovTcr5K7CHIoUPGkjnLTG+9Nw71PYA6Iz9bKLS8ZYP5Qy5fa3z4tc3uTPMGzvdM44f5fHLQohx0b6as4=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Wed, 20 Mar 2024 07:08:42 GMT; Max-Age=31536000; SameSite=None; Secure
bm_sz=A099FB88A23A56C42886FC67744EDA25~YAAQrU0kF2MHl+SGAQAAdaz/AhPzL+l3tKULeM0RL4la1q2JJXbBwqHVE9qY+64hFkXBlDvLIqYlLWLC2A5Mq3TpSXJUQLxD04EKO+ZDVCcrvGWxIC/ahfq2FoV2OuYBXKG+uX4y3vgmE6XLON0xB42WH94rZ4ZlMFjRZufXFFTAvXp+obB/eFhosOeG8FOdzXqmcxnGzDtpqHVOUe5blPtNyztWLL0kigdwwPIULUIv4F/3qbtn34Z4h+3KXB8wyUKW+DXby6w84D0E5fbcGGn0j/+FhJimJKI+FDYLx0VE+HeeFZTRJQ==~3425081~3622469; Domain=.list-manage.com; Path=/; Expires=Tue, 21 Mar 2023 11:08:42 GMT; Max-Age=14400; SameSite=None; Secure
push.services.mozilla.com/
35.83.98.99101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.98.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2yyCfd/punjE0LZSzvhc0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K1lJFW383OeqhvOwlY7f1GdXF7g=
mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
104.110.24.122200 OK 6.1 kB URL HTTP/2 mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
IP 104.110.24.122:0
File type ASCII text, with very long lines (12624), with no line terminators
Hash ef12dd2ffb74ce0bd87a9f4874b3f68e
43f4749b3c64cae4cd724cc32a55f9b78a8b9927
7bb5c19adfcc9250fb66306f1b91f567cc2f63e5738e63f0c5923c4500daa201
GET /subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us1.list-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mutuelleawoundjo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
content-type: application/json; charset=utf-8
content-length: 6103
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 164
cache-control: max-age=300
expires: Tue, 21 Mar 2023 07:13:43 GMT
date: Tue, 21 Mar 2023 07:08:43 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.735c8c0d68f28aaad7af0b6b2b8b4d2d.cd8cd5d72c95633802b32612179fe6fea9689cb744141435628a14d6fc14278a; expires=Wed, 20-Mar-2024 07:08:43 GMT; Max-Age=31536000; path=/
_mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_abck=A03301E1AD3CAD04691EBC573E9D3F25~-1~YAAQrU0kF2YHl+SGAQAAUK3/Agn62F7TuVCzuwt0npc7Faatqzj+mRkhpsYR+8Hdnz+oglgjQ4lJarr56fA9hPWmMENEmSyLhSA/Dz5obHB2zajgM8rS6vNP6Fw3+dFjhJU7QhuRltqBdrM/snoLu9YFsibQ+IW0ABgp1iDqdKa530CllO8CXnTU7unodgzzXOksK4c7VHuVLc2IYQzY7mUgCNEVgTbep/i4LcUQdoaNIIXv/xr1E2hhR5hTyYRG6AvvtJWI+JCnGG3afkaBZX6WupoRJ1u1GbTuB36mhCwSnCuPs8DCQYFOoOcN09FcdOBbYN3s0oW3dkJZS6/mt6vgpjk3+0JlejHRNCJWSI+m8SGTJEM7Ht7uyefNLabrCTE=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Wed, 20 Mar 2024 07:08:43 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=B6F4D8076363E9196DD7EAAA906EC4A4~000000000000000000000000000000~YAAQrU0kF2cHl+SGAQAAUK3/AhOCAmrJa7aifm9E7tCxzmjSQVZB6XOHs1NW3bvIwCDSVZbXKrMe+veZM1paBmRPx17TEmCxmi/SCW/fHCnAhig9PyerRmWThcliU6jtxpH9y6ZmQtSn0iWRB0MHqxd7mZ5jXVGj4Scr7c3PiZZAgZudNfHIhfpC0WDIblh/F92RA6KWTqn7rq8KqoiYGCTDMlHXj6nYVHaQ4mgg30P8BQIdjPWjHExt+8rzbzuABV0zqmIUb8ToglGhzkPyQmcMTHIV593zs9yu34+UcKxLXspkmnqQynh/fHUgiSCB02CirE+1shR6YHYFEsC26XGj3CNlMpGUCCf7O9ZqV6/TRg7UiyGJB1VmmIwy2dFttl2sh/4hYbIm/WKz/wGoQUVA; Domain=.us1.list-manage.com; Path=/; Expires=Tue, 21 Mar 2023 09:08:43 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=F9E88403A272B3B0AC1FF558AFF64BDE~YAAQrU0kF2gHl+SGAQAAUK3/AhO7NTCi93IlpVZM8wWymbwGgSXfA02u7mzOrNIdgU9bd3uNlsEIw/bAGqdcehND/tWdXxvGU4p0WC/qzEeb2h5Fv0LDWeLDkor9nW7pK6Ih502WqtGJFzVfcFyNGAcgGej/+xEaxWsesX1wEP24OIMDqYT1kgZhUCzs4E5uNqgGMScbkq53ob3iUhjZf0tC+w2MUsAEJ3MROQibjliMalJGrUn4OlieMUpDsPJcAavOtqsvPPgDOCsB36Q/MNn5T+KfC4PExIDtTdxzk8oYFKN8i3nikw==~4405553~3425602; Domain=.list-manage.com; Path=/; Expires=Tue, 21 Mar 2023 11:08:43 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
54.230.111.124200 OK 31 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
IP 54.230.111.124:0
File type ASCII text, with very long lines (65526)
Hash 618efb31ded37bd3f9e98835c73b22ae
7c34c19b6769e591082d2a7b2b32dbaaeaa6899d
4e9b97a2857f15449a20224d7bb7cdbe16e4407e9aad0c26c36c3f30686e7a9e
GET /js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 20 Mar 2023 15:21:56 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"d3149280c831cbf6538770c71a916f43"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 53GzfobXBHeJvxTl70kdBNWbIhAda6JwHfDHHvSuw0OvUl9FsBHZ8Q==
Age: 56808
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
54.230.111.124200 OK 2.6 kB URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
IP 54.230.111.124:0
