r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfaf73bca502334ddf7cf1dd91b8edb9
6b76c0b11ee2d8f8330a883dea388181305116e1
783c6eb4ae51d11c783d5899f3f6665dc602ed49165b042b916a862a23681198
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "783C6EB4AE51D11C783D5899F3F6665DC602ED49165B042B916A862A23681198"
Last-Modified: Tue, 29 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21501
Expires: Tue, 29 Nov 2022 07:26:41 GMT
Date: Tue, 29 Nov 2022 01:28:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5702
Cache-Control: max-age=124683
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:20 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:06:23 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11200
Expires: Tue, 29 Nov 2022 04:35:00 GMT
Date: Tue, 29 Nov 2022 01:28:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13490
Expires: Tue, 29 Nov 2022 05:13:10 GMT
Date: Tue, 29 Nov 2022 01:28:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:17:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 630
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DzoroHa9kbDXyB7EpF7jFREHTLtAsvZCbpE8BwyTQUpS7SyA2EiFkTj4yu2fyt+aDWgUmovVQdI=
x-amz-request-id: SEBMYFWCDJ4G5SJM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:42:18 GMT
age: 2762
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 272ea624c3dd6c2e4ce6be2280c95264
c337d07315a3b0edc5c387abc9a476f40c94abe5
c1d2a94041dd73e48199ac48af989674d373bd073c37cc20eda8cac97c2e0f90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:40:39 GMT
Expires: Sat, 03 Dec 2022 12:40:38 GMT
Etag: "c337d07315a3b0edc5c387abc9a476f40c94abe5"
Cache-Control: max-age=385337,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771790e8793db4f1-OSL
www.ca-authentification.fr/connexion_files/exclamation.svg
200 OK 1.0 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/exclamation.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1391a673fa8c1e57c6c28b9ae2368860
16255a93439b69c310f946b524bdaa9fe78c6390
76327f7ad79e7520353cb8bd9c0bde1754f782f428c6eb6361af986a9993543b
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/exclamation.svg HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: image/svg+xml
content-length: 1031
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: "62f854e6-407"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/216X40%20CA%20NMP%20NTVA.svg
200 OK 18 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/216X40%20CA%20NMP%20NTVA.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 228913422ca3845faba4c2d477355823
ece1e8abefd6ec32a7f1b459d65df0daa92f333c
070ad5188a37bfca0d0f06ef7bfd10143cd3b745f1373a74fe18c73337c9f943
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/216X40%20CA%20NMP%20NTVA.svg HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: image/svg+xml
content-length: 17630
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: "62f854e6-44de"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/logo_ca.png
200 OK 2.0 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/logo_ca.png
IP
File type PNG image data, 83 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash a5777291aa794d7d07285c839571662a
284f3d6b64462c946a640072bb57e512307bf8ab
1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/logo_ca.png HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: image/png
content-length: 2037
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: "62f854e6-7f5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:59:21 GMT
Server: Apache
Expires: Wed, 28 Dec 2022 13:59:21 GMT
Cache-Control: max-age=2592000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Sat, 29 Oct 2022 13:59:21 GMT
Content-Type: image/svg+xml
Age: 41339
X-Cache: HIT
X-Cache-Hits: 22887
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.ca-authentification.fr/connexion_files/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0.css
200 OK 4.2 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0.css
IP
File type ASCII text, with very long lines (1706)
Hash 4bb75fb7204e6271f3b4c3d79f604801
deaa3a835e4e77adc62375f49d204f81c24e5cc8
c7e6027cf5dbf03b2ed74b101d4d70c5251daf5fc1e9224d4d562865d8715244
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0.css HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-3dcb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tc_PortailClientCreditAgricole_4.js
200 OK 17 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_PortailClientCreditAgricole_4.js
IP
File type Unicode text, UTF-8 text, with very long lines (38082), with CRLF, LF line terminators
Hash d940e6622469cc5f7f64eb624ede76d3
673cca5a5e4b70664b4220e751764dde6c266da2
b5f5063a9528fe8965473dbb80b9c0a4e207068022795fa35c9b8c12c9a64efa
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_PortailClientCreditAgricole_4.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-10bac"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
200 OK 59 kB URL HTTP/2 cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
IP
File type Unicode text, UTF-8 text, with very long lines (55809)
Hash 8683f48fe48e9518b48ac2ce84fdeff7
b33b24c70d8ceec255bd8bc13e7ad2271bfbdae7
71f2b5c56aaf2e52c625c50eaf183afeac74d210b8592c956aef96c959541fe5
GET /3315/tc_PortailClientCreditAgricole_1.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "c4f6be1d8ca35cc94de8d9e2ed515acf+gzip"
last-modified: Tue, 22 Nov 2022 13:16:09 GMT
server: ECS (frb/6776)
vary: Accept-Encoding
x-amz-id-2: 25WwKr3wYDUUtg6qUGG4ilLaUICr1OFcAyzm8E45bHWs/m6xHFdVxxgqetYmnmbV/jf56CVYgaE=
x-amz-request-id: F4ZTR2FBTXCJNMTT
x-cdn: VDMS
content-length: 58645
cache-control: must-revalidate, max-age=86400
date: Tue, 29 Nov 2022 01:28:21 GMT
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22.js
200 OK 65 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22.js
IP
File type ASCII text, with very long lines (679)
Hash 4bca317a8fe26fb1fc5d1ae25c03ed1d
554530c2b3a33b927635f8b0425e03a2f53181ab
e10acfa13bd3e44bb51c3e232961214c291fce44c7a01b0a7519ac1409c3d655
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-62a9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hR4U/SIBBzK00eGjbuCPUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oeu2asTl/mY8gFsQMq4Eag9PeR4=
www.ca-authentification.fr/conf/ca/settings/wcm/segments/commun.seg.branche1.js
404 Not Found 190 kB URL HTTP/2 www.ca-authentification.fr/conf/ca/settings/wcm/segments/commun.seg.branche1.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size 190 kB (190125 bytes)
Hash 7a41e7b320e4cb6b814fd6c49ee0eea7
e24fac3a7898a7a457342595544b0992b67e09a2
6c705a3cbf48a6deb0ceac2768f9d8a80a7b4ddc34b21f6beccf98cafe4f4825
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /conf/ca/settings/wcm/segments/commun.seg.branche1.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:21 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: W/"328-5ee381d5b47ee"
content-encoding: br
X-Firefox-Spdy: h2
cdn.tagcommander.com/3315/tc_CreditAgricoleCRSitemaitre_6.js
200 OK 42 kB URL HTTP/2 cdn.tagcommander.com/3315/tc_CreditAgricoleCRSitemaitre_6.js
IP
File type Unicode text, UTF-8 text, with very long lines (57698)
Hash 896c62465ab8829a834ab39a8892aa88
ce6e901f47a1c2d5e9bb816eb456c44f6cc8bf75
226ac90a93380a1d105deb182f2436dfffbbf9cfb6fce8d5e68ace2968c1bc65
GET /3315/tc_CreditAgricoleCRSitemaitre_6.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "d9fb93790dff1011a8b995d618f60944+gzip"
last-modified: Thu, 24 Nov 2022 09:00:23 GMT
server: ECS (frb/67F2)
vary: Accept-Encoding
x-amz-id-2: 5s8iGpfLstsOUDLJvcUs/z5CoczbcgpjgcBxfNbpyGydnoBnmBdsc4yD3OMwILo4CvVePJj9mqo=
x-amz-request-id: 52VQX230QV731FD7
x-cdn: VDMS
content-length: 42538
cache-control: must-revalidate, max-age=86400
date: Tue, 29 Nov 2022 01:28:21 GMT
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 80e7dc8dbfd48ce086a040d386b8dcdb
41044776e09db3038119999a1ca139bd7b2c757a
615bea111e6e41ed9339d3af6268a8eac91e865b8d5d9296a116f6da02f82556
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:20:09 GMT
Expires: Sat, 03 Dec 2022 15:20:08 GMT
Etag: "41044776e09db3038119999a1ca139bd7b2c757a"
Cache-Control: max-age=394906,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771790ee2c92b4f1-OSL
www.ca-authentification.fr/connexion_files/tc_812CRNordMidiPyrenees_Cosmo.js
200 OK 9.9 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_812CRNordMidiPyrenees_Cosmo.js
IP
File type ASCII text, with very long lines (21130), with CRLF, LF line terminators
Hash a1f4386779d9075447d9f50cf6511d7b
0909b63d5ba055f2ec336b1b858c118ddc001cdd
957e1b97951cbab77ed415257da9ffd504fb9c19f090abc48bd9f1b422148050
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_812CRNordMidiPyrenees_Cosmo.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-5a62"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdn.trustcommander.net/privacy/3315/privacy_v2_86.js
200 OK 33 kB URL HTTP/2 cdn.trustcommander.net/privacy/3315/privacy_v2_86.js
IP
File type C source, Unicode text, UTF-8 text, with very long lines (65244)
Hash 6f01ce5991113a4c967b051a81b5de49
fbf3349e75741bed04e90a0f0dd30811664e8bc0
19e056cf4fd863186f26f8ce9eab2712b35d470f7eb5bf04068c6af5920f998d
GET /privacy/3315/privacy_v2_86.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 59195
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Tue, 29 Nov 2022 01:28:21 GMT
etag: "37b36aedafd3d36ec49d67720179cdd4+gzip"
last-modified: Thu, 22 Sep 2022 07:27:30 GMT
server: ECS (ska/F71D)
vary: Accept-Encoding
x-amz-id-2: rIoAb+E62kt3ma2ddKg+qGzJNqs/yyNONvdTENYRjCu4ggdEuylvtutTLep8mIQjG832gFlUbeA=
x-amz-request-id: AFJCXXEDKH2VF5E8
x-cache: HIT
x-cdn: VDMS
content-length: 32728
X-Firefox-Spdy: h2
www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
200 OK 2.0 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
IP
ASN #9159 Credit Agricole S.A.
File type PNG image data, 83 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash a5777291aa794d7d07285c839571662a
284f3d6b64462c946a640072bb57e512307bf8ab
1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
GET /content/dam/assetsca/npc/logos/logo_ca.png HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 13:09:10 GMT
Server: Apache
Expires: Fri, 23 Dec 2022 13:09:10 GMT
Cache-Control: max-age=2592000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:10 GMT
Content-Length: 2037
Content-Type: image/png
Age: 476350
X-Cache: HIT
X-Cache-Hits: 936945
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ca-authentification.fr
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 13:59:21 GMT
Server: Apache
Expires: Wed, 28 Dec 2022 13:59:21 GMT
Cache-Control: max-age=2592000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Sat, 29 Oct 2022 13:59:21 GMT
Content-Type: image/svg+xml
vha6-origin: cats-rd17-prd
Age: 41340
X-Cache: HIT
X-Cache-Hits: 22404
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
status.thawte.com/
200 OK 471 B IP
Hash a44742e49e4263957edc568cf7fc8590
6536bd879b4a125b7fc66e6c7251bc0c1ac57d26
306dd63c098c4b5c86e7293ba5c80762b7f7d59142955c31b872a36f03f65a97
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2329
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Etag: "638414ff-1d7"
Last-Modified: Tue, 29 Nov 2022 00:49:32 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 471
privacy.trustcommander.net/privacy-consent/
200 OK 43 B URL HTTP/1.1 privacy.trustcommander.net/privacy-consent/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
POST /privacy-consent/ HTTP/1.1
Host: privacy.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://www.ca-authentification.fr
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Pragma: private
Expires: Mon, 27 Feb 2023 01:28:21 GMT
Access-Control-Allow-Origin: https://www.ca-authentification.fr
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Vary: Origin
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c124fa71b940afe9c0623e7499cceb67
fd8bcc8f33b69001651b1147f58aa7a1917a9e93
7528debdb5991c8b6763d96322b9b7e4bfb3d5080ce17c3be32277e7fe0560ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7528DEBDB5991C8B6763D96322B9B7E4BFB3D5080CE17C3BE32277E7FE0560EC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Tue, 29 Nov 2022 03:30:16 GMT
Date: Tue, 29 Nov 2022 01:28:21 GMT
Connection: keep-alive
status.thawte.com/
200 OK 471 B IP
Hash dceee3dfa6f2f1dca1480977fc3c9193
01f8565c2d78c75102f791173b0b8f92f6e97639
9f2f76a984a50c7f7894849a33e9fab68ad2472146127211f87f9f042e84267b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3350
Cache-Control: max-age=105359
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Etag: "63844bae-1d7"
Expires: Wed, 30 Nov 2022 06:44:20 GMT
Last-Modified: Mon, 28 Nov 2022 05:48:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
privacy.trustcommander.net/privacy-consent/
200 OK 43 B URL HTTP/1.1 privacy.trustcommander.net/privacy-consent/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
POST /privacy-consent/ HTTP/1.1
Host: privacy.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 150
Origin: https://www.ca-authentification.fr
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Pragma: private
Expires: Mon, 27 Feb 2023 01:28:21 GMT
Access-Control-Allow-Origin: https://www.ca-authentification.fr
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Vary: Origin
www.googletagmanager.com/gtag/js?id=AW-103997693
200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-103997693
IP
File type ASCII text, with very long lines (1921)
Hash 123a4536a177e1080a24c17da20d0e36
57e6eb7529269f95bda8211c18a814c3bfbf5e11
b82d54533eec1a9baf1ff13c7ce057cfce7d420ed9ad960b6e3c0f2600f0b09c
GET /gtag/js?id=AW-103997693 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 01:28:21 GMT
expires: Tue, 29 Nov 2022 01:28:21 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-671807328
200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-671807328
IP
File type ASCII text, with very long lines (4238)
Hash 112e14aa356bd12f621c6d83d7fa4a2a
152734e94f7ada02f553836e946586ca0c53f026
ec42df05fd865c6b9361a75f95f755c838ba37cd8b944025c5b83d4634dca308
GET /gtag/js?id=AW-671807328 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 01:28:21 GMT
expires: Tue, 29 Nov 2022 01:28:21 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
credit-agricole.tagcommander.com/dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.09479727922089332
404 Not Found 316 B URL HTTP/1.1 credit-agricole.tagcommander.com/dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.09479727922089332
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 88d1121f2ce2c8c183cc3c354bfb92b1
f79372dffe16d8a701e43901a6ade733bea11ae8
df79adaaeb053bfadb24f1254a49d368c82aafcf649fd0b785e4abf843dde788
GET /dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.09479727922089332 HTTP/1.1
Host: credit-agricole.tagcommander.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Tue, 29 Nov 2022 01:28:21 GMT
Content-Type: text/html
Content-Length: 316
Last-Modified: Wed, 18 Jun 2014 15:31:04 GMT
ETag: "280007-2c6-4fc1df2c8a13d"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: web
Set-Cookie: FDLBCTLYOXA=s02|Y4VgO|Y4VgO; path=/
Cache-control: private
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ca-authentification.fr/fonts/Gotham-Bold.woff2
200 OK 39 kB URL HTTP/2 www.ca-authentification.fr/fonts/Gotham-Bold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 39264, version 3.19726\012- data
Hash 003e90cf8cb3f8b4bef30d6764da18ed
512e44f40b54d0e5e081dda9fd5ea8a4429a508c
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /fonts/Gotham-Bold.woff2 HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:21 GMT
content-type: font/woff2
content-length: 39264
last-modified: Sun, 14 Aug 2022 17:23:34 GMT
etag: "62f92f96-9960"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tc_812CRNordMidiPyrenees_4.js
200 OK 12 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_812CRNordMidiPyrenees_4.js
IP
File type Unicode text, UTF-8 text, with very long lines (40469), with CRLF, LF line terminators
Hash cb7022bb0508f8901405fb37df10f241
745df9ce4df0c74d3dfdc7c048d2f9ab36b9c239
29ed0f944e0182c70bb6549b3a0722281e6b30f4b1409eb4913d8845a1427f03
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_812CRNordMidiPyrenees_4.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-ce85"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tc_CampagneNationale_4.js
200 OK 18 kB URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_CampagneNationale_4.js
IP
File type Unicode text, UTF-8 text, with very long lines (42121), with CRLF, LF line terminators
Hash dd00b94b42253324c5322f775184d1ff
d709eaab1930de427ff8df7e1d7639578dfb8f33
fb0da856bb0b4527cbee57e4ca4d154bd9e2097a6e5062cc259fbb787e2186f7
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_CampagneNationale_4.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-fa36"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/fonts/Gotham-Book.woff2
200 OK 42 kB URL HTTP/2 www.ca-authentification.fr/fonts/Gotham-Book.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 41728, version 3.19726\012- data
Hash d838b98f75e3cb9574f9b8b796eb1e8f
fcdf131af872ce9ecda9a437cdf67d23c5940d97
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /fonts/Gotham-Book.woff2 HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:21 GMT
content-type: font/woff2
content-length: 41728
last-modified: Sun, 14 Aug 2022 17:12:00 GMT
etag: "62f92ce0-a300"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.google.com/maps/api/js?key=AIzaSyB5eOVWe6ujSpfNpuq3lIYNQQEeYsosAC0&libraries=places&callback=NPC.initGoogleMapsCallback&_=1669685300279
200 OK 56 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyB5eOVWe6ujSpfNpuq3lIYNQQEeYsosAC0&libraries=places&callback=NPC.initGoogleMapsCallback&_=1669685300279
IP
File type ASCII text, with very long lines (2412)
Hash de836cbc054cf84c278c46c3cf394c64
164937f2425567220dd6060ffd0a0e90ea0a7ab1
40bd03bca87e509534c6f2c4e76712a6d4a0755e12fb98056587bf6c8103ea54
GET /maps/api/js?key=AIzaSyB5eOVWe6ujSpfNpuq3lIYNQQEeYsosAC0&libraries=places&callback=NPC.initGoogleMapsCallback&_=1669685300279 HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 29 Nov 2022 01:28:22 GMT
expires: Tue, 29 Nov 2022 01:58:22 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55560
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mmtro.com/trojs/6575809-fb136cbaeec53b310cc10e89914a117c/d39099e2-c980-4127-b276-7f3f11dd5a24/d39099e2-c980-4127-b276-7f3f11dd5a24/exec.js
200 OK 144 B URL HTTP/2 mmtro.com/trojs/6575809-fb136cbaeec53b310cc10e89914a117c/d39099e2-c980-4127-b276-7f3f11dd5a24/d39099e2-c980-4127-b276-7f3f11dd5a24/exec.js
IP
File type ASCII text, with no line terminators
Hash e7fe3e96d2e6c828c4e52af5d94b338d
6c9be0d34539084a9677cde7cd15827d142f2787
661e7bd7e2b6ffc300a30ea6720c147cccebb197c4b87714aa88894382c845db
GET /trojs/6575809-fb136cbaeec53b310cc10e89914a117c/d39099e2-c980-4127-b276-7f3f11dd5a24/d39099e2-c980-4127-b276-7f3f11dd5a24/exec.js HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/javascript
content-length: 144
x-rid: 638560361b401c060f4b584e
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
mmtro.com/p?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&rtgpg=&rtgstep=&rtgpagename=acces-cr&rtgidcat=particulier&rtgidsubcat=acces-cr&rtgidsubsubcat=&rtgidform=&rtgassurance=&rtgmarket=&rtguniverse=&rtgidcountry=FR&rtglanguage=FR&rtglogged=N&rtgidpart=&rtgclientid=&rtgcode_eds=&rtgcode_marche=&rtgsegment_client=&email=&sha256=&rtgerrortype=&rtgoptin_pub=&rtgoptin_social=&rtgsite=&rtgidproduit=&rtgabanpan=&trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1&rtgdefault_score=545&rtgdefault_version=1&u=https%3A%2F%2Fwww.ca-authentification.fr%2Facceder-a-mon-espace.html&v=357b5df68d10e2bc2fb67e29_1.0&rnd=689630024
200 OK 48 B URL HTTP/2 mmtro.com/p?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&rtgpg=&rtgstep=&rtgpagename=acces-cr&rtgidcat=particulier&rtgidsubcat=acces-cr&rtgidsubsubcat=&rtgidform=&rtgassurance=&rtgmarket=&rtguniverse=&rtgidcountry=FR&rtglanguage=FR&rtglogged=N&rtgidpart=&rtgclientid=&rtgcode_eds=&rtgcode_marche=&rtgsegment_client=&email=&sha256=&rtgerrortype=&rtgoptin_pub=&rtgoptin_social=&rtgsite=&rtgidproduit=&rtgabanpan=&trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1&rtgdefault_score=545&rtgdefault_version=1&u=https%3A%2F%2Fwww.ca-authentification.fr%2Facceder-a-mon-espace.html&v=357b5df68d10e2bc2fb67e29_1.0&rnd=689630024
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d8b1e5906a77a303b516c9a0f3e4bcaf
174178028c07150b75086abc291a5bb94601a89e
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
GET /p?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&rtgpg=&rtgstep=&rtgpagename=acces-cr&rtgidcat=particulier&rtgidsubcat=acces-cr&rtgidsubsubcat=&rtgidform=&rtgassurance=&rtgmarket=&rtguniverse=&rtgidcountry=FR&rtglanguage=FR&rtglogged=N&rtgidpart=&rtgclientid=&rtgcode_eds=&rtgcode_marche=&rtgsegment_client=&email=&sha256=&rtgerrortype=&rtgoptin_pub=&rtgoptin_social=&rtgsite=&rtgidproduit=&rtgabanpan=&trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1&rtgdefault_score=545&rtgdefault_version=1&u=https%3A%2F%2Fwww.ca-authentification.fr%2Facceder-a-mon-espace.html&v=357b5df68d10e2bc2fb67e29_1.0&rnd=689630024 HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: image/gif
content-length: 48
x-rid: 638560361b3576b144f54bc3
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ca-authentification.fr
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 29 Nov 2022 01:28:22 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.ca-authentification.fr
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8396d8b40cc6a185364fab99384ef726
af2e626c2d5eba5da2f4d79125ec4395a246f64d
8da7b95d52d632bccb2a701dc48a4a2c19c240539f451c0bef01c5c27078b85e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96237
Date: Tue, 29 Nov 2022 01:28:22 GMT
Etag: "63842319-1d7"
Expires: Wed, 30 Nov 2022 04:12:19 GMT
Last-Modified: Mon, 28 Nov 2022 02:55:21 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wiM0FLX9QYKp2TqXvulXZ26pooF2GsQmWCDTLGEbpf7wlEQ4KysIEg==
Age: 4619
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9834
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 01:28:22 GMT
Connection: keep-alive
mmtro.com/cse/amazon?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3D7ae0d688-799b-4d55-ba84-853198e8457d%26id%3D%7B%7BRUID%7D%7D
302 Found 457 B URL HTTP/2 mmtro.com/cse/amazon?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3D7ae0d688-799b-4d55-ba84-853198e8457d%26id%3D%7B%7BRUID%7D%7D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (347)
Hash 67b2d97e8b8cae602c73389feff81b90
5460dae0caa70568b21aecd782c3b962d7adcc61
caa2e070012bd917586e6d0d60d83a018c70af4a04c9898c1697c4232878bd86
GET /cse/amazon?https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3D7ae0d688-799b-4d55-ba84-853198e8457d%26id%3D%7B%7BRUID%7D%7D HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html; charset=utf-8
content-length: 457
location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24
x-rid: 638560367bd85e8913f89687
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9834
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 01:28:22 GMT
Connection: keep-alive
mmtro.com/cse/liveramp?https%3A%2F%2Fidsync.rlcdn.com%2F447836.gif%3Fpartner_uid%3D%7B%7BRUID%7D%7D
302 Found 375 B URL HTTP/2 mmtro.com/cse/liveramp?https%3A%2F%2Fidsync.rlcdn.com%2F447836.gif%3Fpartner_uid%3D%7B%7BRUID%7D%7D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52ec87fc8bc368636bafb7d25cf3a932
ae805ca0b53aa91bd5150c7bd62ebc251145d947
491de66e0f68e352a76a75b0a58767f160e85393e583aca6f992cb890c685b9e
GET /cse/liveramp?https%3A%2F%2Fidsync.rlcdn.com%2F447836.gif%3Fpartner_uid%3D%7B%7BRUID%7D%7D HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html; charset=utf-8
content-length: 375
location: https://idsync.rlcdn.com/447836.gif?partner_uid=d39099e2-c980-4127-b276-7f3f11dd5a24
x-rid: 638560364ff7a253d9d6f705
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9834
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 01:28:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: 9f657586-a44e-46f0-8c38-f1bf26142486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVOlEE6ZoAMFUPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852aed-1da2400f4165dd553418f8b9;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:41:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mqdz1NhVCqmSrhYLIF0miDzrBiS82SUU6ZRFzDMllbCwS70hC0rMRQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 13287
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c808183085a429c53515508678fc7ab2
6567069d9f5199205ba1ca7a937fcb0a52f95d06
c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:36:14 GMT
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
content-type: image/jpeg
age: 3128
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9834
Expires: Tue, 29 Nov 2022 04:12:16 GMT
Date: Tue, 29 Nov 2022 01:28:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 78077
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:45:02 GMT
age: 74600
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 64220
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oW4xFfsPp-Jmf28Uc88iZ2jLgtMRjn2gW0orrJ4K201r6Y6OlHkacQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:51 GMT
age: 13291
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/gotham/Gotham-Medium.woff
404 Not Found 808 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/gotham/Gotham-Medium.woff
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-resources/resources/fonts/gotham/Gotham-Medium.woff HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Cookie: TCPID=1221121282011518405910; tCdebugLib=1; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPPSPROMJKJOMZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; __trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1_; __troRUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html
content-length: 808
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: "328-5ee381d5b47ee"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
404 Not Found 808 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Cookie: TCPID=1221121282011518405910; tCdebugLib=1; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPPSPROMJKJOMZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; __trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1_; __troRUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html
content-length: 808
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: "328-5ee381d5b47ee"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f4c9cb4b688f1526b04adea55dce9946
4a00dec8e4ff5b78967de66d96b257536a9da613
7d29e2b378ed1fe83ea18efa2223918ecacef3376c61257e2acf5d06ee000b7f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150906
Date: Tue, 29 Nov 2022 01:28:22 GMT
Etag: "6384f1ae-1d7"
Expires: Wed, 30 Nov 2022 19:23:28 GMT
Last-Modified: Mon, 28 Nov 2022 17:36:46 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uyYAOFggYPapt_iQ7uy5vpwtj4STxTFdSfJPGjIO3sqWBiht7XT3uA==
Age: 6402
dpm.zebestof.com/sync?&url=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dzebestof%26partner_uid%3D%24%7BZBO_ID%7D
204 No Content 0 B URL HTTP/2 dpm.zebestof.com/sync?&url=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dzebestof%26partner_uid%3D%24%7BZBO_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?&url=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dzebestof%26partner_uid%3D%24%7BZBO_ID%7D HTTP/1.1
Host: dpm.zebestof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 29 Nov 2022 01:28:22 GMT
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-headers:
access-control-allow-methods: GET
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash e2719662331235eab22354739e4dc7f6
0c551405dde991d90c609eac59209b4456ab63b0
6b99c1c9184d1cf2799a5d02ad358e2050788f0f7365e8e9b22ab80208c40410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5857
Cache-Control: max-age=126959
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Etag: "63849645-13a"
Expires: Wed, 30 Nov 2022 12:44:21 GMT
Last-Modified: Mon, 28 Nov 2022 11:06:45 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 314
logs1410.xiti.com/hit.xiti?s=598954&idclient=c4a3a41b-b3ea-4476-a25b-bfc04fbf895f&ts=1669685301658&vtag=5.18.0&ptag=js&r=1280x1024x24x24&re=1280x939&hl=1x28x21&lng=en-US&idp=0128212431584&jv=0&p=Acces_CR&s2=1&vrn=1&x4=[Credit_Agricole_Nord_Midi-Pyrenees]&x5=[store_locator_trouver_ma_CR_50]&x8=[prospect]&x9=[0]&x12=[https://www.ca-authentification.fr/acceder-a-mon-espace.html]&x14=[particulier]&stc=%7B%22version_banniere%22%3A%2286%22%2C%22env_entite_ca%22%3A%22NPC%22%2C%22env_id_CR%22%3A%2281200%22%2C%22page_nom%22%3A%22acces-cr%22%2C%22page_arbo_niveau_2%22%3A%22acces-cr%22%2C%22action_realisee%22%3A%22chargement_page%22%7D&ref=
200 OK 35 B URL HTTP/2 logs1410.xiti.com/hit.xiti?s=598954&idclient=c4a3a41b-b3ea-4476-a25b-bfc04fbf895f&ts=1669685301658&vtag=5.18.0&ptag=js&r=1280x1024x24x24&re=1280x939&hl=1x28x21&lng=en-US&idp=0128212431584&jv=0&p=Acces_CR&s2=1&vrn=1&x4=[Credit_Agricole_Nord_Midi-Pyrenees]&x5=[store_locator_trouver_ma_CR_50]&x8=[prospect]&x9=[0]&x12=[https://www.ca-authentification.fr/acceder-a-mon-espace.html]&x14=[particulier]&stc=%7B%22version_banniere%22%3A%2286%22%2C%22env_entite_ca%22%3A%22NPC%22%2C%22env_id_CR%22%3A%2281200%22%2C%22page_nom%22%3A%22acces-cr%22%2C%22page_arbo_niveau_2%22%3A%22acces-cr%22%2C%22action_realisee%22%3A%22chargement_page%22%7D&ref=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /hit.xiti?s=598954&idclient=c4a3a41b-b3ea-4476-a25b-bfc04fbf895f&ts=1669685301658&vtag=5.18.0&ptag=js&r=1280x1024x24x24&re=1280x939&hl=1x28x21&lng=en-US&idp=0128212431584&jv=0&p=Acces_CR&s2=1&vrn=1&x4=[Credit_Agricole_Nord_Midi-Pyrenees]&x5=[store_locator_trouver_ma_CR_50]&x8=[prospect]&x9=[0]&x12=[https://www.ca-authentification.fr/acceder-a-mon-espace.html]&x14=[particulier]&stc=%7B%22version_banniere%22%3A%2286%22%2C%22env_entite_ca%22%3A%22NPC%22%2C%22env_id_CR%22%3A%2281200%22%2C%22page_nom%22%3A%22acces-cr%22%2C%22page_arbo_niveau_2%22%3A%22acces-cr%22%2C%22action_realisee%22%3A%22chargement_page%22%7D&ref= HTTP/1.1
Host: logs1410.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
date: Tue, 29 Nov 2022 01:28:22 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jm137-HC5KDyk1QAVVpXwjlMG-fSdP-A4Zn3ReFCdi8To1xMWp-p4Q==
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/gotham/Gotham-Medium.otf
404 Not Found 405 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/gotham/Gotham-Medium.otf
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b11feaa7ad45e0d930f54fbb301b4af5
c16b3a8e93ee0bdb1143fa5e033e9db89bee5baa
cb50b3d538f9b08a78537692c34762be193841bf07e3226ff0a25ab8d9924480
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-resources/resources/fonts/gotham/Gotham-Medium.otf HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Cookie: TCPID=1221121282011518405910; tCdebugLib=1; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPPSPROMJKJOMZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; __trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1_; __troRUID=d39099e2-c980-4127-b276-7f3f11dd5a24; __troSYNC=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: W/"328-5ee381d5b47ee"
content-encoding: br
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=1000mercis_dmp&google_cm&google_sc&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24
302 Found 444 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=1000mercis_dmp&google_cm&google_sc&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash af353cd6118c77de2bcae7cac5d6796f
67d4764998a3a56d6a2a5151aa193c316884f2a5
4a7d90f1e1309bfda1c6a109d07250e8a8dd11711aace48bc138260ec2f80f6b
GET /pixel?google_nid=1000mercis_dmp&google_cm&google_sc&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=1000mercis_dmp&google_cm=&google_sc=&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_tc=
date: Tue, 29 Nov 2022 01:28:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 444
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 01:43:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 068cf228c42ada6827cea97c849760f1
4c551c05fbb786c7c1944e0c101c9324bdbf5457
0cd46be437ecd512a34549ccff57d5d7d6d11c4adaf0fc774487c79d1cb958b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6213
Cache-Control: max-age=141011
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Etag: "6384cbc4-1d7"
Expires: Wed, 30 Nov 2022 16:38:33 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.ca-authentification.fr/fonts/npcicons-crunchy.woff2
200 OK 16 kB URL HTTP/2 www.ca-authentification.fr/fonts/npcicons-crunchy.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16124, version 1.0\012- data
Hash 7eefcde0bd0f11ff896e571772c36544
7e205d90e6f19f35ee0f73f51d67f9377b8a0b64
2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /fonts/npcicons-crunchy.woff2 HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Cookie: TCPID=1221121282011518405910; tCdebugLib=1; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPPSPROMJKJOMZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; __trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1_; __troRUID=d39099e2-c980-4127-b276-7f3f11dd5a24; __troSYNC=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: font/woff2
content-length: 16124
last-modified: Sun, 14 Aug 2022 17:27:09 GMT
etag: "62f9306d-3efc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=195&r=1&a=1&u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dcriteo%26partner_uid%3D%40USERID%40
302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=195&r=1&a=1&u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dcriteo%26partner_uid%3D%40USERID%40
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=195&r=1&a=1&u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 01:28:22 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=criteo&partner_uid=
server-processing-duration-in-ticks: 769785
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=798876&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=798876&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=798876&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D798876%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fmmtro.com%252Fs%253Ftagid%253D6575809-fb136cbaeec53b310cc10e89914a117c%2526r1%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526vruid%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526partner_name%253Dappnexus%2526partner_uid%253D%2524UID
AN-X-Request-Uuid: 72740a95-b4d7-4a56-872d-5d0d02432d13
Set-Cookie: uuid2=6657412326468408910; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 27-Feb-2023 01:28:22 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cm.g.doubleclick.net/pixel?google_nid=1000mercis_dmp&google_cm=&google_sc=&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_tc=
302 Found 373 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=1000mercis_dmp&google_cm=&google_sc=&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0e35a8194a363b8298e867c3bd40ed39
5044b677b72a8820e45f7ae26ad5c84435ad47eb
6995a2554fbb5abdb6db4c0f009b4661f03ba9fa6d381a43223d7ffc1f46893d
GET /pixel?google_nid=1000mercis_dmp&google_cm=&google_sc=&tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_error=3
date: Tue, 29 Nov 2022 01:28:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 373
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash bd80e5b102b993e29ae72b53041bf8f0
370579d966536dce7043773f080ad0303a74e4fa
5a592688002ae9b082a689f3e2a853f1c98b411bc906943b238d024e0f39ff1a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 07:30:52 GMT
Expires: Mon, 05 Dec 2022 07:30:51 GMT
Etag: "370579d966536dce7043773f080ad0303a74e4fa"
Cache-Control: max-age=539548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771790f64bc00b69-OSL
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D798876%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fmmtro.com%252Fs%253Ftagid%253D6575809-fb136cbaeec53b310cc10e89914a117c%2526r1%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526vruid%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526partner_name%253Dappnexus%2526partner_uid%253D%2524UID
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D798876%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fmmtro.com%252Fs%253Ftagid%253D6575809-fb136cbaeec53b310cc10e89914a117c%2526r1%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526vruid%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526partner_name%253Dappnexus%2526partner_uid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D798876%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fmmtro.com%252Fs%253Ftagid%253D6575809-fb136cbaeec53b310cc10e89914a117c%2526r1%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526vruid%253Dd39099e2-c980-4127-b276-7f3f11dd5a24%2526partner_name%253Dappnexus%2526partner_uid%253D%2524UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/getuid?https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=$UID
AN-X-Request-Uuid: 74945572-39c0-4923-ab09-1061b1533596
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2ImMDN*-S!@wnf-Te9(>wL5L!!'F)$aJ(>; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 27-Feb-2023 01:28:22 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
aax-eu.amazon-adsystem.com/s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24
302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24 HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: PN14KZMTFJGAEYV31ARD
Set-Cookie: ad-id=Ax-qOVHJBk7YgwMDzkSma5o|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 01:28:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=criteo&partner_uid=
200 OK 48 B URL HTTP/2 mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=criteo&partner_uid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d8b1e5906a77a303b516c9a0f3e4bcaf
174178028c07150b75086abc291a5bb94601a89e
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
GET /s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=criteo&partner_uid= HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: image/gif
content-length: 48
x-rid: 63856036d846ac17c7be66cb
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
loadm.exelator.com/load/?p=204&g=949&j=0
204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=949&j=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=949&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_error=3
200 OK 48 B URL HTTP/2 mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d8b1e5906a77a303b516c9a0f3e4bcaf
174178028c07150b75086abc291a5bb94601a89e
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
GET /s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&google_error=3 HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: image/gif
content-length: 48
x-rid: 638560360fc3a14916bcc33f
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=$UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID
AN-X-Request-Uuid: 235b5c66-cfab-4dd9-ab9a-3d2f370619b2
Set-Cookie: uuid2=3121321092910929414; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 27-Feb-2023 01:28:22 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D
302 Found 0 B URL HTTP/1.1 aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fcgi-bin/dispatch.fcgi?d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D HTTP/1.1
Host: aimfar.solution.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Tue, 29 Nov 2022 01:28:22 GMT
server: Apache
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
last-modified: Tue, 29 Nov 2022 01:28:22 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
set-cookie: AFFICHE_W=jk1aH77YNDWO33; path=/; expires=Wed, 27-Dec-2023 01:28:22 GMT; domain=.weborama.fr; SameSite=None; Secure
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
location: https://aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=67216&d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D
transfer-encoding: chunked
aax-eu.amazon-adsystem.com/s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24&dcc=t
200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24&dcc=t
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=7ae0d688-799b-4d55-ba84-853198e8457d&id=d39099e2-c980-4127-b276-7f3f11dd5a24&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: QNMT1DYZ5SRK6ZW01X90
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dappnexus%26partner_uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=0
AN-X-Request-Uuid: 2f970cc5-630d-4ba7-a406-434feaba5e3b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=67216&d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D
302 Found 0 B URL HTTP/1.1 aimfar.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=67216&d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=67216&d.A=rd&d.k=1000mercis&d.u=https%3A%2F%2Fmmtro.com%2Fs%3Ftagid%3D6575809-fb136cbaeec53b310cc10e89914a117c%26r1%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26vruid%3Dd39099e2-c980-4127-b276-7f3f11dd5a24%26partner_name%3Dweborama%26partner_uid%3D%7BWEBO_ID%7D HTTP/1.1
Host: aimfar.solution.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Tue, 29 Nov 2022 01:28:22 GMT
server: Apache
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
last-modified: Tue, 29 Nov 2022 01:28:22 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
location: https://mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=weborama&partner_uid=!Z8Af78zhMz5
transfer-encoding: chunked
mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=0
200 OK 48 B URL HTTP/2 mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d8b1e5906a77a303b516c9a0f3e4bcaf
174178028c07150b75086abc291a5bb94601a89e
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
GET /s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=appnexus&partner_uid=0 HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: image/gif
content-length: 48
x-rid: 63856036b94f6ba74be19268
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=weborama&partner_uid=!Z8Af78zhMz5
200 OK 48 B URL HTTP/2 mmtro.com/s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=weborama&partner_uid=!Z8Af78zhMz5
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d8b1e5906a77a303b516c9a0f3e4bcaf
174178028c07150b75086abc291a5bb94601a89e
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
GET /s?tagid=6575809-fb136cbaeec53b310cc10e89914a117c&r1=d39099e2-c980-4127-b276-7f3f11dd5a24&vruid=d39099e2-c980-4127-b276-7f3f11dd5a24&partner_name=weborama&partner_uid=!Z8Af78zhMz5 HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: image/gif
content-length: 48
x-rid: 638560360fc3a14916bcc342
set-cookie: RUID=d39099e2-c980-4127-b276-7f3f11dd5a24; Domain=.mmtro.com; Expires=Fri, 02-Jun-2023 01:28:22 GMT; Path=/; Secure; SameSite=None
expires: Wed, 23 Feb 2000 00:00:01 GMT
cache-control: no-store, no-cache, private
pragma: no-cache
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=432272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771790f5f901b4f1-OSL
idsync.rlcdn.com/447836.gif?partner_uid=d39099e2-c980-4127-b276-7f3f11dd5a24
200 OK 42 B URL HTTP/2 idsync.rlcdn.com/447836.gif?partner_uid=d39099e2-c980-4127-b276-7f3f11dd5a24
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /447836.gif?partner_uid=d39099e2-c980-4127-b276-7f3f11dd5a24 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ca-authentification.fr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=BhlZZ8towTU+qqmvwIrgqon5fOssnxTqR21X5g+l7Y8=; Path=/; Domain=rlcdn.com; Expires=Wed, 29 Nov 2023 01:28:22 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Sat, 28 Jan 2023 01:28:22 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Tue, 29 Nov 2022 01:28:22 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ca1f7bf945dd58ac0967698f154aace0
0ccc75d3ffa9faa7fe15e66a795730ca831f9ff1
9b3692d0b27905c247442b915bedfd94f241661665897546dc985d0a6d9748f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 01:28:23 GMT
Last-Modified: Mon, 28 Nov 2022 23:51:07 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fwrlJ44wqokLzH0gj_UqKP0ORzz1suJl335XyX2YKq9ucN2wH9Gjqw==
Age: 5836
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ca1f7bf945dd58ac0967698f154aace0
0ccc75d3ffa9faa7fe15e66a795730ca831f9ff1
9b3692d0b27905c247442b915bedfd94f241661665897546dc985d0a6d9748f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164149
Date: Tue, 29 Nov 2022 01:28:23 GMT
Etag: "63853da7-1d7"
Expires: Wed, 30 Nov 2022 23:04:12 GMT
Last-Modified: Mon, 28 Nov 2022 23:00:55 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qMOBdsTqb2JSX4_-ZWv1c77-x2PyZ-WgQpz9pqcOY1VZa62arY-Y6w==
Age: 197
ocsp.sectigo.com/
200 OK 471 B IP
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=432271,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771790f7cc790b69-OSL
credit-agricole.inbenta.com/jsonp/inbenta-1.0.0.js
200 OK 1.1 kB URL HTTP/2 credit-agricole.inbenta.com/jsonp/inbenta-1.0.0.js
IP
Hash 332377cbb414d28549b72fd4015d72d5
84d855b3377adf70682f57621cc4edd9c91c0211
0038c442a6769f1d2243cbc36112b9b3c85628e5c3d45d3a4421d14214d94328
GET /jsonp/inbenta-1.0.0.js HTTP/1.1
Host: credit-agricole.inbenta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:23 GMT
content-type: application/javascript
content-length: 1072
server: Apache
cache-control: max-age=172800
etag: 1e8fd2283c5e10b97694b3349ca296bc
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
credit-agricole-compagnon.inbenta.com/jsonp/inbenta.js
200 OK 504 B URL HTTP/2 credit-agricole-compagnon.inbenta.com/jsonp/inbenta.js
IP
Hash db0a53490b4bed2c069474f6b3e7e60c
2d33f732a9e341533cdde24ec4af3b35cc9cf6fe
83aade01a1089538d7584294ff6221c9549150b08aed6ddb2ae9be8fbfd17942
GET /jsonp/inbenta.js HTTP/1.1
Host: credit-agricole-compagnon.inbenta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:23 GMT
content-type: application/javascript
content-length: 504
server: Apache
cache-control: max-age=172800
etag: 4daf5868c340224dbdbe956c4ab44797
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 378e22727c6b87f0da2b3be7edf03c77
4db758fb368cc4647865143cdbc4db3b4c4143ba
fde96828a511a6a91a2b0e62c65228729495527e31f598aafd12e6d1c23f7500
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:28:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 17:55:36 GMT
Expires: Mon, 05 Dec 2022 17:55:35 GMT
Etag: "4db758fb368cc4647865143cdbc4db3b4c4143ba"
Cache-Control: max-age=577031,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771790f829f8b4f1-OSL
credit-agricole.inbenta.com/assets/js/inbenta-1.0.0.js
200 OK 21 kB URL HTTP/2 credit-agricole.inbenta.com/assets/js/inbenta-1.0.0.js
IP
File type Unicode text, UTF-8 text, with very long lines (32046)
Hash 2fb6a313f687dd36f7e4d093976556ef
8f21946216c5787766dafb099b59422a7f3146c6
58a90608d54604fc549e292f92f691e3739d8d00a37f0301e085d1880d4f5e11
GET /assets/js/inbenta-1.0.0.js HTTP/1.1
Host: credit-agricole.inbenta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:23 GMT
content-type: application/x-javascript
content-length: 20992
server: Apache
last-modified: Wed, 16 Nov 2022 15:55:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
X-Firefox-Spdy: h2
credit-agricole-compagnon.inbenta.com/assets/js/inbenta.js?20220121
200 OK 11 kB URL HTTP/2 credit-agricole-compagnon.inbenta.com/assets/js/inbenta.js?20220121
IP
File type Unicode text, UTF-8 text, with very long lines (32047)
Hash 62076c5f62fe2229305c6ed413536ac2
6db8bc51bf2c8593a2641eae83c7b20cb97348c6
1dd2a88d3352aea9c7e7662e52dd2e371f09576d65bc658f48f0b48dafd246c7
GET /assets/js/inbenta.js?20220121 HTTP/1.1
Host: credit-agricole-compagnon.inbenta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:23 GMT
content-type: application/x-javascript
content-length: 10806
server: Apache
last-modified: Fri, 21 Jan 2022 15:16:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
X-Firefox-Spdy: h2
botcli.credit-agricole.fr/front/npc-mbot-launcher.js
200 OK 63 kB URL HTTP/1.1 botcli.credit-agricole.fr/front/npc-mbot-launcher.js
IP
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 67dae02cecb0398f1a49bf0d7563fe2a
1a4930a81fc1a35595abf8e45b8c6804447c8808
9fc6406ca174e7c29c6134b341bd352423d23ae2eabf8e8bda292cca4234fcb7
GET /front/npc-mbot-launcher.js HTTP/1.1
Host: botcli.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:27:42 GMT
Last-Modified: Thu, 13 Oct 2022 05:30:42 GMT
ETag: "6347a282-25173"
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Expires: Tue, 29 Nov 2022 01:42:42 GMT
Cache-Control: public
Access-Control-Allow-Methods: GET, OPTIONS, FETCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 41
Content-Length: 63183
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
credit-agricole-compagnon.inbenta.com/?callback=jQuery22406002387170914691_1669685300280&action=extraInfos&cr=cr812&browser%5Bname%5D=Netscape&browser%5BcodeName%5D=Mozilla&browser%5Bversion%5D=5.0+(X11)&browser%5Bcookies%5D=true&browser%5BuserAgent%5D=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0)+Gecko%2F20100101+Firefox%2F105.0&_=1669685300281
200 OK 236 B URL HTTP/2 credit-agricole-compagnon.inbenta.com/?callback=jQuery22406002387170914691_1669685300280&action=extraInfos&cr=cr812&browser%5Bname%5D=Netscape&browser%5BcodeName%5D=Mozilla&browser%5Bversion%5D=5.0+(X11)&browser%5Bcookies%5D=true&browser%5BuserAgent%5D=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0)+Gecko%2F20100101+Firefox%2F105.0&_=1669685300281
IP
File type ASCII text, with very long lines (304), with no line terminators
Hash bbc032c581726af23cdef67604c43b60
beec95c71c31fd962612357a3b2a9b92fe72b246
e11d3578e12e637bc129207d57c0f47860599219682f60bac72bbaa85d51052f
GET /?callback=jQuery22406002387170914691_1669685300280&action=extraInfos&cr=cr812&browser%5Bname%5D=Netscape&browser%5BcodeName%5D=Mozilla&browser%5Bversion%5D=5.0+(X11)&browser%5Bcookies%5D=true&browser%5BuserAgent%5D=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0)+Gecko%2F20100101+Firefox%2F105.0&_=1669685300281 HTTP/1.1
Host: credit-agricole-compagnon.inbenta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:23 GMT
content-type: text/javascript; charset=UTF-8
content-length: 236
server: Apache
set-cookie: PHPSESSID=hdve1o5nb1rkirhdip5embkd70; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/exec.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/exec.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/exec.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"90-5e629bd728580"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/contexthub
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/contexthub
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/contexthub HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/plain
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-337a0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tc_PortailClientCreditAgricole_2.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_PortailClientCreditAgricole_2.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_PortailClientCreditAgricole_2.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-45b7d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/conf/ca/settings/wcm/segments/cr812.seg.branche1.js
404 Not Found 0 B URL HTTP/2 www.ca-authentification.fr/conf/ca/settings/wcm/segments/cr812.seg.branche1.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /conf/ca/settings/wcm/segments/cr812.seg.branche1.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:21 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: W/"328-5ee381d5b47ee"
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/granite.min.579a107dd681c49bc61dae63734043cb.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/granite.min.579a107dd681c49bc61dae63734043cb.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-15dc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/plain
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-1c793"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-13a49"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"139-5e629bd728580"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/6575809.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/6575809.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/6575809.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-119e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/privacy_v2_86.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/privacy_v2_86.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/privacy_v2_86.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-17317"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
mmtro.com/tro.js
200 OK 0 B IP
GET /tro.js HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 01:28:21 GMT
content-type: text/javascript
vary: Accept-Encoding
x-rid: 63856035317ffcf86862c2ef
cache-control: private, max-age=259200
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
content-encoding: gzip
X-Firefox-Spdy: h2
www.ca-authentification.fr/favicon.ico
404 Not Found 0 B URL HTTP/2 www.ca-authentification.fr/favicon.ico
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /favicon.ico HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Cookie: TCPID=1221121282011518405910; tCdebugLib=1; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPPSPROMJKJOMZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: W/"328-5ee381d5b47ee"
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 17:29:20 GMT
etag: W/"62f930f0-142a42"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
404 Not Found 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: W/"328-5ee381d5b47ee"
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/js_002
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/js_002
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/js_002 HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/octet-stream
content-length: 171692
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: "62f854e6-29eac"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tc_PortailClientCreditAgricole_1.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_PortailClientCreditAgricole_1.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_PortailClientCreditAgricole_1.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-33493"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
404 Not Found 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/connexion_files/clientlib-part.min.ea256277357fa8db5612c74f1e54f567.css
Cookie: TCPID=1221121282011518405910; tCdebugLib=1; tc_last_RegistrationID=; tc_env_tech_iframe=Production; cq-opt-out=1; isSNallowed=false; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPPSPROMJKJOMZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; __trossion=1669685301_1800_1__d39099e2-c980-4127-b276-7f3f11dd5a24%3A1669685301_1669685301_1_; __troRUID=d39099e2-c980-4127-b276-7f3f11dd5a24; __troSYNC=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 29 Nov 2022 01:28:22 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 14:21:01 GMT
etag: W/"328-5ee381d5b47ee"
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db34.css
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db34.css
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/clientlibStoreLocatorT34Part.min.f3d31862687057258256810db34.css HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-4b33"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b.css
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b.css
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b.css HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-2fad"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-npc-components.min.b6efd65ae8c18d73875a5e228a1dc167.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-c23bf"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/acceder-a-mon-espace.html
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/acceder-a-mon-espace.html
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /acceder-a-mon-espace.html HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/html
last-modified: Wed, 12 Oct 2022 18:42:51 GMT
etag: W/"63470aab-2ed8e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-74ddd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea3.css
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea3.css
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
GET /connexion_files/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea3.css HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-31d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tro.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/tro.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tro.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-3e96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/util.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/util.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/util.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-27221"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/tc_CreditAgricoleCRSitemaitre_6.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/tc_CreditAgricoleCRSitemaitre_6.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/tc_CreditAgricoleCRSitemaitre_6.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-2a2da"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/clientlibBoutonVertGeneralVitrine.min.6d249ff421b187a168e04f6.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/clientlibBoutonVertGeneralVitrine.min.6d249ff421b187a168e04f6.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/clientlibBoutonVertGeneralVitrine.min.6d249ff421b187a168e04f6.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-2f7ff"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-25146"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/utils.min.423ec59365a85ebded314ad7311ef508.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/utils.min.423ec59365a85ebded314ad7311ef508.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-2cef"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.ca-authentification.fr/connexion_files/common.js
200 OK 0 B URL HTTP/2 www.ca-authentification.fr/connexion_files/common.js
IP
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /connexion_files/common.js HTTP/1.1
Host: www.ca-authentification.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ca-authentification.fr/acceder-a-mon-espace.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:28:20 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 01:50:30 GMT
etag: W/"62f854e6-3d4b5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
89.23.103.7
23.13.251.114
195.66.82.41
34.120.237.76
93.184.220.29
104.18.32.68
185.89.210.90
52.209.69.255
23.36.77.32