firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 10:04:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FDRuiKkcGz5kMA-EwTNZNGJZq658DeY7mms_GTJhow6EbX1Z9z8fyQ==
Age: 2189
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T52GUcQn_yJ6W2SRiUYPJe_6CrIXpnp8Terx4kdvtr_EeuJRss_ewQ==
age: 33929
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Tue, 06 Sep 2022 11:47:12 GMT
Date: Tue, 06 Sep 2022 10:40:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15bc4af9e6da2180db7a7d3f66fa7734
a85532d6e4d58952b2f3ff104b07895ee5bff88b
2586579648fdfcf9c8f3d81fe181548f748e5280c593af543171c91421597ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2586579648FDFCF9C8F3D81FE181548F748E5280C593AF543171C91421597FFC"
Last-Modified: Mon, 05 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Tue, 06 Sep 2022 14:00:40 GMT
Date: Tue, 06 Sep 2022 10:40:46 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:40:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12
45.131.187.253200 OK 440 B URL HTTP/2 cartevitale.assumalade.fr/modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type ASCII text, with very long lines (661)
Hash 95ec5b5ce9cd27cbbff5dcffba0933fa
cb8437b504f4f94626bbce6973eab0bc34e1f6a1
7864fbd29749e47da978ce17fdb878790c6f1f03ca5885f8a74e1ad397ea8f3c
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /modules/custom/ameli_menu/js/ameli_menu_update8f77.js?v=9.3.12 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
content-length: 440
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "3f7-5e7b0a48ca1c9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/logo.svg
45.131.187.253200 OK 23 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/logo.svg
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (22990), with no line terminators
Hash 309614868fce75b09d16465178bcb950
c206e69f3a7c3353d33dbc2a64ed2340b9648b7b
6fc88d127374d7fafc14c486675681cefacce89b7961fc1558b104368ad32db2
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/images/logo.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 22990
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-59ce"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12
45.131.187.253200 OK 425 B URL HTTP/2 cartevitale.assumalade.fr/modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type ASCII text, with very long lines (824)
Hash bf86a3be803e5abd427f81f13ad59ffd
aa5d82402f4cb9e26137ef3976a8dfacc923ac40
08059f351f1370e0af1a2ca813e8fcc375a30d7c362434d165ddaef35df51e0c
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/custom/ameli_actualite/js/ameli_actualite_update8f77.js?v=9.3.12 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
content-length: 425
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "3c1-5e7b0a48c9229-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_1.png
45.131.187.253200 OK 723 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_1.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c3a691059e846736caef3d17a360519
453511e36db678b3a77124af4f697d82987393b1
97409f23aff1c1428275dff14a547f64c18b64ebb3cc3fbe0cf36f3117886d3e
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/telecommande/telecommande_1.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 723
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2d3-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/mon-espace-sante.png
45.131.187.253200 OK 608 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/mon-espace-sante.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d39dfb4bdca7b65637fd3c860eda365
8a9f35c911a1d622d4dff40e90de7b7033fcf884
1d3d56b79295a4880f83fd3d2910d45a3b61e8090d1b55a4b8592f5b5531255b
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/telecommande/mon-espace-sante.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 608
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "260-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/contact.svg
45.131.187.253200 OK 12 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/contact.svg
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85598c2d6e7ae18de80069db917d18a9
58aaf961633d0089cfd6ee5685865d303ae5dfd1
3c9b952c5f3f5fa966d9af774dc504462a198f4b75a4f9168100b08a22f1d8f6
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/images/telecommande/contact.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 12545
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-3101"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_3.png
45.131.187.253200 OK 448 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_3.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 858fe6e525a47c18c8dfd7f39e2a0ae5
fe34b1daa7f2c554cd3c08769acf674c945fe4d5
f134ef5eac4e75c5b04232a908e5820a7af17ccdf3336c730f3dbe6dc732620e
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/telecommande/telecommande_3.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 448
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "1c0-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_5.png
45.131.187.253200 OK 722 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_5.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 219b6f9332d4271f3baa57f1518b9e88
2e9d66c614b05fe9459c263919ad7dce256eb1c5
08807b6dbb61fc5e066ca4f8e7a88c0932dc34d2cd12b0517c89f9ff33a9aec2
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/telecommande/telecommande_5.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 722
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2d2-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_6.png
45.131.187.253200 OK 706 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/telecommande/telecommande_6.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 60 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 1802b81060e10dfbf321bf26cc5d0d25
39f7b1ceeffdae901e2cc2d8ca66404306bb30f5
1fa419dac7b93b687d68c8304e846dbed9fe6bd91f25597a117fbab2d30e0cdb
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/telecommande/telecommande_6.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 706
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2c2-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sante-recosante.png
45.131.187.253200 OK 11 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sante-recosante.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 439 x 322, 8-bit/color RGBA, non-interlaced\012- data
Hash bcb257b6a124eb053c1cb1546b019cb5
26797075a23d425da3bc2a4a87c627c69ee910e6
020689c940f494cf0d063de0a04404b4b44d8d49194b650e93894679448748f4
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/outils-sante/outils-sante-recosante.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 11203
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-2bc3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/franceRecosante.png
45.131.187.253200 OK 33 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/franceRecosante.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 242 x 208, 8-bit/color RGBA, non-interlaced\012- data
Hash 63baa27fac9bd0ab121f4cc106f31747
b52907607a917838a85f49a44cbd94c1af70187d
d7bccd64dd7979627192319d9d2cfa7db03066ee99fb8752d0c2a7d0239fb096
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/outils-sante/franceRecosante.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 32985
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-80d9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire.png
45.131.187.253200 OK 2.8 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 41 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 303904aaf853a1aea4f1c257a83b2b5f
f5d05f8e5fa1c9a775b204d4c9dfc0e8e7d89457
33df36ed55cbd63831d64a18083dd1297a821cba56c7d8b8aa22d064f47e34c7
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/outils-sante/outils-annuaire.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 2761
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-ac9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sophia.png
45.131.187.253200 OK 3.0 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-sophia.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 60 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 34c813ea8f458b7c4c3ef50529594c5c
16e28bb48015d359c506da759a06f344d968b293
4a8b8fdcde9cf27edd4f70795a3b1c3ced8e56950c24b74b84a416df693c8a1d
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/outils-sante/outils-sophia.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 3023
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-bcf"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire-image.png
45.131.187.253200 OK 3.5 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/outils-sante/outils-annuaire-image.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 58 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 175282c10a79d665d68a5c3d09d99ed2
6f216cf0c8aac7c38a759b79dd248763432a6ad8
b9d5de52ff68278b6f0a13eb99bfdd4af84c9e2995ddb2a8504a1a4daba659bb
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/outils-sante/outils-annuaire-image.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 3499
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-dab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg
45.131.187.253200 OK 26 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (26035)
Hash 381e33091e0774d59064b3b0cfd446a3
db6869462f5c72f11cfd427d01d72f11916e3478
97ae2ef28651fc17a197830e8bc6918bc9add749b2000d30ef4b5ebb21760d63
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/images/footer/logo-assurance-maladie-footer.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 26246
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-6686"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_lien_forum.png
45.131.187.253200 OK 1.1 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_lien_forum.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 55 x 55, 8-bit gray+alpha, non-interlaced\012- data
Hash 9a524b412d0f399fa5575377765244a4
9973d9120adda8bfd264651914392a2270dec7ac
b70014ea02c995d069754f1263f2e362d8dc77788692090ded32afabdfe2fb9c
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/footer/footer_lien_forum.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 1131
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-46b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_logo_ss.svg
45.131.187.253200 OK 402 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/footer/footer_logo_ss.svg
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8572)
Size 402 kB (402368 bytes)
Hash f259af7e9e79d8aa7a8d8d188e1fd21f
c46455fbaee37802c25f5ccb0a205ce173cb8f8d
d1ead117c96b507d90c32b2f7b83a88ae9140d65be6cf0d5be14715dcb30447a
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/images/footer/footer_logo_ss.svg HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/svg+xml
content-length: 402368
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-623c0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css
45.131.187.253200 OK 298 B URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type ASCII text, with very long lines (547), with no line terminators
Hash 841c80d9487a9ad068d33f29cd5519ca
17610d8b311556378a31d6b636672c86b3388cde
8d6e329ee15f2c2943e3f6959b18843a06adabdc5084e7a4b26663042b294e49
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /sites/default/files/css/css_xmutLRkzUUx9Wpn-a6sViHjq2-_vLauUEtJ8IxcqHzw.css HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: text/css
content-length: 298
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "223-5e7b0a48d8c2e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 10:38:18 GMT
Expires: Tue, 06 Sep 2022 11:34:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o-qBv1C0d3EpnUxbS3-0KliTqrS0DIzNjOc1tCXos2tD_seGkqmqUA==
Age: 149
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4258
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 10:40:47 GMT
Last-Modified: Tue, 06 Sep 2022 09:29:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cartevitale.assumalade.fr/themes/custom/ameli/images/uk.png
45.131.187.253200 OK 275 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/uk.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 32 x 16, 8-bit colormap, non-interlaced\012- data
Hash 84b72a42524b5670390adf73aaa074f5
c04077b4389a764b467860134d2e99410d0052d6
218f95b4c48d6cad016a6bf8e94101bab9651670f623997b0ee1bfdacec4d44b
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/uk.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 275
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "113-5e7b0a48ea574"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff
45.131.187.253200 OK 70 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format, TrueType, length 69880, version 1.0\012- data
Hash 023db09b1888a089c4729f183feb6e72
bc7017dfe5f08ae0a3456cdf5a17f0807263543a
6353b6bc05de7c03bbc2fd25408a160053748a5ad079ab2eae0239eb4ff9c97f
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/roboto/roboto-Medium-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 69880
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-110f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr=
45.131.187.253200 OK 9.2 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr=
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ameli-icons\012- data
Hash 37f90c0863044fb103eb8950fb6a3b5e
442f72e0dcb0dbe91341458a84c4e3ca0a1ce459
fbd106268bd42f8ca5168e74367312baa18f4a3a38176d3c75e13fe20d9513b8
Analyzer Verdict Alert quad9 Sinkholed
GET /themes/custom/ameli/fonts/ameli-icons/ameli-iconsfc59.ttf?kea0nr= HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/ttf
content-length: 9208
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-23f8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff
45.131.187.253200 OK 31 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format, TrueType, length 30716, version 1.0\012- data
Hash 7c8f834f4e70cb19b33082147bbf5088
3634a4709a8fe3968c972c879b0ad514218ae572
6c9c446322395751b8962ba1c108c2d828893c614dc99a9da85c264816ca188a
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/raleway/raleway-bold-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 30716
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-77fc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff
45.131.187.253200 OK 31 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format, TrueType, length 31396, version 1.0\012- data
Hash 912a578723e2b64ab98fba9662707550
dca6ae60c99a61a96f69a6fe170b6dc9f92690af
20449902bed689ac02f6efc038b1862c05ecc260843e89551c5389bd1af24081
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/raleway/raleway-medium-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 31396
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-7aa4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff
45.131.187.253200 OK 25 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format, TrueType, length 25072, version 1.0\012- data
Hash 25fb08ceaba4191aed4e2555219c4810
e74dd870dc4262c1980bfd57a84935069d08f15f
d84d71e171c2c269ad160798c6301daf2009bf17783d700490973f85854f9b55
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 25072
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-61f0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff
45.131.187.253200 OK 32 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format, TrueType, length 31660, version 1.0\012- data
Hash 222fff8003f2f7599d3bb745469b06a3
1b0c8c388774dc427c9add86aa9e14ff87bdb7b4
03882a72d20985f3f8e84918f1a2b594e528e380903f952a2c06487f569d26ff
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/raleway/raleway-regular-webfont.woff HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff
content-length: 31660
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-7bac"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/images/icone-alert-white.png
45.131.187.253200 OK 25 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/images/icone-alert-white.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format, TrueType, length 24808, version 1.0\012- data
Hash 8b18d65d6824460ad37616723e493bcd
da4032f9e0a9753489a58f81bf02930ed6952e04
c94ac252c2a3319406032032154badff85d43db816667ea65f7c97d951a33cb7
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/images/icone-alert-white.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: image/png
content-length: 712
x-accel-version: 0.01
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "2c8-5e7b0a48ee3f6"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2
45.131.187.253200 OK 10 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format (Version 2), TrueType, length 10328, version 1.6554\012- data
Hash d8411d8bb1d6060de4fee4f3a20973cc
bda09aa58d916d532c9981c6e1c32215ab027742
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/opensans/opensans-semibold-webfont.woff2 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff2
content-length: 10328
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-2858"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2
45.131.187.253200 OK 10 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format (Version 2), TrueType, length 10352, version 1.6554\012- data
Hash 4124088fdd8c315a6d096b65b6cbf428
0477e48f455cbfe729f90389d3fd8aaca6cc483b
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/opensans/opensans-regular-webfont.woff2 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: font/woff2
content-length: 10352
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-2870"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js
45.131.187.253200 OK 40 kB URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Unicode text, UTF-8 text, with very long lines (13594)
Hash 041082910aaa3e147d0ba36efda6de0d
fd21d1e9acaa8b1d268469f5cb6740155d1073c7
5a122a70b5db00d393ee47d5c5a4106710c1a325f27241e2760d7f2d14123483
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /sites/default/files/js/js_Dyurn0ZL9fXM3LrHm1C3gxFZ1UMAiZ45i2tJf-SxksM.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-1ce6c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/thumbnails/image/twitter_logo_white.png
45.131.187.253200 OK 5.3 kB URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/thumbnails/image/twitter_logo_white.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash cedcf74f0fea3299f59bb3c11ee5f303
1626dca6211236041dec59796f05042167c44f55
058a2aaae51543f61ebaa8bb12b0172982ec7b17217f58394588ac105e4083f5
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /sites/default/files/thumbnails/image/twitter_logo_white.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/png
content-length: 5326
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-14ce"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png
45.131.187.253200 OK 2.3 kB URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash b8b6d31c81619407a95fd7b2c045b0a0
d2ab18854e0fa55fc30800af0bea5cae42255336
ab2d2a264e10dadd27653a6f41c87759af2c9064c110b467693f55e655f90e42
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /sites/default/files/thumbnails/image/linkedin-f-logo_white_50.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/png
content-length: 2322
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-912"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/thumbnails/image/fb-f-logo_white_50.png
45.131.187.253200 OK 1.3 kB URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/thumbnails/image/fb-f-logo_white_50.png
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash ea167e1b8f3edba0206fe07e5a0e89a3
13d7c4dbc043f22fc7a178dae111192a59c3ff7e
504b4de8f04d4c0c0c52a1fa8f1a745cf955fc4eda7fbf3cf28750675845ede6
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /sites/default/files/thumbnails/image/fb-f-logo_white_50.png HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/png
content-length: 1317
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-525"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2
45.131.187.253200 OK 28 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type Web Open Font Format (Version 2), TrueType, length 28188, version 3.0\012- data
Hash f5dd1b6aee7e582132f0707d6a392697
92ca02ed47b0e9296b0b36094926ac6d2ef8761f
35fa96ecaf1dec9b60fa590e153e173f3cc060e04c7108612f54ac46251cb935
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/fonts/raleway/raleway-lightitalic-webfont.woff2 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: font/woff2
content-length: 28188
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-6e1c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/favicon.ico
45.131.187.253200 OK 4.3 kB URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/favicon.ico
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 64939ecaeec8810b850c53dfcc7a121c
197f072d1459ee0f93604536ed61afaf22a758bc
9eb7011b23171aec853d7ea040a50c61cde14fff5763b899ba937fea956626ff
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /themes/custom/ameli/favicon.ico HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: image/vnd.microsoft.icon
content-length: 4286
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: "6311f328-10be"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NxwkdmeDQRYDwHiP9Ah8Ng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9AO2LoDQX0mCpT0RXr8BDdkP1fU=
cartevitale.assumalade.fr/ameli-menu/menu/rubrique_assure/3?rbd837
45.131.187.253404 Not Found 15 kB URL HTTP/2 cartevitale.assumalade.fr/ameli-menu/menu/rubrique_assure/3?rbd837
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8809101f01bee40718295a6c8c7dc393
448ffa3057e5388eb6df438ce45c5a3d90c23f73
d15a65d6622ae3059cc2da477b718229b59880c153b02012de8136e851d7c83e
Analyzer Verdict Alert quad9 Sinkholed
GET /ameli-menu/menu/rubrique_assure/3?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2
bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken
185.221.85.4200 OK 72 B URL HTTP/1.1 bam.eu01.nr-data.net/1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken
IP 185.221.85.4:0
ASN #206998 New Relic International Limited
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-edf8db728d00528ee3f?a=309613575&v=1216.487a282&to=MhBSZQoZWkdXBhFRCwtacVIMEVtaGRUEXwE6FlFSEB0%3D&rst=1343&ck=0&ref=https://cartevitale.assumalade.fr/&ap=27&be=559&fe=1201&dc=1053&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662460841120,%22n%22:0,%22f%22:-5,%22dn%22:47,%22dne%22:67,%22c%22:68,%22s%22:113,%22ce%22:432,%22rq%22:433,%22rp%22:515,%22rpe%22:521,%22dl%22:541,%22di%22:1029,%22ds%22:1052,%22de%22:1128,%22dc%22:1200,%22l%22:1200,%22le%22:1204%7D,%22navigation%22:%7B%7D%7D&fcp=1126&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.eu01.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 10:40:49 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 746696b24864993c-ARN
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BL6uJ0xNgQPopInCPvh58yhckh4s45YuDJ0cpQuZsCNWYcckQoRp5%2FAk1G9r0nO86qT4G3skCbUAbeV01Yo6%2B1pIvheMGiyIzDpF%2BTfZyMIr6D3uppGiRuDMAwS%2BGiEKwuX%2Bory"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 10:40:49 GMT
Connection: keep-alive
cartevitale.assumalade.fr/libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509
45.131.187.253404 Not Found 693 B URL HTTP/2 cartevitale.assumalade.fr/libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dcc22dc18ca83867b83f11bb65dcc770
6300d3d83570c7956d9efb93e27696852be3f87f
6563d23f439dc157c997139334ee023214dbcd857ba7e17a35c6c27ff490bf5a
Analyzer Verdict Alert quad9 Sinkholed
GET /libraries/tarteaucitron/lang/tarteaucitron.en.js?v=20210509 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 10:40:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Tue, 06 Sep 2022 12:03:52 GMT
Date: Tue, 06 Sep 2022 10:40:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a5ed2a9c430f2f02da773c400d096e0
618252c5082ccfeeb8bc92aecba4485c48ac4206
948158a29f15f5f5ab45f541b665269d43bfc1e3b444ee4ecb9ba715d5b616d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F404ac7e7-f8ba-4b04-b736-5cab0995739f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11003
x-amzn-requestid: 29b9c3bc-4b10-44ed-9bc0-111a672c1d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqpJpGjxoAMFzSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630dbbd7-1547b64d2fc3052e510f6218;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:27:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EXc9RRYhl4EmZGyr2V-YVVoNRU4VC-K1lQcsEzY_PdnYl8qNg3vEAw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 09:36:47 GMT
age: 3842
etag: "618252c5082ccfeeb8bc92aecba4485c48ac4206"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 21837
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 10764
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
age: 44578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 19b452d6541a6028e7d3f90529477077
1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:23 GMT
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
content-type: image/jpeg
age: 45506
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d404793e430ea237e75be9cb1e2bce4
059b34d1809abedd223f7beec75e7831673878be
f180b1cdeb9a794ba3211348673783508d021aeaed419d782374be1a92a4c8dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc784000-5c7c-4aa9-8318-e4d0319d1a09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9300
x-amzn-requestid: dc833608-6b16-4baa-af21-d3885043556c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWshHVxIAMFlGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-1710086818614ab247bcaf58;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sPkksSz3FIV3WcWpoY8E8UYKmUTE8LJ2lr5WO2JVNCGIuAvpPwYMYg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:01:20 GMT
age: 45569
etag: "059b34d1809abedd223f7beec75e7831673878be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
quad9 Sinkholed
GET /sites/default/files/css/css_BUorv_JgaLLZ7H66Lg2Q9qkSmF-N60qmyitgZjsGMnk.css HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-78a33"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /sites/default/files/js/js_4xNZJpfp2oDly0xk8Q_5DcDqWDiuvYr6_EokoeMIl_8.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-2f53f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: text/html
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-2d68f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /sites/default/files/js/js_7un_sMNN5SHDSJ_QntvlE5gTK3fBCkorWiBPuRoAJc0.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-2f50f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/themes/custom/ameli/js/menuce6f.js?rbd837
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /themes/custom/ameli/js/menuce6f.js?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-ba5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /sites/default/files/js/js_Jb8mdtEcLljPOjgccSLgZFP3pLoMKZH5lHNBAEzAze8.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-f8b1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js
45.131.187.253200 OK 0 B URL HTTP/2 cartevitale.assumalade.fr/libraries/tarteaucitron/tarteaucitrona4f0.js
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /libraries/tarteaucitron/tarteaucitrona4f0.js HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 10:41:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 12:12:24 GMT
etag: W/"6311f328-1a586"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/ameli-menu/footer/rubrique_assure/2?rbd837
45.131.187.253404 Not Found 0 B URL HTTP/2 cartevitale.assumalade.fr/ameli-menu/footer/rubrique_assure/2?rbd837
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /ameli-menu/footer/rubrique_assure/2?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/ameli-menu/menu_mobile/rubrique_assure/3?rbd837
45.131.187.253404 Not Found 0 B URL HTTP/2 cartevitale.assumalade.fr/ameli-menu/menu_mobile/rubrique_assure/3?rbd837
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /ameli-menu/menu_mobile/rubrique_assure/3?rbd837 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2
cartevitale.assumalade.fr/ameli-actualite/rubrique_assure/0/block_en_bref?1651679786
45.131.187.253404 Not Found 0 B URL HTTP/2 cartevitale.assumalade.fr/ameli-actualite/rubrique_assure/0/block_en_bref?1651679786
IP 45.131.187.253:0
ASN #137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
Analyzer Verdict Alert openphish French Health Insurance
fortinet Phishing
quad9 Sinkholed
GET /ameli-actualite/rubrique_assure/0/block_en_bref?1651679786 HTTP/1.1
Host: cartevitale.assumalade.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgAGVVZUDBADVFhUBgICUVE=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://cartevitale.assumalade.fr/
Cookie: ameli_espace=rubrique_assure; ameli_localisation_counter=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Sep 2022 10:41:34 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: br
X-Firefox-Spdy: h2