Hash 5e4789e49ab7f14e47d25f6d47c3d2ac
2365e3104a719fb8b01dc4f0e24b727002374585
32fc8a30611eebc0b9e794adc8a0b505b61c4ad088d3fae7459657a6716ffc72
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 21 Mar 2023 00:26:55 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8JPTVYO2FSSwyi-azLuk6SU_wZZ1geSku4nOfKybuwFrnk8LOGcUvw==
Age: 24109
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
54.230.111.124200 OK 449 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
IP 54.230.111.124:0
Hash 151695bb43f43a675b7f61b4e437d823
41c02e03522c9bc08a68e51374d508ac4ebd1982
ab525283d897b4c7624799f01ff2b70d88a9988ae1d3ba564b6aefd51fada34d
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 20:21:56 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: myBs6KZdqVogCTpjYlPxKqRTCvqL5zAzCwlh4rvqcY0QgnMI6oWCVg==
Age: 56808
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
54.230.111.124200 OK 460 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
IP 54.230.111.124:0
Hash 633c2f860627c0a8e753366c8cd0865e
e2cff56f5dca706222c9a9ad635d45182fae26a7
2d8e9d6c61910f38ca95a5d4c653f047e0f121cf1375ce95bfd70dc34c7b43f6
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 16:26:24 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b-q99rH5_Rd3uQxIktSGUwG0bz0TEBGjBlDtdF-RNweYitR__demGg==
Age: 52945
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css
54.230.111.124200 OK 945 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css
IP 54.230.111.124:0
Hash cff4710f863e85980b11cdc1a67e45e5
272b6b68af6d70bd7e1b69b251ac5821cf3daa25
8a3b8e717762c3e251de403a2f6b06da68e2fce957e10474b0a75c1f610799c3
GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 16:56:07 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A4McTLaTZRiDWDfjqcNTOpFIJQeqmT3oSK1vO4vc_ct0eAVG8nM8vg==
Age: 51157
Vary: Accept-Encoding, Origin
ocsp.pki.goog/s/gts1d4/pwC35NHlTQI
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pwC35NHlTQI
IP 142.250.74.163:0
Hash cef9a8d48dfa97d331f55cf1ead8a6c5
000e90eb878a681d45c506d3a9e2dcc109c9b5b9
8308c711af568957617d886276f2c1ae13f6868b13b3a24bcf992a467618f78c
POST /s/gts1d4/pwC35NHlTQI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
54.230.111.124200 OK 2.9 kB URL HTTP/1.1 downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
IP 54.230.111.124:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8ccb03508055e57adb4cccc5f0d12922
e1eb2628d634cd2bd35d2801988569188a3874de
df434c9b18358d341df42cf1ed468fca285fd39089b9e4c0b6a6fae49a298046
GET /images/signup-forms/popup/textBadge.svg HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://downloads.mailchimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 20 Mar 2023 23:43:08 GMT
Last-Modified: Fri, 20 Jan 2023 18:27:58 GMT
ETag: W/"08dce9f767c64a8247f61eb5897a5a7f"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gEy7FRgThz5y_TLF_tyXBvcdANolIxCvMuTofDUyAR2bjiqM3jxy0A==
Age: 26736
Vary: Accept-Encoding, Origin
mcusercontent.com/218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg
34.96.122.219200 OK 14 kB URL HTTP/2 mcusercontent.com/218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg
IP 34.96.122.219:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 403x386, components 3\012- data
Hash 0f1cf5d4478ee14cc64897c68bd94d92
270ca9cc00645ee007cf85ba67fb47808a81606d
5b34413ac0f98689c908346e61e426e6ad3ee010c967639716d8496d80177d3c
GET /218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg HTTP/1.1
Host: mcusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvPo0zTSkp2eOvpKze3jMVMdgaWZt5aC_Jr01Xz9K_9RpvGFJrzRe93GPO7KMkjU5JqqSbn8Oe72hF_IXOGO7xvrJgEeOjQ
expires: Tue, 21 Mar 2023 08:08:43 GMT
date: Tue, 21 Mar 2023 07:08:43 GMT
cache-control: public, max-age=3600
last-modified: Fri, 19 Feb 2021 09:47:44 GMT
etag: "0f1cf5d4478ee14cc64897c68bd94d92"
x-goog-generation: 1613728064711770
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13547
content-type: image/jpeg
x-goog-hash: crc32c=CmQyAQ==, md5=Dxz11EeO4UzGSJfGi9lNkg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 13547
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/pwC35NHlTQI
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pwC35NHlTQI
IP 142.250.74.163:0
Hash cef9a8d48dfa97d331f55cf1ead8a6c5
000e90eb878a681d45c506d3a9e2dcc109c9b5b9
8308c711af568957617d886276f2c1ae13f6868b13b3a24bcf992a467618f78c
POST /s/gts1d4/pwC35NHlTQI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07b787370d844cd515ddd9fa2f18dd2f
05af207b7d57654a46bcbaa335b05b05cdc03d48
37064c2c7234ff6172959969ba6d56decc8e8900c9a8f7ef177db7198144a7ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: dabbce3d-fb36-404d-8b37-3bafed979062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFFfBIAMFdMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-5cdf621e6196e46f7a1e849c;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Anx47g-q0flhxg1Cl9SwKS3vGlWvQb_0TE74szKGGTiB6oY-QFsDPA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:02:19 GMT
age: 32785
etag: "05af207b7d57654a46bcbaa335b05b05cdc03d48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 31523
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gnFLBOJmRcgsHzy_KXjzE6LwwN4CSqz99pIhYMBx8xrHa8UO6O0kJA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:30:20 GMT
age: 85104
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83b411d866428669d03b1976161389e7
7ea69307d21876d48217e4845204c7cc84db101e
461a26b9fcda639f3935a9355cbe12f49a17e4eb754281fa9468317ec40eccce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9160
x-amzn-requestid: 8f8a7d81-ac5e-4992-a0cf-95b3c9791bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEW3qFRnIAMFZBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641804fd-64acec7844b88457144b35ce;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:02:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nXc8T4YB4Rfq6CIt6rCUV94uQ61TMPabrrHpBOX74N0wFhlk0BNRjA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:44:58 GMT
etag: "7ea69307d21876d48217e4845204c7cc84db101e"
content-type: image/jpeg
age: 84226
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e538277f72ecedd22d24c1012250fa9e
4bd955ea3790a6926486e3d56f51c712c56997d7
5f4d374598cfb1a78e7016ec3a0b563e61e7481be202c34b10c9fdfbfc7b638e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 3aaca817-ebbc-449f-806c-d5a2a7559335
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFEmFIAMFqhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-435381723c24efc66eed6b4b;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ucKJdzsuQMhDuZHuaBcW8q8tDkm1tepcMkqRtTRUuzF-7CIuhAR2MQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:27:44 GMT
age: 31260
etag: "4bd955ea3790a6926486e3d56f51c712c56997d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Ny4CqRzNVdxjmFQCGaiGS8QzYENhsLMUaOjm-GcmQk-mdUJirBCi8g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:02:12 GMT
age: 32792
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1679382527042&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679382527041.211782459&it=1679382525270&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1679382527042&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679382527041.211782459&it=1679382525270&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1679382527042&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679382527041.211782459&it=1679382525270&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 21 Mar 2023 07:08:44 GMT
X-Firefox-Spdy: h2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1
157.240.205.1200 OK 0 B URL HTTP/2 socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1
IP 157.240.205.1:0
GET /new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://mutuelleawoundjo.com
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: http://mutuelleawoundjo.com
x-fb-debug: AImuVYfCOY3Jhqaq34ZagAlU5qh51iTkVwFa/BypXNzC/YliaWnkGxaOVzRulw13gjeplleFRHqC5DF8Zy+A3g==
date: Tue, 21 Mar 2023 07:08:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/sweetalert/dist/sweetalert.min.js
104.16.122.175302 Found 0 B URL HTTP/2 unpkg.com/sweetalert/dist/sweetalert.min.js
IP 104.16.122.175:0
GET /sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /sweetalert@2.1.2/dist/sweetalert.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GW1FRMVP47TMQ0TD3BZBF1CR-ams
cf-cache-status: HIT
age: 219
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ab45d7b883b1c0a-OSL
X-Firefox-Spdy: h2
unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
IP 104.16.122.175:0
GET /sweetalert@2.1.2/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mutuelleawoundjo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
via: 1.1 fly.io
fly-request-id: 01GQ3Z0V5XBTF4RAKCHZ08Z48V-fra
cf-cache-status: HIT
age: 5285822
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ab45d7bb8691c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2