Report - message-webmail.connexion-messagerie.com/

Report Overview

Submitted URL
message-webmail.connexion-messagerie.com/
IP
212.224.86.197
ASN
#44066 diva-e Datacenters GmbH
Submitted
2022-10-02 22:50:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
tags.tiqcdn.com	969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	12 kB	23.38.200.249
sdk.privacy-center.org	6220	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	10 kB	54.230.111.111
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	45 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.213.92.18
message-webmail.connexion-messagerie.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	445 kB	212.224.86.197
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.165.201.83
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	message-webmail.connexion-messagerie.com/	Phishing
2022-10-02	medium	message-webmail.connexion-messagerie.com/NaN	Phishing
2022-10-02	medium	message-webmail.connexion-messagerie.com/	Phishing
2022-10-02	medium	message-webmail.connexion-messagerie.com/js/bundle.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	message-webmail.connexion-messagerie.com/	2.8 kB	2023-03-07	2023-11-23
Pretty URL message-webmail.connexion-messagerie.com/ IP 212.224.86.197 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:59 Last Seen2023-11-23 14:36:28 Times Seen2 Hash 99a69815cd23542d0ce4e541bc6fe0c4 d1d4b4af74e93a08205393439ec6af11e62391d5 c01e27a175aafdb7a41c28878169af12deea8bc5ce925020b406142ba9680e10 Loading...

	message-webmail.connexion-messagerie.com/	389 B	2023-03-07	2023-11-23
Pretty URL message-webmail.connexion-messagerie.com/ IP 212.224.86.197 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:59 Last Seen2023-11-23 14:36:28 Times Seen2 Hash 67133b299143e33b3bc00c11793be3ed 41fc7f3e4c86814d143d66ca2136166c8f69c720 24575136c6eda150fe26bf3b58f25c6135551365cbd8807b873c7e5951dcb3b5 Loading...

	message-webmail.connexion-messagerie.com/	598 B	2023-03-08	2023-03-08
Pretty URL message-webmail.connexion-messagerie.com/ IP 212.224.86.197 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:51:52 Last Seen2023-03-08 04:51:52 Times Seen1 Hash 2401b68e14cb72449eebe00352875c91 93c4c14dad4c97c1847638e06ec5a1dac58c2e1a 39ad7925773531bef6c7a19762fd7aa53c746177eaae95d1d45abaee404c31da Loading...

	message-webmail.connexion-messagerie.com/	664 B	2023-03-08	2023-11-09
Pretty URL message-webmail.connexion-messagerie.com/ IP 212.224.86.197 ASN #44066 diva-e Datacenters GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:51:52 Last Seen2023-11-09 03:42:49 Times Seen81 Hash 4678aa0a6392f29afff0bdc409e0fa2b 62d2b546af2f254661e230c6c530daddf76971e0 3d15160ef8f6ade3ea7485fa6d2a891d97ff695dbdb9708ff76e414a6df990db Loading...

	sdk.privacy-center.org/3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF	37 kB	2023-03-08	2023-03-08
Pretty URL sdk.privacy-center.org/3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:51:52 Last Seen2023-03-08 04:51:52 Times Seen1 Hash 2cc16c5005604dac369007c3ac81ce04 04311c6bc167bd8576df48a3d772126d3912dbf0 3cb6edd0715b897dccdc9c9e18b0a97e25fc5787d2b24cc1fdcd8f6d3c1fef2b Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:19:06 Times Seen37534613 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tags.tiqcdn.com/utag/orange/identite/prod/utag.js	34 kB	2023-03-08	2023-03-08
Pretty URL tags.tiqcdn.com/utag/orange/identite/prod/utag.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:51:52 Last Seen2023-03-08 04:51:52 Times Seen1 Hash 262738d1eb6a9a1e621cd670d2ca4a4b dd077b6ad89d9306ee573bd668fae0643db6f0c8 6431589efde83ba4599b8a83e1f6b6b16c0c55a2d0d0558243dbbb5f95fbb04e Loading...

	tags.tiqcdn.com/utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940	13 kB	2023-03-08	2023-04-05
Pretty URL tags.tiqcdn.com/utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940 IP 23.38.200.249 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:51:52 Last Seen2023-04-05 21:31:52 Times Seen7 Hash a828fd6b0717088b73a194b9beaab918 5ad2b8f203517e8e4c85cd0ee18f6736fc425c8d a8868caae8ebe5785d995054d39f4413e35101a85f27c4c0143ea74c434a9f19 Loading...

	sdk.privacy-center.org/sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js	477 kB	2023-03-08	2023-03-08
Pretty URL sdk.privacy-center.org/sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:54:19 Last Seen2023-03-08 04:51:52 Times Seen1 Hash 2a0b534a95e0d177628e869d14f8cf23 e90f2b62e526fd0502813a00587f456f301446d0 70003a9f867f922802a43534037acbb49c0a4c96c34fa9471725c1756bea22e1 Loading...

	tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js	5.6 kB	2023-03-07	2023-03-17
Pretty URL tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js IP 23.38.200.249 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2023-03-17 09:24:07 Times Seen1 Hash e08d58d654da41006d444bed14ba529b a14434c1a137e5654102a8cfeba7a884ed9ac763 93b4d69c528c86257cb40f6a9895584a014f235e2a7b20f4e70e7bf87c84787b Loading...

HTTP Transactions (31)

URL IP Response Size

message-webmail.connexion-messagerie.com/

212.224.86.197

301 Moved Permanently

162 B

URL HTTP/1.1
message-webmail.connexion-messagerie.com/
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 22:50:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://message-webmail.connexion-messagerie.com/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15194
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:50:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b8769801e8712cb7b401b5752da2c2
30d14bf20b20507a4fda3d7dbee9fbba7327139a
69d097718cac37cc6b77d417711c4356557f2b47c78026303bfe5f985b94a5a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14139
Expires: Mon, 03 Oct 2022 02:45:47 GMT
Date: Sun, 02 Oct 2022 22:50:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

18.165.201.83

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.165.201.83:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 096e5ecae9d1cd03edf8411ad106b092.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 8Iz7BI2d_Qaz-DgimfGyuLlH61ukkK6l15ZSinopYdqS5NJ5sXuUmA==
Age: 2807

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8wn9HjvuCwIDI1sEmhs3L7C/UD9hEIBTkHVK0SUK5+m3x+qSUDmNDReZRzvF2Je7xcEGgseZuTg=
x-amz-request-id: VAE069WVWD39PMBJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 02 Oct 2022 21:53:03 GMT
age: 3425
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a21f6433a4bde322b8733ee1db453a3
ae2b35acbc0b7365874ebb4976847a5742819618
cd1405b5f50f925e80c5dc95a4937ecaa62d8cc81226491de927ec6dde80f657

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD1405B5F50F925E80C5DC95A4937ECAA62D8CC81226491DE927EC6DDE80F657"
Last-Modified: Sun, 02 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 03 Oct 2022 04:49:14 GMT
Date: Sun, 02 Oct 2022 22:50:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.165.201.83

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.165.201.83:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Cache-Control, Alert, Last-Modified, Backoff, Retry-After, Expires, Content-Length, Pragma, ETag
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 22:32:53 GMT
Expires: Sun, 02 Oct 2022 22:38:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5059e7bd12388ef6673ed156d17eb756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: wpZhLDn-kGLM5PF7u-qavbNGJDeGR1NmjlDF4_4Di6JS3Wv6rZbUKg==
Age: 1036

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1260
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:50:09 GMT
Last-Modified: Sun, 02 Oct 2022 22:29:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.92.18

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.92.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AmOSDRMshzRZgfMR1vWGcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lHbfz2EqwwPiwUlA/L6C8fcDO+U=

tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js

23.38.200.249

200 OK

1.3 kB

URL HTTP/2
tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
IP
23.38.200.249:0
ASN
#16625 AKAMAI-AS

File type
HTML document, ASCII text, with very long lines (2228)
Size
1.3 kB (1307 bytes)
Hash
f2826c7dcb49eab78b7a0d6e42d4e8ba
6ce346eb6eb2ab3aa776c68a3840403abf7e432e
cc58b4ee85c4b478318667b0a8118fd5f58cdfd893f1c8330a4abe87ac01debd

HTTP Headers

GET /utag/orange/abtesting/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "e08d58d654da41006d444bed14ba529b:1652702791.884106"
last-modified: Mon, 16 May 2022 12:06:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 02 Oct 2022 22:55:10 GMT
date: Sun, 02 Oct 2022 22:50:10 GMT
content-length: 1307
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940

23.38.200.249

200 OK

3.5 kB

URL HTTP/2
tags.tiqcdn.com/utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940
IP
23.38.200.249:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1706)
Size
3.5 kB (3460 bytes)
Hash
13677f112e273114b41e7256fb8528b0
6105d33f27aba8162724d661bfb97d5759964685
c4fd1c695cd90b7615ec264488b4e84e38e4bf6a600e1a244b67e117f43d82fe

HTTP Headers

GET /utag/orange/identite/prod/utag.33.js?utv=ut4.47.202105040940 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "a828fd6b0717088b73a194b9beaab918:1620121228.746471"
last-modified: Tue, 04 May 2021 09:40:28 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Mon, 17 Oct 2022 22:50:10 GMT
date: Sun, 02 Oct 2022 22:50:10 GMT
content-length: 3460
X-Firefox-Spdy: h2

tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.47.202103031408

23.38.200.249

200 OK

5.6 kB

URL HTTP/2
tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.47.202103031408
IP
23.38.200.249:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (1204)
Size
5.6 kB (5627 bytes)
Hash
da832fa3919986973572680b9ae2399b
60c6acd391d4ab69285200e9e75fc2e3b5be2aa4
3804bfa896927cabe3e6fc9a0c0c00408fb63e0bb9982eaef0a48853073424ad

HTTP Headers

GET /utag/orange/identite/prod/utag.29.js?utv=ut4.47.202103031408 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "df3655216296cd975678739cf019d210:1658736609.419389"
last-modified: Mon, 25 Jul 2022 08:10:09 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Mon, 17 Oct 2022 22:50:10 GMT
date: Sun, 02 Oct 2022 22:50:10 GMT
content-length: 5627
X-Firefox-Spdy: h2

sdk.privacy-center.org/3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF

54.230.111.111

200 OK

8.3 kB

URL HTTP/2
sdk.privacy-center.org/3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (36922), with no line terminators
Size
8.3 kB (8288 bytes)
Hash
36e3ae449cc1fe0ad7e62c1b992ed463
fa4fb1cd10abfef6a63f99903c90800d07bba97f
558aaa6f5453e4be143e7ec4d5b855e33520c988e69be4f81df219616e69dc83

HTTP Headers

GET /3e6e3e05-9201-4614-a13e-b9649d1fa0e4/loader.js?target_type=notice&target=mz4pRBcF HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 8288
server: CloudFront
date: Sun, 02 Oct 2022 22:50:10 GMT
x-didomi-remote-config-source: Lambda
content-encoding: gzip
cache-control: max-age=7200, public
etag: "777f6470d88dfcedd79779d0cd8c277d"
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C0QjsFPjr_LjHtiaKFVV6u3nWGEEsUQd8YBAyTbS76fEfbSs1hKlgw==
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/pic.png

212.224.86.197

200 OK

441 kB

URL HTTP/2
message-webmail.connexion-messagerie.com/pic.png
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type
PNG image data, 2034 x 624, 8-bit/color RGBA, non-interlaced\012- data
Size
441 kB (441120 bytes)
Hash
a2bb410b6931a21fc47ca39cf0be1bf0
877edcba7f72caf63e092a5906b92258a833d31e
9efea95d346e9bf6d52bf0f7d46404b49573b7f4d0f39493b028c651e038df9e

HTTP Headers

GET /pic.png HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: image/png
content-length: 441120
last-modified: Sun, 02 Oct 2022 11:16:40 GMT
etag: "63397318-6bb20"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/icons/Logo_MC_noir_fond_transparent_small.png

212.224.86.197

404 Not Found

873 B

URL HTTP/2
message-webmail.connexion-messagerie.com/icons/Logo_MC_noir_fond_transparent_small.png
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
873 B (873 bytes)
Hash
fc2816f9dafc0ddcaed2f648602b4d7b
d675330ff85bb98c2cd23b3038f4d71fadb64791
4d9f5a94806706a92c9f5324bc2194b36d043e52a155cf4b2756e743dbe2768e

HTTP Headers

GET /icons/Logo_MC_noir_fond_transparent_small.png HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html
last-modified: Sun, 02 Oct 2022 01:44:35 GMT
etag: W/"328-5ea035e86d2b7;5e99641bb1ad8"
content-encoding: br
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/icons/Logo_MC_orange_fond_transparent_small.png

212.224.86.197

404 Not Found

873 B

URL HTTP/2
message-webmail.connexion-messagerie.com/icons/Logo_MC_orange_fond_transparent_small.png
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
873 B (873 bytes)
Hash
fc2816f9dafc0ddcaed2f648602b4d7b
d675330ff85bb98c2cd23b3038f4d71fadb64791
4d9f5a94806706a92c9f5324bc2194b36d043e52a155cf4b2756e743dbe2768e

HTTP Headers

GET /icons/Logo_MC_orange_fond_transparent_small.png HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html
last-modified: Sun, 02 Oct 2022 01:44:35 GMT
etag: W/"328-5ea035e86d2b7;5e99641bb1ad8"
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4331
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:50:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4331
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:50:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6321 bytes)
Hash
8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
age: 3884
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 9361
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3695 bytes)
Hash
e3dfda0e06e989942bf45f4c2bf18d7c
6d0cee63012a8f79aef1f1e751e2940582b981e1
a79d4015713255da4475ff9193ccfeed72737f5f03027a42fd86cc7b095ddf03

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3695
x-amzn-requestid: f1f35cb1-9fc2-4694-8bf4-9d9e41f9bd7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabEM8oAMF0RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3140202b1a3b892702978a7e;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kxxeDkHccWmlQFBbBf-5gKzqY0utY15Czvx0Ms7QS1lJMXExRmbjjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:48:46 GMT
age: 3685
etag: "6d0cee63012a8f79aef1f1e751e2940582b981e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4522 bytes)
Hash
34ba42086104460665f7f4f579235592
58f10485c5273cbed8159c98b9065b192ba3d00b
79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzgI7sWS7fsSOANaDI0S4qrT_2iIkp2TOt3bPfm56T0m9jmxRFfSIA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 12:52:35 GMT
age: 35856
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 65351
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9095 bytes)
Hash
a59b70f464b106c9e54579d8b2f967fa
f964cf69ae825bb32eef4b364df8227c5fb73fce
cf2c8c1d3ebbdb8fea6b90d81d240120749cfdceb525713ef153481cb15a438e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9095
x-amzn-requestid: 9f6cbd35-adf6-4163-aaf0-a3534bfc25c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNes7G79oAMF2DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544b8-306a82aa5f91bcdb3b349b87;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9pqwazWdgS9eR0U_HxtfgHvTUTnUyN0IRVZlQUzrimpv-9dMLHlcVg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:36 GMT
age: 3035
etag: "f964cf69ae825bb32eef4b364df8227c5fb73fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/NaN

212.224.86.197

404 Not Found

0 B

URL HTTP/2
message-webmail.connexion-messagerie.com/NaN
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /NaN HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html
last-modified: Sun, 02 Oct 2022 01:44:35 GMT
etag: W/"328-5ea035e86d2b7"
content-encoding: br
X-Firefox-Spdy: h2

sdk.privacy-center.org/sdk.066c420c3c3088f5525aa1a3ec708ddb25ad1892.js

54.230.111.111

200 OK

0 B

URL HTTP/2
sdk.privacy-center.org/sdk.066c420c3c3088f5525aa1a3ec708ddb25ad1892.js
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdk.066c420c3c3088f5525aa1a3ec708ddb25ad1892.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 02 Oct 2022 22:50:11 GMT
last-modified: Thu, 26 May 2022 01:43:34 GMT
etag: W/"2dcb6cc2fb45d5bdb41f1b8994c76e48"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1653528979/ctime:1653528979/gid:0/gname:root/md5:2dcb6cc2fb45d5bdb41f1b8994c76e48/mode:33188/mtime:1653528979/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cix6ksw9fwcsA_5oalW_qMp-J2qVG4pYVWLGmCoJOrgzRCNsvcIHfw==
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/

212.224.86.197

200 OK

0 B

URL HTTP/2
message-webmail.connexion-messagerie.com/
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg; path=/
x-powered-by: PHP/8.0.23, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/css/bundle.min.css

212.224.86.197

200 OK

0 B

URL HTTP/2
message-webmail.connexion-messagerie.com/css/bundle.min.css
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/bundle.min.css HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: text/css
last-modified: Sun, 02 Oct 2022 10:56:00 GMT
etag: W/"63396e40-37e70"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

message-webmail.connexion-messagerie.com/js/bundle.min.js

212.224.86.197

200 OK

0 B

URL HTTP/2
message-webmail.connexion-messagerie.com/js/bundle.min.js
IP
212.224.86.197:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bundle.min.js HTTP/1.1
Host: message-webmail.connexion-messagerie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Cookie: PHPSESSID=uorafmr33h1k1q04qgvp1fhjtg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:50:10 GMT
content-type: application/javascript
last-modified: Sun, 02 Oct 2022 10:56:13 GMT
etag: W/"63396e4d-30a9f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

sdk.privacy-center.org/sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js

54.230.111.111

200 OK

0 B

URL HTTP/2
sdk.privacy-center.org/sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdk.d8d9b3b0f63d7d5011309533a99e82ca765fcbd8.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://message-webmail.connexion-messagerie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 27 Sep 2022 13:20:28 GMT
last-modified: Tue, 27 Sep 2022 13:16:34 GMT
etag: W/"2a0b534a95e0d177628e869d14f8cf23"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1664284306/ctime:1664284306/gid:0/gname:root/md5:2a0b534a95e0d177628e869d14f8cf23/mode:33188/mtime:1664284306/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OqSkJxIdhASV0ZqhlyAZu_v02ajK_nvonH0d2i3aPMyG2oMURLQ7iQ==
age: 466183
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP