message-webmail.connexion-messagerie.com/
212.224.86.197301 Moved Permanently 162 B URL HTTP/1.1 message-webmail.connexion-messagerie.com/
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 22:50:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://message-webmail.connexion-messagerie.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15194
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:50:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b8769801e8712cb7b401b5752da2c2
30d14bf20b20507a4fda3d7dbee9fbba7327139a
69d097718cac37cc6b77d417711c4356557f2b47c78026303bfe5f985b94a5a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14139
Expires: Mon, 03 Oct 2022 02:45:47 GMT
Date: Sun, 02 Oct 2022 22:50:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 096e5ecae9d1cd03edf8411ad106b092.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 8Iz7BI2d_Qaz-DgimfGyuLlH61ukkK6l15ZSinopYdqS5NJ5sXuUmA==
Age: 2807
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8wn9HjvuCwIDI1sEmhs3L7C/UD9hEIBTkHVK0SUK5+m3x+qSUDmNDReZRzvF2Je7xcEGgseZuTg=
x-amz-request-id: VAE069WVWD39PMBJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 02 Oct 2022 21:53:03 GMT
age: 3425
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a21f6433a4bde322b8733ee1db453a3
ae2b35acbc0b7365874ebb4976847a5742819618
cd1405b5f50f925e80c5dc95a4937ecaa62d8cc81226491de927ec6dde80f657
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD1405B5F50F925E80C5DC95A4937ECAA62D8CC81226491DE927EC6DDE80F657"
Last-Modified: Sun, 02 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 03 Oct 2022 04:49:14 GMT
Date: Sun, 02 Oct 2022 22:50:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Cache-Control, Alert, Last-Modified, Backoff, Retry-After, Expires, Content-Length, Pragma, ETag
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 22:32:53 GMT
Expires: Sun, 02 Oct 2022 22:38:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5059e7bd12388ef6673ed156d17eb756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: wpZhLDn-kGLM5PF7u-qavbNGJDeGR1NmjlDF4_4Di6JS3Wv6rZbUKg==
Age: 1036
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1260
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:50:09 GMT
Last-Modified: Sun, 02 Oct 2022 22:29:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.92.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.92.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AmOSDRMshzRZgfMR1vWGcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lHbfz2EqwwPiwUlA/L6C8fcDO+U=
tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
23.38.200.249200 OK 1.3 kB URL HTTP/2 tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
IP 23.38.200.249:0
File type HTML document, ASCII text, with very long lines (2228)
Hash f2826c7dcb49eab78b7a0d6e42d4e8ba
6ce346eb6eb2ab3aa776c68a3840403abf7e432e
cc58b4ee85c4b478318667b0a8118fd5f58cdfd893f1c8330a4abe87ac01debd
GET /utag/orange/abtesting/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "e08d58d654da41006d444bed14ba529b:1652702791.884106"
last-modified: Mon, 16 May 2022 12:06:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 02 Oct 2022 22:55:10 GMT
date: Sun, 02 Oct 2022 22:50:10 GMT
content-length: 1307
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940
23.38.200.249200 OK 3.5 kB URL HTTP/2 tags.tiqcdn.com/utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940
IP 23.38.200.249:0
File type ASCII text, with very long lines (1706)
Hash 13677f112e273114b41e7256fb8528b0
6105d33f27aba8162724d661bfb97d5759964685
c4fd1c695cd90b7615ec264488b4e84e38e4bf6a600e1a244b67e117f43d82fe
GET /utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a828fd6b0717088b73a194b9beaab918:1620121228.746471"
last-modified: Tue, 04 May 2021 09:40:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Mon, 17 Oct 2022 22:50:10 GMT
date: Sun, 02 Oct 2022 22:50:10 GMT
content-length: 3460
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.47.202103031408
23.38.200.249200 OK 5.6 kB URL HTTP/2 tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.47.202103031408
IP 23.38.200.249:0
File type ASCII text, with very long lines (1204)
Hash da832fa3919986973572680b9ae2399b
60c6acd391d4ab69285200e9e75fc2e3b5be2aa4
3804bfa896927cabe3e6fc9a0c0c00408fb63e0bb9982eaef0a48853073424ad
GET /utag/orange/identite/prod/utag.29.js?utv=ut4.47.202103031408 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "df3655216296cd975678739cf019d210:1658736609.419389"
last-modified: Mon, 25 Jul 2022 08:10:09 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Mon, 17 Oct 2022 22:50:10 GMT
date: Sun, 02 Oct 2022 22:50:10 GMT
content-length: 5627
X-Firefox-Spdy: h2
sdk.privacy-center.org/3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF
54.230.111.111200 OK 8.3 kB URL HTTP/2 sdk.privacy-center.org/3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF
IP 54.230.111.111:0
File type Unicode text, UTF-8 text, with very long lines (36922), with no line terminators
Hash 36e3ae449cc1fe0ad7e62c1b992ed463
fa4fb1cd10abfef6a63f99903c90800d07bba97f
558aaa6f5453e4be143e7ec4d5b855e33520c988e69be4f81df219616e69dc83
GET /3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 8288
server: CloudFront
date: Sun, 02 Oct 2022 22:50:10 GMT
x-didomi-remote-config-source: Lambda
content-encoding: gzip
cache-control: max-age=7200, public
etag: "777f6470d88dfcedd79779d0cd8c277d"
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C0QjsFPjr_LjHtiaKFVV6u3nWGEEsUQd8YBAyTbS76fEfbSs1hKlgw==
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/pic.png
212.224.86.197200 OK 441 kB URL HTTP/2 message-webmail.connexion-messagerie.com/pic.png
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 2034 x 624, 8-bit/color RGBA, non-interlaced\012- data
Size 441 kB (441120 bytes)
Hash a2bb410b6931a21fc47ca39cf0be1bf0
877edcba7f72caf63e092a5906b92258a833d31e
9efea95d346e9bf6d52bf0f7d46404b49573b7f4d0f39493b028c651e038df9e
GET /pic.png HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: image/png
content-length: 441120
last-modified: Sun, 02 Oct 2022 11:16:40 GMT
etag: "63397318-6bb20"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/icons/Logo_MC_noir_fond_transparent_small.png
212.224.86.197404 Not Found 873 B URL HTTP/2 message-webmail.connexion-messagerie.com/icons/Logo_MC_noir_fond_transparent_small.png
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc2816f9dafc0ddcaed2f648602b4d7b
d675330ff85bb98c2cd23b3038f4d71fadb64791
4d9f5a94806706a92c9f5324bc2194b36d043e52a155cf4b2756e743dbe2768e
GET /icons/Logo_MC_noir_fond_transparent_small.png HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html
last-modified: Sun, 02 Oct 2022 01:44:35 GMT
etag: W/"328-5ea035e86d2b7;5e99641bb1ad8"
content-encoding: br
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/icons/Logo_MC_orange_fond_transparent_small.png
212.224.86.197404 Not Found 873 B URL HTTP/2 message-webmail.connexion-messagerie.com/icons/Logo_MC_orange_fond_transparent_small.png
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc2816f9dafc0ddcaed2f648602b4d7b
d675330ff85bb98c2cd23b3038f4d71fadb64791
4d9f5a94806706a92c9f5324bc2194b36d043e52a155cf4b2756e743dbe2768e
GET /icons/Logo_MC_orange_fond_transparent_small.png HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html
last-modified: Sun, 02 Oct 2022 01:44:35 GMT
etag: W/"328-5ea035e86d2b7;5e99641bb1ad8"
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4331
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:50:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4331
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:50:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
age: 3884
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 9361
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3dfda0e06e989942bf45f4c2bf18d7c
6d0cee63012a8f79aef1f1e751e2940582b981e1
a79d4015713255da4475ff9193ccfeed72737f5f03027a42fd86cc7b095ddf03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3695
x-amzn-requestid: f1f35cb1-9fc2-4694-8bf4-9d9e41f9bd7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabEM8oAMF0RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3140202b1a3b892702978a7e;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kxxeDkHccWmlQFBbBf-5gKzqY0utY15Czvx0Ms7QS1lJMXExRmbjjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:48:46 GMT
age: 3685
etag: "6d0cee63012a8f79aef1f1e751e2940582b981e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34ba42086104460665f7f4f579235592
58f10485c5273cbed8159c98b9065b192ba3d00b
79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzgI7sWS7fsSOANaDI0S4qrT_2iIkp2TOt3bPfm56T0m9jmxRFfSIA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 12:52:35 GMT
age: 35856
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 65351
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a59b70f464b106c9e54579d8b2f967fa
f964cf69ae825bb32eef4b364df8227c5fb73fce
cf2c8c1d3ebbdb8fea6b90d81d240120749cfdceb525713ef153481cb15a438e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9095
x-amzn-requestid: 9f6cbd35-adf6-4163-aaf0-a3534bfc25c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNes7G79oAMF2DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544b8-306a82aa5f91bcdb3b349b87;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9pqwazWdgS9eR0U_HxtfgHvTUTnUyN0IRVZlQUzrimpv-9dMLHlcVg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:36 GMT
age: 3035
etag: "f964cf69ae825bb32eef4b364df8227c5fb73fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/NaN
212.224.86.197404 Not Found 0 B URL HTTP/2 message-webmail.connexion-messagerie.com/NaN
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert fortinet Phishing
GET /NaN HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html
last-modified: Sun, 02 Oct 2022 01:44:35 GMT
etag: W/"328-5ea035e86d2b7"
content-encoding: br
X-Firefox-Spdy: h2
sdk.privacy-center.org/sdk.066c420c3c3088f5525aa1a3ec708ddb25ad1892.js
54.230.111.111200 OK 0 B URL HTTP/2 sdk.privacy-center.org/sdk.066c420c3c3088f5525aa1a3ec708ddb25ad1892.js
IP 54.230.111.111:0
GET /sdk.066c420c3c3088f5525aa1a3ec708ddb25ad1892.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 02 Oct 2022 22:50:11 GMT
last-modified: Thu, 26 May 2022 01:43:34 GMT
etag: W/"2dcb6cc2fb45d5bdb41f1b8994c76e48"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1653528979/ctime:1653528979/gid:0/gname:root/md5:2dcb6cc2fb45d5bdb41f1b8994c76e48/mode:33188/mtime:1653528979/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cix6ksw9fwcsA_5oalW_qMp-J2qVG4pYVWLGmCoJOrgzRCNsvcIHfw==
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/
212.224.86.197200 OK 0 B URL HTTP/2 message-webmail.connexion-messagerie.com/
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg; path=/
x-powered-by: PHP/8.0.23, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/css/bundle.min.css
212.224.86.197200 OK 0 B URL HTTP/2 message-webmail.connexion-messagerie.com/css/bundle.min.css
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
GET /css/bundle.min.css HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/css
last-modified: Sun, 02 Oct 2022 10:56:00 GMT
etag: W/"63396e40-37e70"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
message-webmail.connexion-messagerie.com/js/bundle.min.js
212.224.86.197200 OK 0 B URL HTTP/2 message-webmail.connexion-messagerie.com/js/bundle.min.js
IP 212.224.86.197:0
ASN #44066 diva-e Datacenters GmbH
Analyzer Verdict Alert fortinet Phishing
GET /js/bundle.min.js HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: application/javascript
last-modified: Sun, 02 Oct 2022 10:56:13 GMT
etag: W/"63396e4d-30a9f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
sdk.privacy-center.org/sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js
54.230.111.111200 OK 0 B URL HTTP/2 sdk.privacy-center.org/sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js
IP 54.230.111.111:0
GET /sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 27 Sep 2022 13:20:28 GMT
last-modified: Tue, 27 Sep 2022 13:16:34 GMT
etag: W/"2a0b534a95e0d177628e869d14f8cf23"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1664284306/ctime:1664284306/gid:0/gname:root/md5:2a0b534a95e0d177628e869d14f8cf23/mode:33188/mtime:1664284306/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OqSkJxIdhASV0ZqhlyAZu_v02ajK_nvonH0d2i3aPMyG2oMURLQ7iQ==
age: 466183
X-Firefox-Spdy: h2