Report - webmailfrancetv.yolasite.com/

Report Overview

Submitted URL
webmailfrancetv.yolasite.com/
IP
104.16.161.215
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-15 19:24:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.148.62
connect.sitewit.com	58857	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	571 B	829 B	3.234.29.110
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	15 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	504 B	46 kB	142.250.74.163
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	469 B	161 kB	142.250.74.163
analytics.sitewit.com	48641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	22 kB	34.198.38.221
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.242
webmailfrancetv.yolasite.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	757 B	104.16.159.215
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
pixel.yola.com	228852	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	892 B	266 B	104.18.126.89
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	2.4 kB	142.250.74.10
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-15	medium	webmailfrancetv.yolasite.com/	Generic/Spear Phishing

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	webmailfrancetv.yolasite.com/	321 B	2023-03-07	2024-03-08
Pretty URL webmailfrancetv.yolasite.com/ IP 104.16.159.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:59 Last Seen2024-03-08 04:44:06 Times Seen8 Hash 5191c3800f35395a9c96c1d7a2dbc514 6519fa5bd7153b83712868a0cd095548004f6690 2a8a6aa791ebace87887e4fe9384625dc5a25ebabebb77df9f84501c4762591b Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-19 19:08:39 Times Seen22315 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tOjQ0Mw..&hl=fr&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=m4up1huzp0r1	69 B	2023-03-07	2024-04-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tOjQ0Mw..&hl=fr&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=m4up1huzp0r1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-20 00:14:28 Times Seen99087 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	analytics.sitewit.com/partner/yola/11ed2865de69f482bd89551e59595564/sw.js	21 kB	2023-03-07	2023-03-07
Pretty URL analytics.sitewit.com/partner/yola/11ed2865de69f482bd89551e59595564/sw.js IP 34.198.38.221 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:29 Last Seen2023-03-07 17:07:29 Times Seen1 Hash 91c44c262088f8b875eccfd0d2ac3372 7e339de0224f25479e0c28e37b5a590a651ffffd 840a7fbbb908d2936146c71e868bc137665962ddc3fafe9f6f8d3f0dc04366e1 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tOjQ0Mw..&hl=fr&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=m4up1huzp0r1	36 kB	2023-03-07	2023-03-07
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy&co=aHR0cHM6Ly93ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tOjQ0Mw..&hl=fr&v=zmiYzsHi8INTJBWt2QZC9aM5&size=normal&cb=m4up1huzp0r1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:29 Last Seen2023-03-07 17:07:29 Times Seen1 Hash f0061c3c06affe2d8e0569bf602ce769 d2a5d2175a940fa3f4b9962f174b4356ed2310ef 6ec8dff61ca52c093bab88b37fb4123cf07ce9d7b1deffe4d4b0d9ecbcef8ca4 Loading...

	webmailfrancetv.yolasite.com/ws/bundles/js/1343b43dfda94847ad0d9291a9da4987.js	254 kB	2023-03-07	2023-03-07
Pretty URL webmailfrancetv.yolasite.com/ws/bundles/js/1343b43dfda94847ad0d9291a9da4987.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:28 Last Seen2023-03-07 21:23:47 Times Seen1 Hash 059af0210461a61dc9d1d3e257b55da8 befbcf8a14664c1acfb007e308dd3c83111cabe2 79e02cb53323077d42b82ce6b2496ba443f58586d6593c984e2b89258d0f6ccc Loading...

	www.google.com/recaptcha/api.js?render=explicit&hl=fr	852 B	2023-03-07	2023-03-17
Pretty URL www.google.com/recaptcha/api.js?render=explicit&hl=fr IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:28 Last Seen2023-03-17 12:38:57 Times Seen1 Hash f0470d3d737352e15cba513b2e8c860f c62fbf5c9bde73c13ff62541f9d52f035864621e ad54356528ac1711cf30c6cb23a7ec9231e4299df2af3619c0d39f788fde9d26 Loading...

	www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__fr.js	401 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__fr.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:28 Last Seen2023-03-17 12:38:57 Times Seen1 Hash 79cd05a7208aeeaccdcf7f39a81705e0 b34a088a7b285ad42fc45f51d6a507c74ceb81b5 f64a93f166d2dec23fce22621a8dbc47b969727635c39f444ebbef23a3430099 Loading...

	webmailfrancetv.yolasite.com/	1.7 kB	2023-03-07	2024-03-17
Pretty URL webmailfrancetv.yolasite.com/ IP 104.16.159.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:46 Last Seen2024-03-17 18:56:53 Times Seen74 Hash 944f095743b80cee6eb30f4a57b999a2 13bb4e957a104f30b12577ab200ce88cee4553d3 61a10eca8b987c476cb755e3ae67c7f4e52c32cc2abcdfec6359adfb2cbed3b4 Loading...

	webmailfrancetv.yolasite.com/	1.4 kB	2023-03-07	2023-03-07
Pretty URL webmailfrancetv.yolasite.com/ IP 104.16.159.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:29 Last Seen2023-03-07 17:07:29 Times Seen1 Hash 0cfc8021bb15abcbe62410e3054e1308 25df1110d063acc302623e237a0f11033b2a653d 2b71a26d5aedd1d0bf38b3ed3a2d900af0f4d779025801a8e7c546c02f3ccd36 Loading...

	http:blank	580 B	2023-03-07	2023-03-07
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:07:29 Last Seen2023-03-07 17:07:29 Times Seen1 Hash b4a2b635cfe4269877243844a9f4aee6 b836698c7024447b92a63d9fe02a0836508ae906 5e90022f59ca321610fdd4dcc677ef947f9c68c54d322ba78ae78e33ca434b71 Loading...

	analytics.yolacdn.net/tracking.js	13 kB	2023-03-07	2023-06-26
Pretty URL analytics.yolacdn.net/tracking.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:16 Last Seen2023-06-26 14:53:03 Times Seen380 Hash 9d34069e805baa60c4f854551a031d75 f5f79895c3d58f8b984e83f40e93607504c3a72f 00f0654bb14da45d2f727dcd0112097ee7e31b1f2f4ea77184d86bf0d8e4dae4 Loading...

	pixel.yola.com/LoggingAgent/LoggingAgent?url=//webmailfrancetv.yolasite.com/&pagename=index&siteid=11ed2865de69f482bd89551e59595564&resolution=1280x1024&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=C9FA990D-DFB0-0001-3A47-4250B25B4510&visitId=C9FA990D-DFB0-0001-9244-101012116B40&user_id=3ca6fd518c12472e97f6c9c60f3c7e74&partner_id=YOLA&LoggingAgentReturnType=script	12 B	2023-03-07	2024-04-18
Pretty URL pixel.yola.com/LoggingAgent/LoggingAgent?url=//webmailfrancetv.yolasite.com/&pagename=index&siteid=11ed2865de69f482bd89551e59595564&resolution=1280x1024&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=C9FA990D-DFB0-0001-3A47-4250B25B4510&visitId=C9FA990D-DFB0-0001-9244-101012116B40&user_id=3ca6fd518c12472e97f6c9c60f3c7e74&partner_id=YOLA&LoggingAgentReturnType=script IP 104.18.126.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:16 Last Seen2024-04-18 11:49:11 Times Seen769 Hash 6bbb017084ca9f0ca681dcef4426db24 ad73c0a99c11e7914e23bf96c2948d622680b744 9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244 Loading...

	www.google.com/recaptcha/api2/bframe?hl=fr&v=zmiYzsHi8INTJBWt2QZC9aM5&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy	175 B	2023-03-07	2023-03-17
Pretty URL www.google.com/recaptcha/api2/bframe?hl=fr&v=zmiYzsHi8INTJBWt2QZC9aM5&k=6LcEthAUAAAAANLeILVZiZpPDbVwyoQuQ7c3qlsy IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:46 Last Seen2023-03-17 12:51:34 Times Seen1 Hash 39fd7ba685987ca953848ae71621d36c 8c85df62c007a48a1a2cfc69090c649d74fc83ae e0942bf7e25e03bbfb85b7985a6101d9a9f12b068cd52913b5833e62bda101fc Loading...

	connect.sitewit.com/js/11ED2865DE69F482BD89551E59595564/sw_connect.js?ispartner=yola&ns=sw	32 B	2023-03-07	2024-04-18
Pretty URL connect.sitewit.com/js/11ED2865DE69F482BD89551E59595564/sw_connect.js?ispartner=yola&ns=sw IP 3.234.29.110 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:16 Last Seen2024-04-18 11:49:11 Times Seen841 Hash 0280d23b467b91f9ecd3bfc2aaab89e4 502abf953757ecee3d35b22125f9fee528979b1e 7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e Loading...

		Size	First Seen	Last Seen
	#1 Eval - e7a26412dabf5cc6d0fafa0c83222758	22 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 16:52:10 Last Seen2023-03-17 12:38:19 Times Seen1 Hash e7a26412dabf5cc6d0fafa0c83222758 5012e693f44d7d7fb2a60b281b962b55353edc64 0079de8c08c2e6f8fa95d7dcd5129c6c1893ad0c7d4243ff5e86c76962dc65bc Loading...

	#2 Eval - 2bd3ac4da79596167057c1c2921e9ba1	16 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 16:52:10 Last Seen2023-03-17 12:38:19 Times Seen1 Hash 2bd3ac4da79596167057c1c2921e9ba1 c7373434669ba9b14ee7f15066c18ca43870b701 1ab48e1ef261ce98fb9bdb0ada2b59b7de6934d3a3b8f98bbeb3c794ec481d1a Loading...

	#3 Eval - d384d9c47f46c7206794c55e8db169c0	23 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 17:07:29 Last Seen2023-03-07 17:07:29 Times Seen1 Hash d384d9c47f46c7206794c55e8db169c0 8ab5e9a3f1c7ae3c164113c00851a9487a867c96 7adf2c6d7aae67c39e7851b65abc6f444ea30f99e47cb3b2468e3c98a57fa163 Loading...

	#4 Eval - 3f7d2f6a3f54e0b1eea6686a5765d33e	22 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 16:52:10 Last Seen2023-03-17 12:38:19 Times Seen1 Hash 3f7d2f6a3f54e0b1eea6686a5765d33e b9b95d64caa722049adbb20eefe2bc4c99ec8d5d 44bc528d4e9f2adf94f881e61bbf1efeccc41f1205c42aa6ad8bf5d0a27f0f6f Loading...

	#5 Eval - 31753d9609ac73efcb7f434a673f562e	64 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 16:52:10 Last Seen2023-03-17 12:38:19 Times Seen1 Hash 31753d9609ac73efcb7f434a673f562e 18f3ecf5955eaa85ccf2ea4311eff772890c50ad fcc7b67fb6adf834de7be2636820960a9262992ec28780ddd797f42f9a7f0f18 Loading...

HTTP Transactions (34)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 19:10:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: r3p0v9xN7bWG2d6cHSUP5VBBdKn8xCraDODH1h3yW7PCMPjRLn2Pvg==
Age: 812

r3.o.lencr.org/

23.36.76.242

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.242:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9333
Expires: Thu, 15 Sep 2022 21:59:36 GMT
Date: Thu, 15 Sep 2022 19:24:03 GMT
Connection: keep-alive

webmailfrancetv.yolasite.com/

104.16.159.215

301 Moved Permanently

166 B

URL HTTP/1.1
webmailfrancetv.yolasite.com/
IP
104.16.159.215:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

Detections

Analyzer	Verdict	Alert
openphish	Generic/Spear Phishing

HTTP Headers

GET / HTTP/1.1
Host: webmailfrancetv.yolasite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 19:24:03 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://webmailfrancetv.yolasite.com/
X-Hrouter: hrouter4
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=nI09_Mn6GYbn_I_Y0cA9IPo2dSMUJbMttVQoEkwsq1c-1663269843-0-AX/CndDTt9KuDQzvKcQdQ+9gL2jxAxublsplmxvctBHLBKzZu7thoRgl4r/rksu+FSx45buWnscjT2y/GhoOmT1NTHlyEq28mex1vTru+JbQ; path=/; expires=Thu, 15-Sep-22 19:54:03 GMT; domain=.yolasite.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 74b3bd88792cb4ff-OSL
alt-svc: h2=":443"; ma=60

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VR3hdRWd6hviO9FrgLzPejbiCKTR9qTCQ5-alZdkIoJIGpNNTqCm_Q==
age: 53328
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 19:24:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 19:03:22 GMT
Expires: Thu, 15 Sep 2022 19:03:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gxIQ7DqSFuSbX-okiTsoE0Ii4oCuk5R9nQNTdStAaRZ25or9qKQi2w==
Age: 1241

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Last-Modified: Thu, 15 Sep 2022 18:28:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
01721134027b8087fcaea01ae7470149
e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864
a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.148.62

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.148.62:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TGNbiEcs7oyNq9U3H8Gxew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QpKqk5tTM4HV+FdOf6pHWeptm48=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

10 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
10 kB (10204 bytes)
Hash
cd663cfd6dd3efed96fed16db56c9b5e
c9c2f7f51a4c118274e59214fc44b1d9afc8e289
89f9f79ddbf74b09ceb400227aea5c8edd58cea8f354c30b4154fafecdf04059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPlayfair+Display:400,400i,700,700i,900,900i&display=swap

142.250.74.10

200 OK

1.6 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i%7CPlayfair+Display:400,400i,700,700i,900,900i&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.6 kB (1608 bytes)
Hash
a9ef468a95ff28f40725bacd36315c7e
3f5faea1761c8b75b92962cc156ea8f1ff7fea93
f66e43dd71bfe6885dd358a5c6442ade196a350e4b9757c4e68425801ece18b9

HTTP Headers

GET /css?family=Open+Sans:400,400i,600,600i,700,700i%7CPlayfair+Display:400,400i,700,700i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailfrancetv.yolasite.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 19:24:04 GMT
date: Thu, 15 Sep 2022 19:24:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://webmailfrancetv.yolasite.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 211983
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7e925333ab20cfae90dd1097a4666e91
42a1f0d4c80616f824a9a4e07c66a89d4080fbcb
7967fad26ff44e4fc783a97301fb26804b515476e95b9481a054b04aedf81508

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4976
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 19:24:04 GMT
Last-Modified: Thu, 15 Sep 2022 18:01:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__fr.js

142.250.74.163

200 OK

160 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__fr.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (671)
Size
160 kB (159578 bytes)
Hash
88869fa79963b9ba86b1e233d26a564b
5c4b67fbaf3169b5f5b647ede28d76722d772903
2606aaefbeeb54539387d654347e7a876e67971743beac8e60fc8394fcf13319

HTTP Headers

GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__fr.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webmailfrancetv.yolasite.com
Connection: keep-alive
Referer: https://webmailfrancetv.yolasite.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159578
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 09:53:42 GMT
expires: Thu, 14 Sep 2023 09:53:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 120622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

analytics.sitewit.com/partner/yola/11ed2865de69f482bd89551e59595564/sw.js

34.198.38.221

200 OK

21 kB

URL HTTP/2
analytics.sitewit.com/partner/yola/11ed2865de69f482bd89551e59595564/sw.js
IP
34.198.38.221:0
ASN
#14618 AMAZON-AES

File type
C source, ASCII text, with very long lines (20619), with no line terminators
Size
21 kB (20619 bytes)
Hash
91c44c262088f8b875eccfd0d2ac3372
7e339de0224f25479e0c28e37b5a590a651ffffd
840a7fbbb908d2936146c71e868bc137665962ddc3fafe9f6f8d3f0dc04366e1

HTTP Headers

GET /partner/yola/11ed2865de69f482bd89551e59595564/sw.js HTTP/1.1
Host: analytics.sitewit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailfrancetv.yolasite.com/
Cookie: AWSALBCORS=uvyqyF5UUI4aoCRHs/mjmhPJ16QAqiD39CvMGEUHf20Lm7LyCT2OvRkx7x2y78hQMj0Z/d3Qr8I8NGx7+UXN8Yy4fFBQEwmCYa8H3ctuHUL3YdYWAHzMimAO40B7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:24:04 GMT
content-type: text/javascript; charset=utf-8
content-length: 20619
set-cookie: AWSALB=yRQuF38S1CwJ5R5VMaZfd6rQ7ficotlwZvl8iXzWXoP3yhrW0e1ldByyzNU5Ablin8eaM1gMG/vxPOAZtgmY7sWKAOofNr6OZCZAvA7GXTTdWgsT0tLCWqzDWIBm; Expires=Thu, 22 Sep 2022 19:24:04 GMT; Path=/
AWSALBCORS=yRQuF38S1CwJ5R5VMaZfd6rQ7ficotlwZvl8iXzWXoP3yhrW0e1ldByyzNU5Ablin8eaM1gMG/vxPOAZtgmY7sWKAOofNr6OZCZAvA7GXTTdWgsT0tLCWqzDWIBm; Expires=Thu, 22 Sep 2022 19:24:04 GMT; Path=/; SameSite=None; Secure
ASP.NET_SessionId=3uiykyvo5omljvevyih1i5aj; path=/; HttpOnly; SameSite=Lax
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
X-Firefox-Spdy: h2

analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=11ED2865DE69F482BD89551E59595564&_sw_uid=6c57c0f9-a5c7-4a47-929e-a1606a4cc946&_sw_fp=d81aba38de1026ae6365737c0746690d4a1c0d07&_sw_pl=0&_sw_pc=0&_sw_dat=MXx3ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tfGh0dHBzOi8vd2VibWFpbGZyYW5jZXR2LnlvbGFzaXRlLmNvbS98ZW4tVVN8MTI4MHwxMDI0fDI0fEZpcmVmb3gvOTYuMHxydjo5Ni4wfDF8MHwxfDB8LXx8LXwtfC18OTEuOTAuNDIuMTU0fDA=&to=713

34.198.38.221

200 OK

35 B

URL HTTP/2
analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=11ED2865DE69F482BD89551E59595564&_sw_uid=6c57c0f9-a5c7-4a47-929e-a1606a4cc946&_sw_fp=d81aba38de1026ae6365737c0746690d4a1c0d07&_sw_pl=0&_sw_pc=0&_sw_dat=MXx3ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tfGh0dHBzOi8vd2VibWFpbGZyYW5jZXR2LnlvbGFzaXRlLmNvbS98ZW4tVVN8MTI4MHwxMDI0fDI0fEZpcmVmb3gvOTYuMHxydjo5Ni4wfDF8MHwxfDB8LXx8LXwtfC18OTEuOTAuNDIuMTU0fDA=&to=713
IP
34.198.38.221:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /images/cq_blank.gif?_sw_yolaid=11ED2865DE69F482BD89551E59595564&_sw_uid=6c57c0f9-a5c7-4a47-929e-a1606a4cc946&_sw_fp=d81aba38de1026ae6365737c0746690d4a1c0d07&_sw_pl=0&_sw_pc=0&_sw_dat=MXx3ZWJtYWlsZnJhbmNldHYueW9sYXNpdGUuY29tfGh0dHBzOi8vd2VibWFpbGZyYW5jZXR2LnlvbGFzaXRlLmNvbS98ZW4tVVN8MTI4MHwxMDI0fDI0fEZpcmVmb3gvOTYuMHxydjo5Ni4wfDF8MHwxfDB8LXx8LXwtfC18OTEuOTAuNDIuMTU0fDA=&to=713 HTTP/1.1
Host: analytics.sitewit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailfrancetv.yolasite.com/
Cookie: AWSALBCORS=yRQuF38S1CwJ5R5VMaZfd6rQ7ficotlwZvl8iXzWXoP3yhrW0e1ldByyzNU5Ablin8eaM1gMG/vxPOAZtgmY7sWKAOofNr6OZCZAvA7GXTTdWgsT0tLCWqzDWIBm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:24:05 GMT
content-type: image/gif
content-length: 35
set-cookie: AWSALB=vcd32ymHZVzJI5+uug+Fl56eBpnXqTZefUKW78gwWJMa9nfzlXeqORWL/jAniKnjroG6cSALwg5uRAzKy2hIrqBTExz9oCrJJ3xi+ktITR9VmmWChQ2lRqozSZus; Expires=Thu, 22 Sep 2022 19:24:05 GMT; Path=/
AWSALBCORS=vcd32ymHZVzJI5+uug+Fl56eBpnXqTZefUKW78gwWJMa9nfzlXeqORWL/jAniKnjroG6cSALwg5uRAzKy2hIrqBTExz9oCrJJ3xi+ktITR9VmmWChQ2lRqozSZus; Expires=Thu, 22 Sep 2022 19:24:05 GMT; Path=/; SameSite=None; Secure
cache-control: no-cache
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
accept-ranges: bytes
etag: "9f8deacbda13cb1:0"
server: Microsoft-IIS/10.0
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
3d7e92453be0f871efbc0413b0b7da6a
fe2db798fd79cacd766b8906cb6c811be7b9edc3
311911893062eeb6f1027b888d265ab48c726c00350bef6244fc0e7e5d3103d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 19:24:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 00:22:27 GMT
Expires: Wed, 21 Sep 2022 00:22:26 GMT
Etag: "fe2db798fd79cacd766b8906cb6c811be7b9edc3"
Cache-Control: max-age=449300,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b3bd951982b524-OSL

connect.sitewit.com/js/11ED2865DE69F482BD89551E59595564/sw_connect.js?ispartner=yola&ns=sw

3.234.29.110

200 OK

32 B

URL HTTP/2
connect.sitewit.com/js/11ED2865DE69F482BD89551E59595564/sw_connect.js?ispartner=yola&ns=sw
IP
3.234.29.110:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
0280d23b467b91f9ecd3bfc2aaab89e4
502abf953757ecee3d35b22125f9fee528979b1e
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e

HTTP Headers

GET /js/11ED2865DE69F482BD89551E59595564/sw_connect.js?ispartner=yola&ns=sw HTTP/1.1
Host: connect.sitewit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailfrancetv.yolasite.com/
Cookie: AWSALBCORS=B/gh6JNAjRHwonY+iYPrYCqr5Tcv2I58WcfqHG7d/q0aKMBoqZzJu58IgWVrlLycpzcSkFppmMDwENVsZsdojKZ/oc6bZO/z5lO7odx9giO3hWxUI/GAquRwPrwp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:24:05 GMT
content-type: text/javascript; charset=utf-8
content-length: 32
set-cookie: AWSALB=0DC4f4vEGSJG7PhAhHHTwD+kTNEgE1x9Mq+O6kLgOlq1RjCIWJtEVm3FEcxXr48HPEL6dm4WeOOY3AqI9IEKAyZUK6u1jZMGoAkRoEl3cEYphMb++RFzyWscZBKy; Expires=Thu, 22 Sep 2022 19:24:05 GMT; Path=/
AWSALBCORS=0DC4f4vEGSJG7PhAhHHTwD+kTNEgE1x9Mq+O6kLgOlq1RjCIWJtEVm3FEcxXr48HPEL6dm4WeOOY3AqI9IEKAyZUK6u1jZMGoAkRoEl3cEYphMb++RFzyWscZBKy; Expires=Thu, 22 Sep 2022 19:24:05 GMT; Path=/; SameSite=None; Secure
ASP.NET_SessionId=ucny5qj2m44afg3lvnna5imb; path=/; HttpOnly; SameSite=Lax
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.242

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.242:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5693
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 19:24:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.242

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.242:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5693
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 19:24:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.242

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.242:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5693
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 19:24:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.242

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.242:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5693
Expires: Thu, 15 Sep 2022 20:58:58 GMT
Date: Thu, 15 Sep 2022 19:24:05 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Rx8KX_QI5I2x7q0gcvxcJX7QzZUe2KkfqAUVR64lEujF4xDEWWDhZQ==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:13 GMT
age: 82972
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9400 bytes)
Hash
4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 82948
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6770 bytes)
Hash
2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 77940
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9922 bytes)
Hash
3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 75494
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9071 bytes)
Hash
1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 74846
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5078 bytes)
Hash
f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 82931
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pixel.yola.com/LoggingAgent/LoggingAgent?url=//webmailfrancetv.yolasite.com/&pagename=index&siteid=11ed2865de69f482bd89551e59595564&resolution=1280x1024&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=C9FA990D-DFB0-0001-3A47-4250B25B4510&visitId=C9FA990D-DFB0-0001-9244-101012116B40&user_id=3ca6fd518c12472e97f6c9c60f3c7e74&partner_id=YOLA&LoggingAgentReturnType=script

104.18.126.89

200 OK

0 B

URL HTTP/2
pixel.yola.com/LoggingAgent/LoggingAgent?url=//webmailfrancetv.yolasite.com/&pagename=index&siteid=11ed2865de69f482bd89551e59595564&resolution=1280x1024&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=C9FA990D-DFB0-0001-3A47-4250B25B4510&visitId=C9FA990D-DFB0-0001-9244-101012116B40&user_id=3ca6fd518c12472e97f6c9c60f3c7e74&partner_id=YOLA&LoggingAgentReturnType=script
IP
104.18.126.89:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /LoggingAgent/LoggingAgent?url=//webmailfrancetv.yolasite.com/&pagename=index&siteid=11ed2865de69f482bd89551e59595564&resolution=1280x1024&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=C9FA990D-DFB0-0001-3A47-4250B25B4510&visitId=C9FA990D-DFB0-0001-9244-101012116B40&user_id=3ca6fd518c12472e97f6c9c60f3c7e74&partner_id=YOLA&LoggingAgentReturnType=script HTTP/1.1
Host: pixel.yola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmailfrancetv.yolasite.com/
Cookie: __cf_bm=DhBdvTM36TEfRa7OBPrwfyVprkHlRSZsEQThK5TBo7E-1663269792-0-AZ1rFLI2/P21KvBbGAKEb/3F6zgbWEb70/RNY0q0JZCQhBYzk38kFvilBo28sTR1VlJdPVEJwjTb4uJVESnuB9TzvN9iThaEAWHyZNmLk/g7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 15 Sep 2022 19:24:05 GMT
content-type: application/x-javascript
cf-ray: 74b3bd90df10b51d-OSL
content-encoding: gzip
expires: -1
cf-cache-status: DYNAMIC
pragma: no-cache
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations