firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 10:08:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8rhl23SfjbhhNLpEWiFQDLzCzgzNPxNm4GKWIxHomXysxZFIy90WUw==
Age: 2025
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3216
Expires: Tue, 13 Sep 2022 11:36:04 GMT
Date: Tue, 13 Sep 2022 10:42:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZZODFKgInuSwG4I9HtMUG0V0qQvVHCNHFUHIgP-MWu5OCU3Bfkdi9w==
age: 22034
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 10:42:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a72c47294ae917cfa1b64516a6c4efa1
242da3b8559d5fd7b7dbf1e15db710005f785601
a51418857fa27c434ef5d6e0f2ee106c8433dedbb2d44acf0302a1d63bea9f7f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 09:16:00 GMT
Expires: Tue, 20 Sep 2022 09:15:59 GMT
Etag: "242da3b8559d5fd7b7dbf1e15db710005f785601"
Cache-Control: max-age=599009,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c3be7d0b51-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 10:03:22 GMT
Expires: Tue, 13 Sep 2022 10:05:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SZGUDOMghw2q_FDn3WtgvZ4rQq7nKHDUfNeLGH7zHbdNwXwE4FyX1w==
Age: 2347
noreply-bb5653.ingress-bonde.ewp.live/new-ca
63.250.43.2301 Moved Permanently 162 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /new-ca HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 13 Sep 2022 10:42:29 GMT
content-type: text/html
content-length: 162
location: http://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 10:42:29 GMT
Last-Modified: Tue, 13 Sep 2022 09:18:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
noreply-bb5653.ingress-bonde.ewp.live/new-ca/
63.250.43.2200 OK 28 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304), with CRLF line terminators
Hash 5d2070b804bd9e892c0ad2bb568c0c95
305074fe42359fe52e93666a12e28cc89cb06aa7
774032e2055352b56dd71ccb91a3c932b85efccd87d7f9214dc5c9da5e1aa072
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /new-ca/ HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 45499
x-cache: HIT
accept-ranges: bytes
content-length: 27665
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8bc2f0b51-OSL
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css
63.250.43.2200 OK 4.6 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css
IP 63.250.43.2:0
File type Unicode text, UTF-8 text, with very long lines (1706)
Hash 1d84c32d430613bb512c2e35d7331cb7
ab032994b22667d0876870161632410d6712fc4a
3f650ae899941fc3ff356e7f573f7f70ce09d1d19e933dbb52a7b032242e896d
GET /new-ca/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-4b31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 4647
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css
63.250.43.2200 OK 3.5 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css
IP 63.250.43.2:0
File type ASCII text, with very long lines (1706)
Hash 1cc92a85285572be6b54284bd43b5d6a
69e072cd654507d58809b7dd1eaf4144d78fe4ab
913d2fd2a9954b4bf386f97ac88b326aa51be8a51ba50c7be40bab9fbfadaaac
GET /new-ca/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-31d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 3505
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css
63.250.43.2200 OK 3.3 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css
IP 63.250.43.2:0
File type ASCII text, with very long lines (1706)
Hash 901e90eae4125b35be9a4b2e6c5a3820
455a9708ce7e53bf3a335023646e2d67dd3ecdbd
39eac444c78bbf83d6d638975d560fc834e87ca8d3e2c40eadc0a81dd81bd391
GET /new-ca/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-2fad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 3313
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8ca14b52d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8cc7bb4eb-OSL
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
158.191.172.47200 OK 25 B URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
Hash 363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:07:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 02 Sep 2022 12:07:29 GMT
Cache-Control: max-age=2592000
Expires: Sun, 02 Oct 2022 12:07:29 GMT
Content-Type: text/css
Age: 945300
X-Cache: HIT
X-Cache-Hits: 1666423
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js
158.191.172.47200 OK 2.0 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (697)
Hash 35d8650ef29a52aad843bb646b784af9
fbc8c2d86c3bbc702b136a95a78c1198f16b9702
d7050f67214f0b4bfede756d0674e09b063a059ea1ef19bf1222c5bb03cd190e
GET /etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:58 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:58 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:58 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2018
Content-Type: application/javascript
Age: 945331
X-Cache: HIT
X-Cache-Hits: 1680649
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9TLVLrGyo4Bo4nsKf+TQwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yk7V3g1G6DSU01UVqVbQJGGmWbc=
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
158.191.172.47200 OK 21 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type Unicode text, UTF-8 text, with very long lines (543)
Hash 0f9698f3b98184c4f3339a514c6cacd8
b8a401e2b96d9ea931380288dedae8ff0a289ef1
eb205de4970ff5276f5dc203e9a19451147c945dc49024a85b2f42d1611377d6
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:07:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 02 Sep 2022 12:07:29 GMT
Cache-Control: max-age=2592000
Expires: Sun, 02 Oct 2022 12:07:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21206
Content-Type: application/javascript
Age: 945300
X-Cache: HIT
X-Cache-Hits: 1673425
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
158.191.172.47200 OK 211 B URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (313), with no line terminators
Hash ec818eb11121655b17a6fb83488e4554
0559cdabdc6ae6faf8dd3e6c3728f94443d96f1c
5f74bf966f485c3cdab1770f99d0bb7d6f4fdc4750e01288003e2daceb852089
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:07:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 02 Sep 2022 12:07:05 GMT
Cache-Control: max-age=2592000
Expires: Sun, 02 Oct 2022 12:07:05 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Content-Type: application/javascript
Age: 945324
X-Cache: HIT
X-Cache-Hits: 1808295
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js
158.191.172.47200 OK 6.7 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (679)
Hash 15f73cdfc00596b0e726695d7d967082
559cdb3e94a374771c7666cc9a0bec2d35c23707
7ab899234ee7533ef7e16d523b17ebfe4b983ac8f7b2913bb43aec57ea7229af
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:46:02 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:46:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:46:01 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6674
Content-Type: application/javascript
Age: 856587
X-Cache: HIT
X-Cache-Hits: 62601
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css
63.250.43.2200 OK 4.1 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css
IP 63.250.43.2:0
File type ASCII text, with very long lines (1706)
Hash 6c8b4dc7e80249e5d5f9034bb30d2f12
730e7fdfb48197eee3a85f83d8fab2aab87bfce1
af405241aa6af050a11387c6a0d1319a3fd80ff7d9aeeb139d9a51ade09e4216
GET /new-ca/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-3dcb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 4067
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8cc8c0b55-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 486ba4c08111d9f2501ea34d057f4599
f7411e2a070801319b1465e990068f0e4b1f20aa
b85dfb38a450517700e00a4d338b69f17dc3b49dff4c8ca1b84cfa55b3f441fd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 10:42:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:40:38 GMT
Expires: Sat, 17 Sep 2022 12:40:37 GMT
Etag: "f7411e2a070801319b1465e990068f0e4b1f20aa"
Cache-Control: max-age=352086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a046c8cbb51c16-OSL
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js
158.191.172.47200 OK 125 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type Unicode text, UTF-8 text, with very long lines (567)
Size 125 kB (125217 bytes)
Hash c8b977e07f47b5618206dc2d3c1ce2bf
3640602e969ea4f811305a51aa97a61f3114ae19
83fd9d50794ef11fc8a202476b193d3dbdd1d016744253fe0f1dca37da8e021b
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 09:28:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 31 Aug 2022 09:28:36 GMT
Cache-Control: max-age=2592000
Expires: Fri, 30 Sep 2022 09:28:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Age: 1127633
X-Cache: HIT
X-Cache-Hits: 2188002
Accept-Ranges: bytes
Content-Length: 125217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js
158.191.172.47200 OK 3.9 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (547)
Hash 463049d793eabdbac8ae4e57b2a10ca7
011665ca0f2ca4db6e59f2f3cc3d9ddadbf11730
517abbf818972325e19936a02cac32ea14de3e1af6590ce46a27f35ab1e3dd8f
GET /etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:21:13 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:21:13 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:21:13 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3936
Content-Type: application/javascript
Age: 944476
X-Cache: HIT
X-Cache-Hits: 1659337
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
158.191.172.47200 OK 2.0 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type PNG image data, 83 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash a5777291aa794d7d07285c839571662a
284f3d6b64462c946a640072bb57e512307bf8ab
1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
GET /content/dam/assetsca/npc/logos/logo_ca.png HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:45:54 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:45:54 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:45:54 GMT
Content-Length: 2037
Content-Type: image/png
Age: 856595
X-Cache: HIT
X-Cache-Hits: 1468379
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:51 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:51 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:51 GMT
Content-Type: image/svg+xml
vha6-origin: cats-rd17-prd
Age: 945339
X-Cache: HIT
X-Cache-Hits: 440776
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:59 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:59 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:59 GMT
Content-Type: image/svg+xml
Age: 945330
X-Cache: HIT
X-Cache-Hits: 452431
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
63.250.43.2200 OK 172 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
IP 63.250.43.2:0
File type Unicode text, UTF-8 text, with very long lines (8828)
Size 172 kB (171970 bytes)
Hash 90fbf56d9969eb4bf72f5223635463d1
820290b172634487df9456a43b107efe3c9923a6
040db686c8365b3cb9771d4f8fe0e5beeaa168206131bc0ab323f65ea540b450
GET /new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:13 GMT
content-type: text/css
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-14260d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45496
x-cache: HIT
accept-ranges: bytes
content-length: 171970
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js
63.250.43.2200 OK 198 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/js/client-edited.js
IP 63.250.43.2:0
File type Unicode text, UTF-8 text, with very long lines (566), with CRLF line terminators
Size 198 kB (198211 bytes)
Hash 95aed53d2048e08bb4c0d9af389e10c8
a35071ef43157a914af03e47e94b04628bd4be14
195b69ab2ae781960c93611145857fc5709bc0a8556fef0b7536e0f456c5e2f0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/js/client-edited.js HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:22 GMT
content-type: application/javascript
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
vary: Accept-Encoding
etag: W/"631f02de-c2a1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 45487
x-cache: HIT
accept-ranges: bytes
content-length: 198211
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
151.101.86.132200 OK 58 kB URL HTTP/2 cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
IP 151.101.86.132:0
File type Unicode text, UTF-8 text, with very long lines (55009)
Hash 9f32c7b6634934b6934cfb7d33db6077
65190ad5976e89276df3d92cb698cd9306aedd25
85fc26877b736d3d28d43f5eab74addf03f1e85288ab5a1f60f7f556e1c19a79
GET /3315/tc_PortailClientCreditAgricole_1.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uYv82oHFPM69xTtYvxDcuSCg1n9Mf82/vKVp3ezPaSBf1tDeHVYrrVPb1hZH3VecrkTyZt2lsHg=
x-amz-request-id: 2QF64GYDMJHT46SY
cache-control: max-age=86400, must-revalidate
last-modified: Fri, 22 Jul 2022 12:56:43 GMT
etag: "6477af242f57fe3f52b893205a44526c"
content-type: application/javascript
server: AmazonS3
x-cdn: FASTLY
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 31536000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 10:42:30 GMT
via: 1.1 varnish
age: 17725
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1663065751.579716,VS0,VE0
vary: Accept-Encoding
content-length: 58282
X-Firefox-Spdy: h2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
158.191.172.47200 OK 244 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size 244 kB (243919 bytes)
Hash b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:46:10 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:46:10 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:46:03 GMT
Content-Length: 243919
Content-Type: image/jpeg
Age: 856580
X-Cache: HIT
X-Cache-Hits: 39662
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Book.woff2
63.250.43.2200 OK 42 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Book.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 41728, version 3.19726\012- data
Hash d838b98f75e3cb9574f9b8b796eb1e8f
fcdf131af872ce9ecda9a437cdf67d23c5940d97
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/fonts/Gotham-Book.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 41728
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-a300"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45487
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Bold.woff2
63.250.43.2200 OK 39 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Bold.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 39264, version 3.19726\012- data
Hash 003e90cf8cb3f8b4bef30d6764da18ed
512e44f40b54d0e5e081dda9fd5ea8a4429a508c
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/fonts/Gotham-Bold.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 39264
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-9960"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45486
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Light.woff2
63.250.43.2200 OK 40 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Light.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 40280, version 3.19726\012- data
Hash 7624ae091962735719fb82bf900c22b7
393477ccdcd62b914d90dd379dd7d677d761e416
e266d1f2bcf1da0faff6964637fdcd9a4e47c50a7a56be74424f409f30c83c5e
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/fonts/Gotham-Light.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 40280
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-9d58"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45486
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Medium.woff2
63.250.43.2200 OK 42 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/Gotham-Medium.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 41488, version 3.19726\012- data
Hash 68ce85d44fef05344ea74f94f3e6b472
3a380914e04ef35820bbe619e1f902d4b250a997
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/fonts/Gotham-Medium.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:23 GMT
content-type: font/woff2
content-length: 41488
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-a210"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45486
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2
63.250.43.2404 Not Found 146 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
63.250.43.2404 Not Found 146 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Tue, 13 Sep 2022 12:21:41 GMT
Date: Tue, 13 Sep 2022 10:42:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c1314c7778ea0d32e8c69dae0c38b6d
c4772b9b182f9f905fead84f3761fe296073ca65
5fc8dc23f9b4d150b834aa69b358edd9f9f5f449607df07d579df66098d8aac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10366
x-amzn-requestid: c66a0e06-d45c-4d16-ba0c-bf6a2368cfc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVQPkH2RoAMFX2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ec730-5174741f2d86d3ea018e452f;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 05:44:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0ieBLVDdyIQuPO5pdM8wzjY2XwaMhLJhJWAUtsLfgiWTKVBTOws1tQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:04 GMT
etag: "c4772b9b182f9f905fead84f3761fe296073ca65"
content-type: image/jpeg
age: 45867
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:16:59 GMT
age: 44732
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 41432
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 46813
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 46811
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 45972
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/favicon.ico
63.250.43.2204 No Content 0 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/favicon.ico
IP 63.250.43.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 12 Sep 2022 22:44:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 43107
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
63.250.43.2404 Not Found 146 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:31 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/npcicons-crunchy.woff2
63.250.43.2200 OK 16 kB URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/fonts/npcicons-crunchy.woff2
IP 63.250.43.2:0
File type Web Open Font Format (Version 2), TrueType, length 16124, version 1.0\012- data
Hash 7eefcde0bd0f11ff896e571772c36544
7e205d90e6f19f35ee0f73f51d67f9377b8a0b64
2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/fonts/npcicons-crunchy.woff2 HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 22:04:27 GMT
content-type: font/woff2
content-length: 16124
last-modified: Mon, 12 Sep 2022 09:58:54 GMT
etag: "631f02de-3efc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://noreply-bb5653.ingress-bonde.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 45484
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 12:45:55 GMT
Server: Apache
Expires: Mon, 03 Oct 2022 12:45:55 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 04 Aug 2022 12:45:54 GMT
Content-Type: image/svg+xml
Age: 856595
X-Cache: HIT
X-Cache-Hits: 410982
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:52 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:52 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:51 GMT
Content-Type: image/svg+xml
Age: 945339
X-Cache: HIT
X-Cache-Hits: 437685
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:51 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:51 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:51 GMT
Content-Type: image/svg+xml
vha6-origin: cats-rd17-prd
Age: 945340
X-Cache: HIT
X-Cache-Hits: 440779
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/
Origin: https://noreply-bb5653.ingress-bonde.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:06:59 GMT
Server: Apache
Expires: Sun, 02 Oct 2022 12:06:59 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 Aug 2022 12:06:59 GMT
Content-Type: image/svg+xml
Age: 945331
X-Cache: HIT
X-Cache-Hits: 437628
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefinedjsonp/inbenta.js
63.250.43.2404 Not Found 146 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefinedjsonp/inbenta.js
IP 63.250.43.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/undefinedjsonp/inbenta.js HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:31 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined
63.250.43.2404 Not Found 0 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined
IP 63.250.43.2:0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/undefined HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined
63.250.43.2404 Not Found 0 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/new-ca/undefined
IP 63.250.43.2:0
Analyzer Verdict Alert fortinet Phishing
GET /new-ca/undefined HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub
63.250.43.2404 Not Found 0 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub
IP 63.250.43.2:0
Analyzer Verdict Alert fortinet Phishing
GET /etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
noreply-bb5653.ingress-bonde.ewp.live/libs/granite/csrf/token.json
63.250.43.2404 Not Found 0 B URL HTTP/2 noreply-bb5653.ingress-bonde.ewp.live/libs/granite/csrf/token.json
IP 63.250.43.2:0
Analyzer Verdict Alert fortinet Phishing
GET /libs/granite/csrf/token.json HTTP/1.1
Host: noreply-bb5653.ingress-bonde.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://noreply-bb5653.ingress-bonde.ewp.live/new-ca/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 10:42:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://noreply-bb5653.ingress-bonde.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2