Report - mutuelleawoundjo.com/postnewl/pomo1.zip

Report Overview

Submitted URL
mutuelleawoundjo.com/postnewl/pomo1.zip
IP
91.234.194.177
ASN
#16347 ADISTA SAS
Submitted
2023-03-21 07:08:53
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-26T05:09:44Z	417 B	5.2 kB	104.17.24.14
chimpstatic.com	4832	2017-04-21T07:35:42Z	2023-03-26T05:14:40Z	433 B	1.8 kB	96.6.17.210
downloads.mailchimp.com	11609	2012-05-23T20:26:46Z	2023-03-25T18:24:35Z	2.6 kB	114 kB	54.230.111.124
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-26T05:09:01Z	768 B	122 kB	31.13.72.12
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	625 B	349 B	31.13.72.36
api.countapi.xyz	125784	2019-03-28T12:07:18Z	2023-03-24T13:15:24Z	443 B	450 B	161.35.138.20
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.83.98.99
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-26T05:14:10Z	784 B	1.1 kB	104.16.122.175
mutuelleawoundjo.com	unknown	2019-05-08T19:54:27Z	2023-03-20T18:17:12Z	7.2 kB	317 kB	91.234.194.177
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	3.4 kB	8.9 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	1.4 kB	2.8 kB	142.250.74.163
socialplugin.facebook.net	unknown	2022-07-19T22:27:01Z	2023-03-25T05:11:17Z	532 B	1.4 kB	157.240.205.1
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	65 kB	34.120.237.76
smtpjs.com	309535	2016-02-01T17:59:05Z	2023-03-25T09:44:26Z	360 B	1.2 kB	109.169.71.112
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	385 B	39 kB	142.250.74.168
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-26T05:18:47Z	1.0 kB	2.4 kB	192.229.221.95
mc.us1.list-manage.com	59869	2014-12-07T19:18:49Z	2023-03-26T08:17:55Z	963 B	9.8 kB	104.110.24.122
mcusercontent.com	5578	2019-08-21T20:46:24Z	2023-03-26T10:23:10Z	451 B	14 kB	34.96.122.219

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-21	medium	mutuelleawoundjo.com/postnewl/pomo1.zip	Phishing
2023-03-21	medium	mutuelleawoundjo.com/js/app.e7213973.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/bootstrap.min.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/jquery.nav.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/wow.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/plugins.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/js/custom.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/js/chunk-vendors.30130055.js	Phishing
2023-03-21	medium	mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	mutuelleawoundjo.com/postnewl/pomo1.zip	184 B	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/postnewl/pomo1.zip IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:14 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 1b996e1dcf3f964b28e0f2222e5c6423 3016272258a989f2786d28ba3719030878721f0c f0ba05e26c48ad08c801f05e3836f89a112976f526e1b7f9610ee84ed7403e03 Loading...

	mutuelleawoundjo.com/js/app.e7213973.js	36 kB	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/js/app.e7213973.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:14 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 20afb423e79ae2baf78c6e25919cd1c0 f577755fbd403d36ce905341c844d1f0d0e64206 c5eb15f8e25ebee99da31631176cb46245cffb2e58921941fa37bfa3204faf8d Loading...

	smtpjs.com/v3/smtp.js	868 B	2023-03-07	2024-04-18
Pretty URL smtpjs.com/v3/smtp.js IP 109.169.71.112 ASN #20860 Iomart Cloud Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:38 Last Seen2024-04-18 08:20:29 Times Seen2403 Hash 73572da03234fa6d561c64b59c152230 5de5efc900b7eaf2b93b02f7c4c260fa938ef983 1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776 Loading...

	mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js	2.4 kB	2023-03-07	2024-04-05
Pretty URL mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:38 Last Seen2024-04-05 06:21:35 Times Seen50 Hash 3b0ec5c1f800153903d0d0119e299be7 77a99ba69b39b9a9b722463bd6cf25d41b28e1f9 0abdb17438d8f505f2be56e3e0454906b7d5e62720fb82100e615d2b9ab125aa Loading...

	mutuelleawoundjo.com/assets/js/custom.js	3.7 kB	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/assets/js/custom.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:14 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 5ed6637b8a7c88cb229c46ff9b06bac7 5b216b7250125152f720e500f5bd151effcdeb99 1356dbf32388642d3de9fc1a41eb36eb7b3c62ccaf68659585e1f98eb22ce13d Loading...

	chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js	3.9 kB	2023-03-08	2023-03-26
Pretty URL chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js IP 96.6.17.210 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:14 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 58baea52eec25dc489c1c9cc50788276 943310b9e23b97e87d370f117aa34579e30d277e 5f187aa7c5de4e7b47c274c9cabe254b63b49a054fe4c0e6326c9a7d44b36628 Loading...

	downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js	222 kB	2023-03-09	2023-05-05
Pretty URL downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js IP 54.230.111.124 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:55:07 Last Seen2023-05-05 18:15:45 Times Seen482 Hash 3281ba63652083b7a938a78b62fe19d4 024aa7bed69a65808312ee82f37b2bacfba0968f 8b6b9460628f90ea3198218e3960a034c3078088dd324864708c48c5810e1b28 Loading...

	mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0	13 kB	2023-03-11	2023-03-26
Pretty URL mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 IP 104.110.24.122 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:59:18 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 9be754afb07ad425f910cf8958e0df92 24de40ac578ba1b837f04b4b68240b01586f2afb d3d064610f768f044f56413da707ec12ee751b1ff6eeab3846ab685763c75df4 Loading...

	downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js	104 kB	2023-03-08	2023-05-05
Pretty URL downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js IP 54.230.111.124 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:40:08 Last Seen2023-05-05 18:15:45 Times Seen531 Hash d3149280c831cbf6538770c71a916f43 e72b88e8691c7fde33671cd95670f5378a7877ce b0755de9edee41abdef304a877ee3174f92c3429feaf7c06437822970addbb4f Loading...

	mutuelleawoundjo.com/postnewl/pomo1.zip	361 B	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/postnewl/pomo1.zip IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:13 Last Seen2023-03-26 12:46:59 Times Seen2 Hash cf7bf1316cfa394c04c99bd6c66b4b8c 45dc5d0fadbc7b733f08b0c597025b58ef213996 6d37bf0507652ae9d319d8bfbc12cf98e9b35f4602e1f6958fb3720a16c79e2f Loading...

	mutuelleawoundjo.com/postnewl/pomo1.zip	496 B	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/postnewl/pomo1.zip IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:13 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 5a542e2bfc2bb255a043fdb8e18340e8 232f41e3977f38aa6af5f59c8c9403e36f008117 9182fae5554bee9ba8572ded3220f6ea9bf8907bbfc774feafda98d8ad867eb8 Loading...

	unpkg.com/sweetalert/dist/sweetalert.min.js	41 kB	2023-03-07	2024-04-18
Pretty URL unpkg.com/sweetalert/dist/sweetalert.min.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-04-18 10:02:19 Times Seen7286 Hash f3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b Loading...

	mutuelleawoundjo.com/assets/js/jquery.nav.js	5.4 kB	2023-03-07	2024-04-05
Pretty URL mutuelleawoundjo.com/assets/js/jquery.nav.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:38 Last Seen2024-04-05 06:21:34 Times Seen7 Hash 4ce4d9253bf3d329e78454d4151cce43 996cab5c1a41b1e8a4214c5130433881cdca613f 4bd371f02095ff7e92a869a2a059dbf8f6753109186127968ae97565eecc7c0b Loading...

	mutuelleawoundjo.com/js/chunk-vendors.30130055.js	209 kB	2023-03-17	2023-03-26
Pretty URL mutuelleawoundjo.com/js/chunk-vendors.30130055.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:34:38 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 8cdc6583601a87807a7ec523f67cbc29 78a4e6b2e6640fff1a0f866f28a02f7db9b2f656 5f78b39f7ba7ba9c322ed525b4e2ae1093fb6458bd128c67a9c437e8be89af03 Loading...

	mutuelleawoundjo.com/postnewl/pomo1.zip	565 B	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/postnewl/pomo1.zip IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:14 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 260c9ba5c4e5bcc8333fde5714044578 0cfa08de06a9c6d21d29388409dbdda778ad41c9 649812b646095d08c33275ec56efbaaab08c56e1b4e12b0e9ebf6da362cc9b60 Loading...

	mutuelleawoundjo.com/assets/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-19
Pretty URL mutuelleawoundjo.com/assets/js/bootstrap.min.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 11:34:09 Times Seen241177 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-04-19 05:52:24 Times Seen167405 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK	99 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:46:59 Last Seen2023-03-26 12:46:59 Times Seen1 Hash 3cda56124ce7b3b8e45ae1d5cb1b97c8 612da855d4e9cedbc3e5083de1fec79a69256ec6 7182c41c57c4ae6b80142224a2987cb5eb41ffef1257a88beee68eeca7df53a3 Loading...

	mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js	21 kB	2023-03-07	2024-04-05
Pretty URL mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-05 06:21:35 Times Seen831 Hash 2a312e84654f5ca6ca9e9953b53b4e40 293e9147d77a2a45a09cd2e541f3258d38824313 8d806251606bc9565f1b81a83bc9aa04cb3ad88fcb2c53cd48cb0b57d1ffcd6e Loading...

	mutuelleawoundjo.com/assets/js/wow.js	16 kB	2023-03-07	2023-12-03
Pretty URL mutuelleawoundjo.com/assets/js/wow.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:38 Last Seen2023-12-03 09:46:06 Times Seen14 Hash 3574db6372ddc023aee8aaea7024440d e75df150d25ea7117b2ffdc8d3e596ae8f97d1f5 cc42205519175eb8b2e2bc450bf33719b88e523e2108965f03cc1af989b55715 Loading...

	mutuelleawoundjo.com/assets/js/plugins.js	1.8 kB	2023-03-07	2023-11-27
Pretty URL mutuelleawoundjo.com/assets/js/plugins.js IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:38 Last Seen2023-11-27 13:37:10 Times Seen8 Hash 54e1505ec3c21934c85aaed64f5a1b39 26f9c510c4894b2697d154aca94f6be80cd57e51 ee591c5d1d90c7c9dd4e26e8c4ebe2c89cc6e778a246659791ca2d79ee43efc8 Loading...

	mutuelleawoundjo.com/postnewl/pomo1.zip	247 B	2023-03-08	2023-03-26
Pretty URL mutuelleawoundjo.com/postnewl/pomo1.zip IP 91.234.194.177 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:56:14 Last Seen2023-03-26 12:46:59 Times Seen2 Hash 53ea7bca2dc8777e1336294cbce6f50c b8fdfea308412a319a807489bd23c674123409ad 1bb9ecfc35e6773cd90d1822e7277161d97a7647098a0392cae08ca9e35216c3 Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-26	2023-03-29
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:49:43 Last Seen2023-03-29 21:45:24 Times Seen2372 Hash b3d7d1fd0029796048820b8f515d1d4f 242f2ec5485fb5048e53a87fd37b2e6eafb664b6 0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec Loading...

	connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js	323 kB	2023-03-26	2023-03-26
Pretty URL connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:47:00 Last Seen2023-03-26 12:47:00 Times Seen1 Hash 730e421aee17a1e2b60a9b771923c82a de41ebed184175ba86c6dc0f4e77b5f2616e681a 0d9962423fe38bfdfd7a2d2fedb48e6bd21f036c8d9e30818b8e2ec8a9ba0f3e Loading...

	connect.facebook.net/signals/config/994727554532904?v=2.9.99&r=stable	388 kB	2023-03-13	2023-03-26
Pretty URL connect.facebook.net/signals/config/994727554532904?v=2.9.99&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:20:57 Last Seen2023-03-26 12:47:00 Times Seen2 Hash 910ca68d00204346a2d11c2a2cce50d6 0976dc1d6196277366225bfdce63f20ceaceee5b 9f254df07f624893c04c761743952097f0caeeed764ef2cd3dc8d354d0680fd6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 996bc9da85e4bfe72b59138c9d8fd906	158 B	2023-03-07	2023-05-05
Pretty Observations First Seen2023-03-07 01:10:49 Last Seen2023-05-05 18:15:45 Times Seen392 Hash 996bc9da85e4bfe72b59138c9d8fd906 b2db98e22b035fcb8fda176b2e2ef4b341e8fdbc d1167e3b70947916f421c7e95057bdf8910f7ba485e3716107c9fa1cf6403437 Loading...

HTTP Transactions (70)

URL IP Response Size

mutuelleawoundjo.com/postnewl/pomo1.zip

91.234.194.177

200 OK

2.0 kB

URL HTTP/1.1
mutuelleawoundjo.com/postnewl/pomo1.zip
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Size
2.0 kB (1993 bytes)
Hash
e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /postnewl/pomo1.zip HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 6f42a7bcbe4aaba1fa7d42ea47f11853
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 6f42a7bcbe4aaba1fa7d42ea47f11853
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8124
Expires: Tue, 21 Mar 2023 09:24:05 GMT
Date: Tue, 21 Mar 2023 07:08:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15574
Expires: Tue, 21 Mar 2023 11:28:15 GMT
Date: Tue, 21 Mar 2023 07:08:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 06:27:23 GMT
content-type: application/json
age: 2478
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10420
Expires: Tue, 21 Mar 2023 10:02:22 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: W1Gi1ZhJhQNWsw0JQcq/GPCwx3gu7gsf8G16Vwjv22jwagk0bYWYGOX8N0Ed2Hk2y9iH3U0WEgE=
x-amz-request-id: Q9TW2CQ66E4DY2T5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 06:59:01 GMT
age: 581
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.24.14

200 OK

4.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 990870
expires: Sun, 10 Mar 2024 07:08:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0ezR%2FhL%2BRJypEf06IKV%2BZ0JrqaFA52dTF3vY8K%2F6JlH6gd5lkC6CtwEzsE0TRWDSbL%2BuQ5JaAmKtr5MwA068m9inOfX6pz1H7Jm7RGC%2Bk%2FyOqTQ7cSB6ty8yXprIsYCAshT90WO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab45d7b3f08b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mutuelleawoundjo.com/assets/css/style.css

91.234.194.177

200 OK

7.1 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/css/style.css
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
assembler source, ASCII text
Size
7.1 kB (7100 bytes)
Hash
3b402010e8a147b7a577178db3c69dab
21a9b270777e07b1734b19628a6a3260a7663b43
402b59a2c5ac7c85a9d811940283a9b436426fca18c2e1e209e8b50acea458ae

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 45a79f2b6e0c4fd88d9e8f0d783725e9
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 45a79f2b6e0c4fd88d9e8f0d783725e9
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

mutuelleawoundjo.com/assets/css/style-magnific-popup.css

91.234.194.177

200 OK

2.0 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/css/style-magnific-popup.css
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text
Size
2.0 kB (1957 bytes)
Hash
7b8f05b1183b730e02e928a52cc60331
ff78eb959806180ee70e1b755ce1fceb52e8d987
fbb005c814afcef3efb933f74534fbb1cd519812ba53823c48cc3b69866674f6

HTTP Headers

GET /assets/css/style-magnific-popup.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: decb22b062da5d31ab4eea73a9cc0fc1
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: decb22b062da5d31ab4eea73a9cc0fc1
Content-Encoding: gzip

mutuelleawoundjo.com/assets/css/animate.css

91.234.194.177

200 OK

4.4 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/css/animate.css
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (460)
Size
4.4 kB (4383 bytes)
Hash
4adee009653c309283ce65c4a7f5f10f
0b9bda7dd53af479e12d5010515308ac0478560d
e60768c7a13eef3135b05b4b8c57698a14d4f7fc2457f5a5f1e672b3b4a95dbf

HTTP Headers

GET /assets/css/animate.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 13fc8e9bcb507018c031066d08db4f86
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 13fc8e9bcb507018c031066d08db4f86
Content-Encoding: gzip

mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap

91.234.194.177

200 OK

2.0 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Size
2.0 kB (1993 bytes)
Hash
e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2

HTTP Headers

GET /assets/https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: ec419911dd7ea6cd47ef955abb282510
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: ec419911dd7ea6cd47ef955abb282510
Content-Encoding: gzip

mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap

91.234.194.177

200 OK

2.0 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Size
2.0 kB (1993 bytes)
Hash
e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2

HTTP Headers

GET /assets/https://fonts.googleapis.com/css2?family=Nunito:wght@600;700&display=swap HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 1dde1aee6ef656f311bcceed4041139a
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 1dde1aee6ef656f311bcceed4041139a
Content-Encoding: gzip

mutuelleawoundjo.com/assets/css/all.min.css

91.234.194.177

200 OK

12 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/css/all.min.css
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (53592), with no line terminators
Size
12 kB (11639 bytes)
Hash
16d80f886c053851c432d86bc9af2519
9d3b480c50c9ca97d54ba10f5bf0d78f1b71f8e9
cff4a9e698820b8bac881442c8b5e7fcd386121076a57639ce1fef22e17ed12b

HTTP Headers

GET /assets/css/all.min.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 05c764a5873e2493d4ba4e269775f601
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 05c764a5873e2493d4ba4e269775f601
Content-Encoding: gzip

mutuelleawoundjo.com/assets/css/bootstrap.min.css

91.234.194.177

200 OK

21 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/css/bootstrap.min.css
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (65324)
Size
21 kB (21075 bytes)
Hash
ce578363212522af918556ef95b47122
bebb1286fc11b3f1fdbbe12db425ee9d524eb9b3
ab9610e9cfaa6e58ec43ea67c0646749382f4a39f50dde37e2ecbf64858e9c55

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 2295332447862022f2fe9dbf5435f199
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 2295332447862022f2fe9dbf5435f199
Content-Encoding: gzip

mutuelleawoundjo.com/js/app.e7213973.js

91.234.194.177

200 OK

11 kB

URL HTTP/1.1
mutuelleawoundjo.com/js/app.e7213973.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
Unicode text, UTF-8 text, with very long lines (36219)
Size
11 kB (10599 bytes)
Hash
f5618f8e0a7bd32749b004ffd0319b2b
fba0303294a0380047cf8d77e92bc39d1cc3affe
8a7562c9cc86f6e6201f8b7d78d784653ec9a37f36542a5e7d7953442430a220

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/app.e7213973.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 94792d0372953b702fe419cb2e45c3cc
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 94792d0372953b702fe419cb2e45c3cc
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f24ce366b94406426ed4d11da90eb9b
e0caa66ec2616ab0c3bded00f62dc432b6015d71
09c4a9f610206b142a305cbd30b1f4d41d6cebdbfa21b820663516a5fba7bd63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09C4A9F610206B142A305CBD30B1F4D41D6CEBDBFA21B820663516A5FBA7BD63"
Last-Modified: Tue, 21 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14359
Expires: Tue, 21 Mar 2023 11:08:01 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive

mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js

91.234.194.177

200 OK

1.3 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/jquery.scrollTo-min.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (2269), with CRLF line terminators
Size
1.3 kB (1306 bytes)
Hash
1397396350648dfb825604df63b03f9d
edfd49551f4641779cae86db20a89b07c61c8181
dec1c0a204256be5c7a449cdf1e9315af7562624a3fdd3c4cb2fe8f04e011a29

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.scrollTo-min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 8efbfeb4ef382474082f27f1859f6235
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 8efbfeb4ef382474082f27f1859f6235
Content-Encoding: gzip

mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js

91.234.194.177

200 OK

7.7 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/jquery.magnific-popup.min.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (21014), with CRLF line terminators
Size
7.7 kB (7697 bytes)
Hash
b6c05412e241fce985169737ec2ffa06
93742215a64e9cfb6feac7ce6c88ead7b8c667fb
38f0fe6bf58b2cd41f0f2d53fe5d094bd7e67474f1e1985c3eb931a04ce9bf27

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: ce760bce07899888d194773829120f5b
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: ce760bce07899888d194773829120f5b
Content-Encoding: gzip

mutuelleawoundjo.com/assets/js/bootstrap.min.js

91.234.194.177

200 OK

14 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/bootstrap.min.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (50758)
Size
14 kB (14097 bytes)
Hash
2e8e1f197b42775ab5106fa61de291e3
892b25b208b869fca845a3ef18d85412d4798b0b
0f11883c639fb5dd4ed4000da3bf4836567b3d4259e3fb4ace69bd0aac49539e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/bootstrap.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 36bcb3c2c9d3307c98e5b9e91f9f0921
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 36bcb3c2c9d3307c98e5b9e91f9f0921
Content-Encoding: gzip

smtpjs.com/v3/smtp.js

109.169.71.112

200 OK

871 B

URL HTTP/2
smtpjs.com/v3/smtp.js
IP
109.169.71.112:0
ASN
#20860 Iomart Cloud Services Limited

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (841), with CRLF line terminators
Size
871 B (871 bytes)
Hash
3834e1b9e65ca954b7479464ea1e5118
437df45dbf59c3a3414236f44e3bcd5045bfe314
fc33c6b2c79aafa930e841962ae3c25bf8f56cbc20ec48fc2b0ddd0aa6ee23b6

HTTP Headers

GET /v3/smtp.js HTTP/1.1
Host: smtpjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 10 Nov 2020 17:17:51 GMT
accept-ranges: bytes
etag: "162f436b85b7d61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 21 Mar 2023 07:08:41 GMT
content-length: 871
X-Firefox-Spdy: h2

mutuelleawoundjo.com/assets/js/jquery.nav.js

91.234.194.177

200 OK

1.9 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/jquery.nav.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1850 bytes)
Hash
4e9fe5cce09723a06ea516cd87b93583
691d2b563d0394611e4f6dcd2f720ad71d52d575
3056e91767288aa298f3553545d59381c353ef210a357f293e28cb485d2742e5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery.nav.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 1bf658cd1c2853ab4136838207feeac0
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 1bf658cd1c2853ab4136838207feeac0
Content-Encoding: gzip

mutuelleawoundjo.com/assets/js/wow.js

91.234.194.177

200 OK

3.6 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/wow.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with CRLF line terminators
Size
3.6 kB (3567 bytes)
Hash
f2f3fcc978521c728bcce24108d00b6a
eeae9d90b3330f622dead18d6545dd343fd32770
98bdf547bf0a038bf5183f73864a5e1baa5d36c35ddb791cf6bf734bc54dfe8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/wow.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: f39370130e333b1a49cca28d89336a7f
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: f39370130e333b1a49cca28d89336a7f
Content-Encoding: gzip

mutuelleawoundjo.com/assets/js/plugins.js

91.234.194.177

200 OK

987 B

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/plugins.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (1276), with CRLF line terminators
Size
987 B (987 bytes)
Hash
7d5f08c8f499b062d7c7a0796e85ed19
0b2b955198d2b689f0571d21f2255ebb95e84b2a
62f9392d09a010d5f5f19a43c2b0731548887e939d0b3ce8e7214d0b4b20a976

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/plugins.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: de591d81e60e836bed63a32231a03c22
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: de591d81e60e836bed63a32231a03c22
Content-Encoding: gzip

mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js

91.234.194.177

200 OK

30 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/jquery-3.3.1.min.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
30 kB (30358 bytes)
Hash
1c53d96a3a3e7377e973c0e8cc182244
e9a4d706126070ef863f9e4befa3bb30443049de
5a94334fb849fa2575f1b5f02253d2a87eadd56c30f1876113e372f41eddf307

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/jquery-3.3.1.min.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: f3972e5a262ef67b2baf9271934d403b
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: f3972e5a262ef67b2baf9271934d403b
Content-Encoding: gzip

mutuelleawoundjo.com/assets/js/custom.js

91.234.194.177

200 OK

903 B

URL HTTP/1.1
mutuelleawoundjo.com/assets/js/custom.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
ASCII text, with CRLF line terminators
Size
903 B (903 bytes)
Hash
16239eb2e834756028376cc33f68da56
54047e192d55f6846af0d1aeec35b68a242eb038
cc3c055d71a9005b5bf0738ab99edb0aae4000fa2fa7d4254d97dc9f7a8190c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/custom.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 619159a9fa30178251fa8525ead6ae80
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 619159a9fa30178251fa8525ead6ae80
Content-Encoding: gzip

mutuelleawoundjo.com/js/chunk-vendors.30130055.js

91.234.194.177

200 OK

68 kB

URL HTTP/1.1
mutuelleawoundjo.com/js/chunk-vendors.30130055.js
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
68 kB (68290 bytes)
Hash
46c36c68605a61746e49276bdf8b39ba
e6aecf70e39aa711c537056c723994cde1ad5d8a
6bd878feeebced785e31e718f0594b04dbf9559e08a8c03b9d32b01becb53f1b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/chunk-vendors.30130055.js HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 206086f986858642c88f477ed6d25439
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 206086f986858642c88f477ed6d25439
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mutuelleawoundjo.com/postnewl/assets/images/logo-awoundjo-5.png

91.234.194.177

200 OK

2.0 kB

URL HTTP/1.1
mutuelleawoundjo.com/postnewl/assets/images/logo-awoundjo-5.png
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1485)
Size
2.0 kB (1993 bytes)
Hash
e1c88db6e807420109593b8e417240a8
d735e823bd8d132e7b373d64292c8c4c992efb17
c1fec752b88eaf0b20215c14eb7d1ad2b4069a9e6fe799f09686be1a5458e2c2

HTTP Headers

GET /postnewl/assets/images/logo-awoundjo-5.png HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: ada9c1cccb6baf2b7d3ceec75d1d9b49
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding, Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: ada9c1cccb6baf2b7d3ceec75d1d9b49
Content-Encoding: gzip

www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK

142.250.74.168

200 OK

39 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PJVDLCK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
39 kB (38742 bytes)
Hash
53fc885d393a909d58d2f3d067f2268b
78b5b7d30330f9867bcf3491205e536ddff329f1
6a1434b4e7bf22a44646435aa34b12ac6989144f82ee194d11a0130047317c19

HTTP Headers

GET /gtm.js?id=GTM-PJVDLCK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 07:08:42 GMT
expires: Tue, 21 Mar 2023 07:08:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 21 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 06:14:33 GMT
age: 3249
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2

91.234.194.177

200 OK

74 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/webfonts/fa-brands-400.woff2
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
Web Open Font Format (Version 2), TrueType, length 74288, version 1.0\012- data
Size
74 kB (74288 bytes)
Hash
eac60e8a656781e13d2a674b4d9051c0
0039be9d8a99d1e5cf200ca3e08757692020460e
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/assets/css/all.min.css

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: font/woff2
Content-Length: 74288
Connection: keep-alive
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 1e53d86965dcdeab8c2dc858540cde0b
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Vary: Accept-Encoding
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
Accept-Ranges: bytes
fc-cache-status: MISS
X-Request-Id: 1e53d86965dcdeab8c2dc858540cde0b

chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js

96.6.17.210

200 OK

1.2 kB

URL HTTP/1.1
chimpstatic.com/mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js
IP
96.6.17.210:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
1.2 kB (1220 bytes)
Hash
17307ebdbe19457b8cdeb139a6915b45
e362d5e19cc43f451edf7e28a07ec58bed872bf8
03152d3468d04ea7362d145d1d27f8252fec8c1850282a12c436d236b786d0b9

HTTP Headers

GET /mcjs-connected/js/users/218ead6214192ba52c138d8ee/1c4fc752b7130b9c158f1382b.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 2N8UORbDyR3Vy7YCyJMZoh8JU8WyCmiiXAzuW56BtxGpkLBbpiBKQkyvXhwvUoKz0woYeDDPlD0=
x-amz-request-id: TY16FM4VNF4QA6YK
Last-Modified: Thu, 04 Mar 2021 11:53:42 GMT
ETag: "58baea52eec25dc489c1c9cc50788276"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 0, 0, 6, 8
X-EdgeConnect-Origin-MEX-Latency: 107, 109, 107, 107
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Tue, 21 Mar 2023 07:38:42 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Length: 1220
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5ddc43c921b886daaaac1b000d49519
e7b7e43165fc80b8f515f5da61e6592d7b30190a
5f4f21601eb9e942f7dd1328092f992d1229009fbd336cf1c4301f28c31bc3bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F4F21601EB9E942F7DD1328092F992D1229009FBD336CF1C4301F28C31BC3BF"
Last-Modified: Mon, 20 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9923
Expires: Tue, 21 Mar 2023 09:54:05 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9138
Expires: Tue, 21 Mar 2023 09:41:00 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive

downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js

54.230.111.124

200 OK

72 kB

URL HTTP/1.1
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65526)
Size
72 kB (71601 bytes)
Hash
7388e71ed6d7773bb6ca05ffae97ae59
b5887c2704ddaf34407dee0f13ed8f7ea8469a76
87a233e2c1a82d28f7926dd53d8b7fdac4a1e90c8f2d26b1c5fadf62bfb4d330

HTTP Headers

GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 18:27:57 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 14:28:43 GMT
ETag: W/"3281ba63652083b7a938a78b62fe19d4"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zRbhiE0tjwXm6KYNCpPsWCGBVObPkMpZ8AFH_pVFlzYy-PIXh2rbYQ==
Age: 60001
Vary: Accept-Encoding, Origin

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=112582
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:25:04 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471

mutuelleawoundjo.com/assets/images/icone.png

91.234.194.177

200 OK

39 kB

URL HTTP/1.1
mutuelleawoundjo.com/assets/images/icone.png
IP
91.234.194.177:0
ASN
#16347 ADISTA SAS

File type
PNG image data, 264 x 268, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (39206 bytes)
Hash
eda9707ac00d9ff2a03b6793614419c6
77e912009ceda1323d968c46e1db63e2c5b36c2c
58dced7600085179a6186295ec0c1086cd6210d1ba3689cb3d1fa9ee0067c4c7

HTTP Headers

GET /assets/images/icone.png HTTP/1.1
Host: mutuelleawoundjo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/postnewl/pomo1.zip

HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
server: fastestcache
fc-cache-engine: varnish
fc-request-id: 2a2c8264c2fac3b9030cc72e625ccd22
Last-Modified: Wed, 14 Sep 2022 12:15:34 GMT
Age: 0
Via: 1.1 web42.lws-hosting.com (Varnish/7.2)
fc-cache-status: MISS
X-Request-Id: 2a2c8264c2fac3b9030cc72e625ccd22
Content-Encoding: gzip

api.countapi.xyz/hit/mutuelleawoundjo/key

161.35.138.20

200 OK

15 B

URL HTTP/1.1
api.countapi.xyz/hit/mutuelleawoundjo/key
IP
161.35.138.20:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
d0930d353385a77f2a59d06a319fcb78
c294204f110f0ab05a05d8787c5ed49f692e9055
3597cfa9963ea7d257a2ba3d0d2e377daeb5c33bca5bda5e30cb7085918ebf2a

HTTP Headers

GET /hit/mutuelleawoundjo/key HTTP/1.1
Host: api.countapi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mutuelleawoundjo.com
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 21 Mar 2023 07:08:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 15
Connection: keep-alive
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-Worker: 0
X-Version: unknown
X-Path: mutuelleawoundjo/key

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=112582
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:25:04 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27907 bytes)
Hash
e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: guXLG9EG/JG8RD5G9GDOYph5quVvacb3GXqYMqFpuXUZA57I6daitBkVaGo7eR8iQ3IvwdbDVQmwO/VFu892AA==
content-length: 27907
x-fb-trip-id: 1904183273
date: Tue, 21 Mar 2023 07:08:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js

31.13.72.12

200 OK

91 kB

URL HTTP/2
connect.facebook.net/fr_FR/sdk/xfbml.customerchat.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18743)
Size
91 kB (91082 bytes)
Hash
0e42aa302c3c1edc64e308b92a35e467
91f176f3a3aac2ddf6e3d97d55b77b009d83a0c2
48731dc72605585f27cd687cf34a9ea489710297f00385250358ff0441d6b260

HTTP Headers

GET /fr_FR/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 730e421aee17a1e2b60a9b771923c82a
etag: "266c8f727a5f2d5d10659f4062b60028"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Mar 2023 07:16:38 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: DkKqMCw8Htxk4wi5KjXkZw==
x-fb-debug: MhpC1zhm33ZLjLpITz4busTS+TwaGTn3y6NPq9h+deEqZX80S/LQB3m3e9nXGcWFr166jJgzbaaZTYkXNMof/w==
content-length: 91082
x-fb-trip-id: 1904183273
date: Tue, 21 Mar 2023 07:08:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6110
Cache-Control: max-age=112582
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:42 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 14:25:04 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F7A7)
X-Cache: HIT
Content-Length: 471

mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0

104.110.24.122

307 Temporary Redirect

0 B

URL HTTP/1.1
mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
IP
104.110.24.122:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us1.list-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 307 Temporary Redirect
Server: AkamaiGHost
Content-Length: 0
Location: https://mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
Cache-Control: max-age=0
Expires: Tue, 21 Mar 2023 07:08:42 GMT
Date: Tue, 21 Mar 2023 07:08:42 GMT
Connection: keep-alive
Set-Cookie: _abck=4ACF95E38A4FA915A759021146BA544F~-1~YAAQrU0kF2IHl+SGAQAAdaz/AgmLLQMCgta6+NB81d03772pKqa7pz15Yn1WL82jUwBXm1TWhk8/2zdlFhN50PUK9nVsDhpwDI8m3dz/YDH1D+P76attD+n2BZkh0o6pvsuedKoH1ukSsJfCGwlhWCqCvm3YZJnnEg41YVeYNaOrW60Wn5VYufcdLyWFzKSmB2TlWEteMV7yIXYXR9XY5TA+yOkQd4OFeAa4NGZy5PaG83fNyT09+hKw8VC8Ge6wMwi7wNB5rtlu8fiyN+fHGP0ovTcr5K7CHIoUPGkjnLTG+9Nw71PYA6Iz9bKLS8ZYP5Qy5fa3z4tc3uTPMGzvdM44f5fHLQohx0b6as4=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Wed, 20 Mar 2024 07:08:42 GMT; Max-Age=31536000; SameSite=None; Secure
bm_sz=A099FB88A23A56C42886FC67744EDA25~YAAQrU0kF2MHl+SGAQAAdaz/AhPzL+l3tKULeM0RL4la1q2JJXbBwqHVE9qY+64hFkXBlDvLIqYlLWLC2A5Mq3TpSXJUQLxD04EKO+ZDVCcrvGWxIC/ahfq2FoV2OuYBXKG+uX4y3vgmE6XLON0xB42WH94rZ4ZlMFjRZufXFFTAvXp+obB/eFhosOeG8FOdzXqmcxnGzDtpqHVOUe5blPtNyztWLL0kigdwwPIULUIv4F/3qbtn34Z4h+3KXB8wyUKW+DXby6w84D0E5fbcGGn0j/+FhJimJKI+FDYLx0VE+HeeFZTRJQ==~3425081~3622469; Domain=.list-manage.com; Path=/; Expires=Tue, 21 Mar 2023 11:08:42 GMT; Max-Age=14400; SameSite=None; Secure

push.services.mozilla.com/

35.83.98.99

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.98.99:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2yyCfd/punjE0LZSzvhc0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K1lJFW383OeqhvOwlY7f1GdXF7g=

mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0

104.110.24.122

200 OK

6.1 kB

URL HTTP/2
mc.us1.list-manage.com/subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0
IP
104.110.24.122:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (12624), with no line terminators
Size
6.1 kB (6103 bytes)
Hash
ef12dd2ffb74ce0bd87a9f4874b3f68e
43f4749b3c64cae4cd724cc32a55f9b78a8b9927
7bb5c19adfcc9250fb66306f1b91f567cc2f63e5738e63f0c5923c4500daa201

HTTP Headers

GET /subscribe/form-settings?u=218ead6214192ba52c138d8ee&id=0ea18e33f5&u=218ead6214192ba52c138d8ee&id=0ea18e33f5&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us1.list-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mutuelleawoundjo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
content-type: application/json; charset=utf-8
content-length: 6103
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 164
cache-control: max-age=300
expires: Tue, 21 Mar 2023 07:13:43 GMT
date: Tue, 21 Mar 2023 07:08:43 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.735c8c0d68f28aaad7af0b6b2b8b4d2d.cd8cd5d72c95633802b32612179fe6fea9689cb744141435628a14d6fc14278a; expires=Wed, 20-Mar-2024 07:08:43 GMT; Max-Age=31536000; path=/
_mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_abck=A03301E1AD3CAD04691EBC573E9D3F25~-1~YAAQrU0kF2YHl+SGAQAAUK3/Agn62F7TuVCzuwt0npc7Faatqzj+mRkhpsYR+8Hdnz+oglgjQ4lJarr56fA9hPWmMENEmSyLhSA/Dz5obHB2zajgM8rS6vNP6Fw3+dFjhJU7QhuRltqBdrM/snoLu9YFsibQ+IW0ABgp1iDqdKa530CllO8CXnTU7unodgzzXOksK4c7VHuVLc2IYQzY7mUgCNEVgTbep/i4LcUQdoaNIIXv/xr1E2hhR5hTyYRG6AvvtJWI+JCnGG3afkaBZX6WupoRJ1u1GbTuB36mhCwSnCuPs8DCQYFOoOcN09FcdOBbYN3s0oW3dkJZS6/mt6vgpjk3+0JlejHRNCJWSI+m8SGTJEM7Ht7uyefNLabrCTE=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Wed, 20 Mar 2024 07:08:43 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=B6F4D8076363E9196DD7EAAA906EC4A4~000000000000000000000000000000~YAAQrU0kF2cHl+SGAQAAUK3/AhOCAmrJa7aifm9E7tCxzmjSQVZB6XOHs1NW3bvIwCDSVZbXKrMe+veZM1paBmRPx17TEmCxmi/SCW/fHCnAhig9PyerRmWThcliU6jtxpH9y6ZmQtSn0iWRB0MHqxd7mZ5jXVGj4Scr7c3PiZZAgZudNfHIhfpC0WDIblh/F92RA6KWTqn7rq8KqoiYGCTDMlHXj6nYVHaQ4mgg30P8BQIdjPWjHExt+8rzbzuABV0zqmIUb8ToglGhzkPyQmcMTHIV593zs9yu34+UcKxLXspkmnqQynh/fHUgiSCB02CirE+1shR6YHYFEsC26XGj3CNlMpGUCCf7O9ZqV6/TRg7UiyGJB1VmmIwy2dFttl2sh/4hYbIm/WKz/wGoQUVA; Domain=.us1.list-manage.com; Path=/; Expires=Tue, 21 Mar 2023 09:08:43 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly
bm_sz=F9E88403A272B3B0AC1FF558AFF64BDE~YAAQrU0kF2gHl+SGAQAAUK3/AhO7NTCi93IlpVZM8wWymbwGgSXfA02u7mzOrNIdgU9bd3uNlsEIw/bAGqdcehND/tWdXxvGU4p0WC/qzEeb2h5Fv0LDWeLDkor9nW7pK6Ih502WqtGJFzVfcFyNGAcgGej/+xEaxWsesX1wEP24OIMDqYT1kgZhUCzs4E5uNqgGMScbkq53ob3iUhjZf0tC+w2MUsAEJ3MROQibjliMalJGrUn4OlieMUpDsPJcAavOtqsvPPgDOCsB36Q/MNn5T+KfC4PExIDtTdxzk8oYFKN8i3nikw==~4405553~3425602; Domain=.list-manage.com; Path=/; Expires=Tue, 21 Mar 2023 11:08:43 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2

downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js

54.230.111.124

200 OK

31 kB

URL HTTP/1.1
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65526)
Size
31 kB (31155 bytes)
Hash
618efb31ded37bd3f9e98835c73b22ae
7c34c19b6769e591082d2a7b2b32dbaaeaa6899d
4e9b97a2857f15449a20224d7bb7cdbe16e4407e9aad0c26c36c3f30686e7a9e

HTTP Headers

GET /js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 20 Mar 2023 15:21:56 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"d3149280c831cbf6538770c71a916f43"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 53GzfobXBHeJvxTl70kdBNWbIhAda6JwHfDHHvSuw0OvUl9FsBHZ8Q==
Age: 56808
Vary: Accept-Encoding, Origin

downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css

54.230.111.124

200 OK

2.6 kB

URL HTTP/1.1
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
2.6 kB (2603 bytes)
Hash
5e4789e49ab7f14e47d25f6d47c3d2ac
2365e3104a719fb8b01dc4f0e24b727002374585
32fc8a30611eebc0b9e794adc8a0b505b61c4ad088d3fae7459657a6716ffc72

HTTP Headers

GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 21 Mar 2023 00:26:55 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8JPTVYO2FSSwyi-azLuk6SU_wZZ1geSku4nOfKybuwFrnk8LOGcUvw==
Age: 24109
Vary: Accept-Encoding, Origin

downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css

54.230.111.124

200 OK

449 B

URL HTTP/1.1
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
449 B (449 bytes)
Hash
151695bb43f43a675b7f61b4e437d823
41c02e03522c9bc08a68e51374d508ac4ebd1982
ab525283d897b4c7624799f01ff2b70d88a9988ae1d3ba564b6aefd51fada34d

HTTP Headers

GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 20:21:56 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: myBs6KZdqVogCTpjYlPxKqRTCvqL5zAzCwlh4rvqcY0QgnMI6oWCVg==
Age: 56808
Vary: Accept-Encoding, Origin

downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css

54.230.111.124

200 OK

460 B

URL HTTP/1.1
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
460 B (460 bytes)
Hash
633c2f860627c0a8e753366c8cd0865e
e2cff56f5dca706222c9a9ad635d45182fae26a7
2d8e9d6c61910f38ca95a5d4c653f047e0f121cf1375ce95bfd70dc34c7b43f6

HTTP Headers

GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 16:26:24 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: b-q99rH5_Rd3uQxIktSGUwG0bz0TEBGjBlDtdF-RNweYitR__demGg==
Age: 52945
Vary: Accept-Encoding, Origin

downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css

54.230.111.124

200 OK

945 B

URL HTTP/1.1
downloads.mailchimp.com/css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
945 B (945 bytes)
Hash
cff4710f863e85980b11cdc1a67e45e5
272b6b68af6d70bd7e1b69b251ac5821cf3daa25
8a3b8e717762c3e251de403a2f6b06da68e2fce957e10474b0a75c1f610799c3

HTTP Headers

GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 20 Mar 2023 16:56:07 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A4McTLaTZRiDWDfjqcNTOpFIJQeqmT3oSK1vO4vc_ct0eAVG8nM8vg==
Age: 51157
Vary: Accept-Encoding, Origin

ocsp.pki.goog/s/gts1d4/pwC35NHlTQI

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/pwC35NHlTQI
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cef9a8d48dfa97d331f55cf1ead8a6c5
000e90eb878a681d45c506d3a9e2dcc109c9b5b9
8308c711af568957617d886276f2c1ae13f6868b13b3a24bcf992a467618f78c

HTTP Headers

POST /s/gts1d4/pwC35NHlTQI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg

54.230.111.124

200 OK

2.9 kB

URL HTTP/1.1
downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
IP
54.230.111.124:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
2.9 kB (2879 bytes)
Hash
8ccb03508055e57adb4cccc5f0d12922
e1eb2628d634cd2bd35d2801988569188a3874de
df434c9b18358d341df42cf1ed468fca285fd39089b9e4c0b6a6fae49a298046

HTTP Headers

GET /images/signup-forms/popup/textBadge.svg HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://downloads.mailchimp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 20 Mar 2023 23:43:08 GMT
Last-Modified: Fri, 20 Jan 2023 18:27:58 GMT
ETag: W/"08dce9f767c64a8247f61eb5897a5a7f"
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gEy7FRgThz5y_TLF_tyXBvcdANolIxCvMuTofDUyAR2bjiqM3jxy0A==
Age: 26736
Vary: Accept-Encoding, Origin

mcusercontent.com/218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg

34.96.122.219

200 OK

14 kB

URL HTTP/2
mcusercontent.com/218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg
IP
34.96.122.219:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 403x386, components 3\012- data
Size
14 kB (13547 bytes)
Hash
0f1cf5d4478ee14cc64897c68bd94d92
270ca9cc00645ee007cf85ba67fb47808a81606d
5b34413ac0f98689c908346e61e426e6ad3ee010c967639716d8496d80177d3c

HTTP Headers

GET /218ead6214192ba52c138d8ee/images/8318d012-126f-4108-9e17-8996a0f0d709.jpg HTTP/1.1
Host: mcusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvPo0zTSkp2eOvpKze3jMVMdgaWZt5aC_Jr01Xz9K_9RpvGFJrzRe93GPO7KMkjU5JqqSbn8Oe72hF_IXOGO7xvrJgEeOjQ
expires: Tue, 21 Mar 2023 08:08:43 GMT
date: Tue, 21 Mar 2023 07:08:43 GMT
cache-control: public, max-age=3600
last-modified: Fri, 19 Feb 2021 09:47:44 GMT
etag: "0f1cf5d4478ee14cc64897c68bd94d92"
x-goog-generation: 1613728064711770
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13547
content-type: image/jpeg
x-goog-hash: crc32c=CmQyAQ==, md5=Dxz11EeO4UzGSJfGi9lNkg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 13547
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/pwC35NHlTQI

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/pwC35NHlTQI
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cef9a8d48dfa97d331f55cf1ead8a6c5
000e90eb878a681d45c506d3a9e2dcc109c9b5b9
8308c711af568957617d886276f2c1ae13f6868b13b3a24bcf992a467618f78c

HTTP Headers

POST /s/gts1d4/pwC35NHlTQI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:08:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9197
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 07:08:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
07b787370d844cd515ddd9fa2f18dd2f
05af207b7d57654a46bcbaa335b05b05cdc03d48
37064c2c7234ff6172959969ba6d56decc8e8900c9a8f7ef177db7198144a7ae

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: dabbce3d-fb36-404d-8b37-3bafed979062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFFfBIAMFdMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-5cdf621e6196e46f7a1e849c;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Anx47g-q0flhxg1Cl9SwKS3vGlWvQb_0TE74szKGGTiB6oY-QFsDPA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:02:19 GMT
age: 32785
etag: "05af207b7d57654a46bcbaa335b05b05cdc03d48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8195 bytes)
Hash
2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 31523
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10855 bytes)
Hash
f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gnFLBOJmRcgsHzy_KXjzE6LwwN4CSqz99pIhYMBx8xrHa8UO6O0kJA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:30:20 GMT
age: 85104
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9160 bytes)
Hash
83b411d866428669d03b1976161389e7
7ea69307d21876d48217e4845204c7cc84db101e
461a26b9fcda639f3935a9355cbe12f49a17e4eb754281fa9468317ec40eccce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9160
x-amzn-requestid: 8f8a7d81-ac5e-4992-a0cf-95b3c9791bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEW3qFRnIAMFZBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641804fd-64acec7844b88457144b35ce;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:02:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nXc8T4YB4Rfq6CIt6rCUV94uQ61TMPabrrHpBOX74N0wFhlk0BNRjA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:44:58 GMT
etag: "7ea69307d21876d48217e4845204c7cc84db101e"
content-type: image/jpeg
age: 84226
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11336 bytes)
Hash
e538277f72ecedd22d24c1012250fa9e
4bd955ea3790a6926486e3d56f51c712c56997d7
5f4d374598cfb1a78e7016ec3a0b563e61e7481be202c34b10c9fdfbfc7b638e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 3aaca817-ebbc-449f-806c-d5a2a7559335
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFEmFIAMFqhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-435381723c24efc66eed6b4b;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ucKJdzsuQMhDuZHuaBcW8q8tDkm1tepcMkqRtTRUuzF-7CIuhAR2MQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:27:44 GMT
age: 31260
etag: "4bd955ea3790a6926486e3d56f51c712c56997d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8599 bytes)
Hash
0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Ny4CqRzNVdxjmFQCGaiGS8QzYENhsLMUaOjm-GcmQk-mdUJirBCi8g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:02:12 GMT
age: 32792
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1679382527042&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679382527041.211782459&it=1679382525270&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1679382527042&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679382527041.211782459&it=1679382525270&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=994727554532904&ev=PageView&dl=http%3A%2F%2Fmutuelleawoundjo.com%2Fpostnewl%2Fpomo1.zip&rl=&if=false&ts=1679382527042&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679382527041.211782459&it=1679382525270&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 21 Mar 2023 07:08:44 GMT
X-Firefox-Spdy: h2

socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1

157.240.205.1

200 OK

0 B

URL HTTP/2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1
IP
157.240.205.1:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /new_domain_gating/?endpoint=customerchat&page_id=592079101153316&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://mutuelleawoundjo.com
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: http://mutuelleawoundjo.com
x-fb-debug: AImuVYfCOY3Jhqaq34ZagAlU5qh51iTkVwFa/BypXNzC/YliaWnkGxaOVzRulw13gjeplleFRHqC5DF8Zy+A3g==
date: Tue, 21 Mar 2023 07:08:44 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/sweetalert/dist/sweetalert.min.js

104.16.122.175

302 Found

0 B

URL HTTP/2
unpkg.com/sweetalert/dist/sweetalert.min.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mutuelleawoundjo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /sweetalert@2.1.2/dist/sweetalert.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GW1FRMVP47TMQ0TD3BZBF1CR-ams
cf-cache-status: HIT
age: 219
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ab45d7b883b1c0a-OSL
X-Firefox-Spdy: h2

unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

104.16.122.175

200 OK

0 B

URL HTTP/2
unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sweetalert@2.1.2/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mutuelleawoundjo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:08:42 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
via: 1.1 fly.io
fly-request-id: 01GQ3Z0V5XBTF4RAKCHZ08Z48V-fra
cf-cache-status: HIT
age: 5285822
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ab45d7bb8691c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML