dev-bpbusines.pantheonsite.io/wp/38615
23.185.0.3301 Moved Permanently 162 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
openphish La Banque postale
fortinet Phishing
GET /wp/38615 HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
location: https://dev-bpbusines.pantheonsite.io/wp/38615/
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: 23af65d6-721c-11ed-a182-b27c140de4ff
cache-control: public, max-age=86400
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12747-AMS, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1669998767.701973,VS0,VE1
vary: Cookie, Cookie
x-robots-tag: noindex
age: 28696
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 162
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9839
Expires: Fri, 02 Dec 2022 19:16:45 GMT
Date: Fri, 02 Dec 2022 16:32:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5448
Cache-Control: max-age=156557
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:46 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:02:03 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
dev-bpbusines.pantheonsite.io/wp/38615/
23.185.0.3200 OK 28 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1449)
Hash cd10c03cfc3663c97c9683dbc0ef2a13
a5e48d1259b9b7a9d861c14340e43c532e32714b
600b1d4f6759581f2dad777e2cc0f1883aef8307a23d90977d881b82b87b34ca
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/ HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: caf9ea3a-725e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12779-AMS, cache-bma1678-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1669998767.735119,VS0,VE23
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 27587
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7770
Expires: Fri, 02 Dec 2022 18:42:16 GMT
Date: Fri, 02 Dec 2022 16:32:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 16:19:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 769
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xvWrHl1pQqu6uzzxsIegjfsyXz5yBzUWTfdxGK3C72E3iR1AXfe0se8zmRqPjRb0I+lmQXzMPJo=
x-amz-request-id: NJWB34HVMFXSC1F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 15:46:45 GMT
age: 2761
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 16:32:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/assets/css/spinner.css
23.185.0.3200 OK 380 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/assets/css/spinner.css
IP 23.185.0.3:0
File type ASCII text, with CRLF line terminators
Hash 00ca23199a1a85f3c2cf38dabfeef853
f7da43579189b67a2e02e26b47da70d38562078e
af6ea681e0934131dc76799700e56c6416398f7ca618b6e66039276248286d30
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
GET /wp/38615/assets/css/spinner.css HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"6389b895-317"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:29 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f4466535-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21053-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.894916,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 380
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/saved_resource(1)
23.185.0.3200 OK 59 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/saved_resource(1)
IP 23.185.0.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 84455fcbb9d61b5b76c43701007a7240
a39c2c1d2f997ea63adb3ac27e436a7e2374fe70
13c7df46eca6672ea379cb53820afa12862aed2f6e349f5fcaefd1f4d884bbc9
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/saved_resource(1) HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"6389b896-2b"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 6bab935d-721e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21065-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.897838,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 59
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/bsd
23.185.0.3200 OK 37 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/bsd
IP 23.185.0.3:0
File type ASCII text, with no line terminators
Hash 0c0982212f5443915a3b3afa003dab34
368c52b8f5718a0471bc5cbf6934d19d2884f9ce
76b2e00f0ce7e3a16b06bc1afa8697b53c18c1cf62e74755ae8b19eed401369f
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/bsd HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-11"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 6babd876-721e-11ed-b44e-4a12cea051da
content-encoding: gzip
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12739-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.901458,VS0,VE32
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 37
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/saved_resource
23.185.0.3200 OK 59 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/saved_resource
IP 23.185.0.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 84455fcbb9d61b5b76c43701007a7240
a39c2c1d2f997ea63adb3ac27e436a7e2374fe70
13c7df46eca6672ea379cb53820afa12862aed2f6e349f5fcaefd1f4d884bbc9
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/saved_resource HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"6389b896-2b"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 6babe0a7-721e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12782-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.897100,VS0,VE41
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 59
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js
104.17.24.14200 OK 69 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js
IP 104.17.24.14:0
Hash 7c286e6d8efea0a5a4001f1d303b084d
7af68edb8af057d92a5267c635285b81e2d75ba3
9f0e70f01fea22da5fcb038a5a0df0807fcb33cf30de95af1d7c5ce4d84105ae
GET /ajax/libs/jquery/3.4.1/jquery.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dev-bpbusines.pantheonsite.io
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 16:32:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 69049
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-4472c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8635931
expires: Wed, 22 Nov 2023 16:32:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJh92TSJa4AeN%2Bt%2BarOcmAz3LuZ4OmkUfBHJwWIct%2F43KYdro%2FBxrB7WtANjudSCX%2BFqy0Vgfgb%2Fq%2FJcgC0qIVNhtsNCWsRVWqRbY%2BGrJb6ee6D8LiI0xSBFaz4LrCwCCMRqKOiZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 773575e57b39b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/js
23.185.0.3200 OK 49 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/js
IP 23.185.0.3:0
File type ASCII text, with very long lines (1596)
Hash 62d31eb88dba4caaf44df4fe1077e09b
a51994ef0a180ddf1d4eb0c0e7a052a05916fcb2
0b927f74d6b20771facd456fb2cf1f8aea7e95aead8fb57187cb26862f44b78d
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"6389b896-1b8e7"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 6ba10814-721e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21071-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.911263,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 48720
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/px
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/px
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/px HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-0"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 6babfe52-721e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12730-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.912305,VS0,VE31
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
23.185.0.3200 OK 599 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
IP 23.185.0.3:0
File type ASCII text, with very long lines (477)
Hash cac57a3c4bf741d845e6f013a4ed6f7a
fb84e768c3c246ee3c3e0d43cc116d1376f00449
e0d97d039af1dba42f2cb50e5a844b38617b18752c48ca95a5ee6186e40b72e5
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
GET /wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"6389b896-b0f"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f446ccb8-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12755-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.895538,VS0,VE49
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 599
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/seg
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/seg
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/seg HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-0"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 6ba38663-721e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21069-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.913647,VS0,VE31
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/4050178.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/4050178.js
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/4050178.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
etag: "6389b896-0"
expires: Fri, 02 Dec 2022 08:50:48 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 6babf45b-721e-11ed-a40c-2234dac4ee8d
cache-control: public, max-age=120
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12751-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.915779,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/px(1)
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/px(1)
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/px(1) HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-0"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 6babccfe-721e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21043-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.921020,VS0,VE33
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/seg(1)
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/seg(1)
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/seg(1) HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-0"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: 6bab7662-721e-11ed-95ce-ceec288c9991
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21025-AMS, cache-bma1678-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1669998767.922800,VS0,VE33
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/LOGO-LBP-digital-fd-clair-RVB.svg
23.185.0.3200 OK 1.8 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/LOGO-LBP-digital-fd-clair-RVB.svg
IP 23.185.0.3:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 465fcc6d1d6409eaf92e55dc2ec54b9c
f66b37435dce27bfb96f67e6a26a1c970a020b07
d52e0a622c8803029104fd93862c189827263036e4be5d9e8960a916d808a30d
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/LOGO-LBP-digital-fd-clair-RVB.svg HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: W/"6389b896-dd1"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: f44adf1e-725e-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12770-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.924473,VS0,VE32
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1769
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/assets/js/main.js
23.185.0.3200 OK 560 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/assets/js/main.js
IP 23.185.0.3:0
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Hash f253ff3968dd80cefec84b09c5437a0f
0392cd7e1d577b7079bd0590673409711b4b3f77
1bfc467e8165b7296c7d9b8953c1069981e2bd9401ea63ed2d18b285c2ae59a2
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/assets/js/main.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b895-71f"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:29 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f44b7da1-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21081-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.928660,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 560
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/common/log.js
23.185.0.3200 OK 419 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/common/log.js
IP 23.185.0.3:0
File type ASCII text, with CRLF line terminators
Hash 45bdf328a2b2a3b7e6ed74f266e18808
9630fa83905b07b5a1433e7560596afff1d5f0d6
0a32f4d23aba5363b8d708fb8cd149ac87ed29958a28c0aafd887558d0f5c4ea
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/common/log.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-329"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f44c2b2c-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12775-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.931447,VS0,VE37
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 419
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/px(2)
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/px(2)
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/px(2) HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-0"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: 6baca78e-721e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21067-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.922805,VS0,VE45
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ac6f5d9181533a92282a9ee38ad617a
54d9736264b7ef62db329b572904509f8499e737
957d7546e094b32fd4f025675ac7a9243b5975dbcdba132ff8f7610a256862b8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "957D7546E094B32FD4F025675AC7A9243B5975DBCDBA132FF8F7610A256862B8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13999
Expires: Fri, 02 Dec 2022 20:26:06 GMT
Date: Fri, 02 Dec 2022 16:32:47 GMT
Connection: keep-alive
dev-bpbusines.pantheonsite.io/wp/38615/asset/il_transverse_warning.svg
23.185.0.3200 OK 574 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/il_transverse_warning.svg
IP 23.185.0.3:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1080), with no line terminators
Hash 9d55298064d0b1f7253fbd98dc91225a
3dbc3e08fb91dd45d34af878c4dc31a1b51045e3
8bc2bdf82cd3be7623805b8abb5c118a2c092f220490447cd06da9dea418c278
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/il_transverse_warning.svg HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: W/"6389b896-438"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: f44b83cf-725e-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12723-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.925328,VS0,VE44
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 574
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/f(1).txt
23.185.0.3200 OK 1.1 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/f(1).txt
IP 23.185.0.3:0
File type ASCII text, with very long lines (2528), with no line terminators
Hash f7bf09284ae316d5c3e93a382e4a5f5f
f4c578ae0bf340d5ab34d5c73894db6a1b466dd6
7a851e7bae4d74f50e2741d60c35ab6e8a8c1080c8ffedf2f84458217d239434
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/f(1).txt HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"6389b896-9e0"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f44c36fb-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12757-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.917944,VS0,VE53
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1119
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/seg(2)
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/seg(2)
IP 23.185.0.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/seg(2) HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "6389b896-0"
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: 6bab87d8-721e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams21069-AMS, cache-bma1678-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669998767.923581,VS0,VE101
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base.min.js
23.185.0.3200 OK 197 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base.min.js
IP 23.185.0.3:0
File type ASCII text, with very long lines (671)
Size 197 kB (197334 bytes)
Hash 417ae13577f958c3caa25d474fac7f92
09b6d9e59e76b3c46ba73a7976442a678eb55fe4
097d9e0837273357d4ccba6e564633e647b5458ae15a96e4a2258039c37248d2
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/base.min.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-8aad4"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: f44b73ca-725e-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21065-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.926628,VS0,VE33
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/css/bootstrap.min.css
23.185.0.3200 OK 41 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/css/bootstrap.min.css
IP 23.185.0.3:0
File type ASCII text, with very long lines (65324)
Hash 4d6767dca12794863ace7efb512ae88e
61e04a5b69119eb9d444f25a7c874f704e1d2f73
0d0c86445a4cf3cbb69980581b070bc52c409a54a8b6f9e0f9c0c23577d17870
GET /wp/38615/asset/css/bootstrap.min.css HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"6389b896-2606e"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: f445f78b-725e-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21039-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.891970,VS0,VE32
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-bpbusines.pantheonsite.io&d.r=1669998765296
93.184.221.133200 OK 207 B URL HTTP/2 cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-bpbusines.pantheonsite.io&d.r=1669998765296
IP 93.184.221.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c8e79d25335a183c69da908cc58e2217
0ac1a86b2acd61b55c7513180df1b19bf29b2c7b
28555281af575492973ce1af5d5c2c315f4f99fe0c9ca372918ffd44f1938c56
GET /iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-bpbusines.pantheonsite.io&d.r=1669998765296 HTTP/1.1
Host: cstatic.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 58095
cache-control: max-age=604800
content-type: text/html
date: Fri, 02 Dec 2022 16:32:47 GMT
etag: "282943589+gzip"
expires: Fri, 09 Dec 2022 16:32:47 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (ska/F75C)
vary: Accept-Encoding
x-cache: HIT
content-length: 207
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf
23.185.0.3404 Not Found 9.7 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Hash fa3978a8cbd72747241a7d4eb0daffe9
e0fa350cc5bd2db799a954a2590be3e3e85413cf
2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: public, max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: f4733b9a-725e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams21077-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.189718,VS0,VE123
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/ill_citoyenne.svg
23.185.0.3200 OK 1.5 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/ill_citoyenne.svg
IP 23.185.0.3:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 826e7a4a4676eb3cb3823a4f9e8f9deb
17aa9f72f0aea7f3abae9e340ec27d08a1d3b859
97607fb052141b0869f310cb458748723725e92e690f689d7791b6051f1f8f2c
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/ill_citoyenne.svg HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: W/"6389b896-f3f"
expires: Fri, 02 Dec 2022 16:32:46 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: f481e788-725e-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams12732-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.283036,VS0,VE33
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1475
X-Firefox-Spdy: h2
cstatic.weborama.fr/iframe/external_libs.v2.js
93.184.221.133200 OK 3.1 kB URL HTTP/2 cstatic.weborama.fr/iframe/external_libs.v2.js
IP 93.184.221.133:0
File type ASCII text, with very long lines (8579), with no line terminators
Hash 7671f8fcc99aee9ca8ab26ca1e2fde9e
a4fe9860d1c1fe5f65f8de511754dc3570a90592
f05e772820ca83b004d5d5e21fda87b97cd68c847c62868fc9cf882203ee2d63
GET /iframe/external_libs.v2.js HTTP/1.1
Host: cstatic.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-bpbusines.pantheonsite.io&d.r=1669998765296
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 58073
cache-control: max-age=604800
content-type: text/javascript
date: Fri, 02 Dec 2022 16:32:47 GMT
etag: "3142978827+gzip"
expires: Fri, 09 Dec 2022 16:32:47 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (ska/F68B)
vary: Accept-Encoding
x-cache: HIT
content-length: 3062
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css
23.185.0.3200 OK 62 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css
IP 23.185.0.3:0
File type Unicode text, UTF-8 text, with very long lines (6430)
Hash 8d01a14de7c5d4e89c908cee88abc617
1a808c19c8a68fa835aa62a13b745d24e7923a3b
400ec3cdd38bf372ea768bf522fb7e37c1d766e75ab42dac1731384986d20d37
GET /wp/38615/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"6389b896-3cf1d"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: f446f140-725e-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21045-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.896379,VS0,VE33
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/libs/granite/csrf/token.json
23.185.0.3404 Not Found 9.7 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/libs/granite/csrf/token.json
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Hash fa3978a8cbd72747241a7d4eb0daffe9
e0fa350cc5bd2db799a954a2590be3e3e85413cf
2bdb3eb70febd629c691302f23ba927bbc34478528737bada83e41dc95347fc1
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /libs/granite/csrf/token.json HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: public, max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: f47b8f11-725e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams21083-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.241427,VS0,VE117
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 9660
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff
23.185.0.3404 Not Found 42 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Hash 7975d206adcd1ec8077c8323717cff89
c684dfde0fcb3c3c1197cee7445db35b3c3a83e2
14b6473393d28cb2238953df048b0154c641d3f7c2eae26224b958ca26ae997a
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: public, max-age=600
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: f4873435-725e-11ed-a40c-2234dac4ee8d
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams21037-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.319765,VS0,VE115
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 41705
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff
23.185.0.3404 Not Found 42 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Hash 7975d206adcd1ec8077c8323717cff89
c684dfde0fcb3c3c1197cee7445db35b3c3a83e2
14b6473393d28cb2238953df048b0154c641d3f7c2eae26224b958ca26ae997a
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: public, max-age=600
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: f48b8a40-725e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams12752-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.349034,VS0,VE121
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 41705
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Light.woff
23.185.0.3404 Not Found 42 kB URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Light.woff
IP 23.185.0.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16233)
Hash 7975d206adcd1ec8077c8323717cff89
c684dfde0fcb3c3c1197cee7445db35b3c3a83e2
14b6473393d28cb2238953df048b0154c641d3f7c2eae26224b958ca26ae997a
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
fortinet Phishing
GET /wp/38615/asset/base-fonts/resources/fonts/lato/Lato-Light.woff HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: public, max-age=600
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://dev-bpbusines.pantheonsite.io/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: f4911392-725e-11ed-b44e-4a12cea051da
date: Fri, 02 Dec 2022 16:32:47 GMT
x-served-by: cache-ams12747-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.384825,VS0,VE116
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 41705
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 16:08:57 GMT
cache-control: public,max-age=3600
age: 1430
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
185.89.211.116307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
AN-X-Request-Uuid: 43c083da-9eb8-48a9-863a-b0b943e92279
Set-Cookie: uuid2=1775861836717816664; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/px?id=991000&t=2
185.83.142.19307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=991000&t=2
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=991000&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
AN-X-Request-Uuid: f2d63614-b10a-45bb-a050-c4a83a67a7de
Set-Cookie: uuid2=5600213370877658611; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ae57d1b2cdb05e6e7b2134e9e6241d5c
74dc59257ddeb7039dbc26203c470f8ac12412d5
a9f0355f9bdcced65e6c6968917c84f8ce0037280f445b4e2bf68bdc2ba1862c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
185.89.211.116307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
AN-X-Request-Uuid: 8ba7b54f-3be5-4920-8d19-fc4902787765
Set-Cookie: uuid2=3993411248965685964; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/px?id=991001&t=2
185.83.142.19307 Redirection 2.2 kB URL HTTP/1.1 secure.adnxs.com/px?id=991001&t=2
IP 185.83.142.19:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 5dbf8a2ce66706f7e2f50793f5ea6ca1
5fc3aa713e91365b715dfb2a3473612157674a40
be2db48922970b7820bd8b6f8d23d25f7513e7a4aeb5e5d375ec27055e97f4bd
GET /px?id=991001&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
AN-X-Request-Uuid: af9180ba-986e-408a-b63d-6222ed2c546f
Set-Cookie: uuid2=1206567785286685211; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
185.89.211.116307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
AN-X-Request-Uuid: 119a9a78-7700-42d1-939d-8173bded04bc
Set-Cookie: uuid2=7829205182760367006; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.com/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 16:32:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.de/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.de/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 16:32:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
185.89.211.116302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
AN-X-Request-Uuid: cbc856c5-8f17-494a-9d29-b8ce5276d0ef
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
185.83.142.19200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
IP 185.83.142.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fpx%3Fid%3D991000%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f06fd132-5300-47e4-aa71-7816dc871e89
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
185.89.211.116302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={"a":991001,"l":[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],"i":1,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=2602146
AN-X-Request-Uuid: 96023923-8b2f-4cb5-b012-c18812a5118b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
185.83.142.19200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
IP 185.83.142.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fpx%3Fid%3D991001%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 00427962-1736-4af4-8d46-22d9e5cafaad
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
185.89.211.116302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
IP 185.89.211.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: //its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={"a":991000,"l":[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],"i":1,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=2602146
AN-X-Request-Uuid: f7ce74cc-3f96-47c3-b2ea-067169203ade
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5443
Cache-Control: max-age=151490
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:47 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:37:37 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69af02181ac4bc698a3cc25aed3d4cdb
34c8edd55c9dcedf008cc2dd0c7686b97406c992
c9301641f05a03915c737a59573b6736787308cec66d555fc3f6094af550e840
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X/vLpvwbEjKkpJdcevtcaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BCg0WtpC0QUiIKTJlC0y+4xj8T8=
ocsp.godaddy.com/
192.124.249.41200 OK 8.0 kB IP 192.124.249.41:0
File type gzip compressed data, max speed, from Unix\012- data
Hash f2e1cce1433a02d1bf2049ec4d0dad3f
d81edd30897d3da4660b7a3a0d6a61d637b2e84d
906a8e3db4357c5977ceb5af68152818472f123e545c9eea0de3baf7cfee6f52
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:20:29 GMT
Expires: Fri, 02 Dec 2022 20:20:29 GMT
ETag: "b2d80b5ce044d1d645a23d041f7ce44700cfae5f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash a47a470ddda1d6ff9482bc6422159479
b2d80b5ce044d1d645a23d041f7ce44700cfae5f
38f0b531032a3c665c4175d12603c0975a5df655b6dca9d4db200a7d2fac4604
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:20:29 GMT
Expires: Fri, 02 Dec 2022 20:20:29 GMT
ETag: "b2d80b5ce044d1d645a23d041f7ce44700cfae5f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash a47a470ddda1d6ff9482bc6422159479
b2d80b5ce044d1d645a23d041f7ce44700cfae5f
38f0b531032a3c665c4175d12603c0975a5df655b6dca9d4db200a7d2fac4604
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 20:20:29 GMT
Expires: Fri, 02 Dec 2022 20:20:29 GMT
ETag: "b2d80b5ce044d1d645a23d041f7ce44700cfae5f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146 HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
uuid=3760500167330547081; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node5.tradelab.fr
its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146 HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
uuid=2170871472127574102; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node2.tradelab.fr
its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
62.212.64.230200 OK 35 B URL HTTP/1.1 its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8e7df505eb0448f8b55c926b4c856e1
058af5e18c5fe7e8ef4d3e526fb0bbf8464339f6
73378187221a3c4c89e4f560554402f997c9abc783b3510b8547cac36b611c80
GET /?type=tlsync&uuid2=0&callback=tl_sync HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
uuid=7873422570292439561; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
secure.adnxs.com/seg?add=2491894:0&t=2
185.83.142.19307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=2491894:0&t=2
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=2491894:0&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
AN-X-Request-Uuid: 2e64d26b-92e7-4c0d-b94f-7f71e10079d7
Set-Cookie: uuid2=8669402099370834366; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
185.83.142.19200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
IP 185.83.142.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 4c4b1754-23e8-420d-9a8b-ef2f33525755
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Il]iH`.l!]tbP6j2F-XstGt!@DeO$n8Sb; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
its.tradelab.fr/?type=tp&advid=2602146&uuid=7873422570292439561&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
62.212.64.230302 Found 0 B URL HTTP/1.1 its.tradelab.fr/?type=tp&advid=2602146&uuid=7873422570292439561&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=tp&advid=2602146&uuid=7873422570292439561&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=7873422570292439561; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
iev0=eJyrVjIyMzAyNDFTsqpWKiopVrIyNDOztLS0MDezMDK00FEqSs4rUbIyADJSSosgDKBIJoRVXACSq60FAH/6EzA=; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Access-Control-Allow-Origin: *
X-Powered-By: Tradelab ITS / node5.tradelab.fr
Location: https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
142.250.74.66302 Found 285 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 99eacce2df6348525adbb66179b6a122
9ae2089704548b1c8545021a9de724f71fa8fb84
cd793d1e2bdcc66fa07e118627012f0d24684aa085f149eed09b86a06ade7384
GET /pixel?google_nid=tradelab_dmp&google_cm HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
date: Fri, 02 Dec 2022 16:32:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 285
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Dec-2022 16:47:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
142.250.74.66302 Found 256 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 71887a73cc8a27e417a04a9a689586c0
d3128cba3bfccf3eb54562cccc344d30ca175703
86083e6edab8fa44c3d8b0b5ff3a7292f6bdf16e2a3046f90a285f036b0ce96b
GET /pixel?google_nid=tradelab_dmp&google_cm=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://its.tradelab.fr/?type=tlsync_dbm&google_error=3
date: Fri, 02 Dec 2022 16:32:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 16:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
its.tradelab.fr/?type=tlsync_dbm&google_error=3
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=tlsync_dbm&google_error=3
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=tlsync_dbm&google_error=3 HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=9212458510411608007; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node4.tradelab.fr
cdn.tradelab.fr/fseg/2135.js?add=12608265
152.195.132.24200 OK 2.6 kB URL HTTP/2 cdn.tradelab.fr/fseg/2135.js?add=12608265
IP 152.195.132.24:0
File type ASCII text, with very long lines (518)
Hash e8e2acc1934a78e938bb2f88981f126c
04e508ff2ef2b20c1edabb2861528cb353ee7775
c33fd65b0d81fa1bfb50c0e3ff4ac82c26aa752ea196874322466bed02496acd
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
GET /fseg/2135.js?add=12608265 HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 1264
cache-control: max-age=1800
content-type: application/javascript
date: Fri, 02 Dec 2022 16:32:48 GMT
etag: "1bbd-59ff7646fd68a-gzip"
expires: Fri, 02 Dec 2022 17:02:48 GMT
last-modified: Tue, 03 Mar 2020 18:22:54 GMT
server: ECAcc (ska/F73F)
vary: Accept-Encoding
x-cache: HIT
content-length: 2594
X-Firefox-Spdy: h2
cdn.tradelab.fr/conv/991000.js
152.195.132.24200 OK 2.0 kB URL HTTP/2 cdn.tradelab.fr/conv/991000.js
IP 152.195.132.24:0
File type ASCII text, with very long lines (832)
Hash 866cef51cc7a1af978bd63d062ad7597
fc1a7e138eff4b50c0a722a777684720ff1a1450
339200fc612e99e909baf07bd33255243a505dbbb0b92ebe802b0ec89c843053
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
GET /conv/991000.js HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 871
cache-control: max-age=1800
content-type: application/javascript
date: Fri, 02 Dec 2022 16:32:48 GMT
etag: "15a7-5c445be4e9274-gzip"
expires: Fri, 02 Dec 2022 17:02:48 GMT
last-modified: Tue, 08 Jun 2021 18:58:28 GMT
server: ECAcc (ska/F753)
vary: Accept-Encoding
x-cache: HIT
content-length: 2034
X-Firefox-Spdy: h2
its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=9959091182469315712; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node1.tradelab.fr
secure.adnxs.com/seg?add=12608265&t=2
185.83.142.19307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=12608265&t=2
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=12608265&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
AN-X-Request-Uuid: 5bb8c71b-2129-445d-a6ac-1b76a3e2fb5c
Set-Cookie: uuid2=6279056660116031770; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
its.tradelab.fr/?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F38615%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F38615%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F38615%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
uuid=2007256509062807693; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:48 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
185.83.142.19200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
IP 185.83.142.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D12608265%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 148ca343-ccc7-45d2-8c51-927d64b41565
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Il]iH`.l!]tbP6j2F-XstGt!@DeO$n8Sb; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Fri, 02 Dec 2022 17:47:03 GMT
Date: Fri, 02 Dec 2022 16:32:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Fri, 02 Dec 2022 17:47:03 GMT
Date: Fri, 02 Dec 2022 16:32:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Fri, 02 Dec 2022 17:47:03 GMT
Date: Fri, 02 Dec 2022 16:32:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Fri, 02 Dec 2022 17:47:03 GMT
Date: Fri, 02 Dec 2022 16:32:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 56275
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ArJSu5jI0RrZj3QtJp6oI6Yvf9LCWrYqU0HRIl8U8xJjdeOaJEe2yg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:07 GMT
age: 65562
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 67276
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 23:43:28 GMT
age: 60561
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 66233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 13:09:50 GMT
age: 12179
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.tradelab.fr/fseg/2135.js?add=12608266
152.195.132.24200 OK 2.6 kB URL HTTP/2 cdn.tradelab.fr/fseg/2135.js?add=12608266
IP 152.195.132.24:0
File type ASCII text, with very long lines (518)
Hash e8e2acc1934a78e938bb2f88981f126c
04e508ff2ef2b20c1edabb2861528cb353ee7775
c33fd65b0d81fa1bfb50c0e3ff4ac82c26aa752ea196874322466bed02496acd
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
GET /fseg/2135.js?add=12608266 HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 1269
cache-control: max-age=1800
content-type: application/javascript
date: Fri, 02 Dec 2022 16:32:53 GMT
etag: "1bbd-59ff7646fd68a-gzip"
expires: Fri, 02 Dec 2022 17:02:53 GMT
last-modified: Tue, 03 Mar 2020 18:22:54 GMT
server: ECAcc (ska/F73F)
vary: Accept-Encoding
x-cache: HIT
content-length: 2594
X-Firefox-Spdy: h2
cdn.tradelab.fr/conv/991001.js
152.195.132.24200 OK 2.0 kB URL HTTP/2 cdn.tradelab.fr/conv/991001.js
IP 152.195.132.24:0
File type ASCII text, with very long lines (808)
Hash 76ab9cb9225329cbb283ca854ec51436
0b6c85a3be3979ecb9c5464c793fad122794b9a9
e44c53266fbef09b992000993e8e46ed1ad51742ab33fb389b2eb934c66c0b5d
Analyzer Verdict Alert urlquery Phishing - La Banque postale
urlquery Phishing - La Banque postale
GET /conv/991001.js HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 1659
cache-control: max-age=1800
content-type: application/javascript
date: Fri, 02 Dec 2022 16:32:53 GMT
etag: "158f-5c445be5b05ff-gzip"
expires: Fri, 02 Dec 2022 17:02:53 GMT
last-modified: Tue, 08 Jun 2021 18:58:28 GMT
server: ECAcc (ska/F730)
vary: Accept-Encoding
x-cache: HIT
content-length: 2023
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=12608266&t=2
185.83.142.19307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=12608266&t=2
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=12608266&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
AN-X-Request-Uuid: 007ee393-a493-4de4-a692-371060117a35
Set-Cookie: uuid2=6350760424630102330; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
185.83.142.19200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
IP 185.83.142.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D12608266%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-bpbusines.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 16:32:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 811668f1-864f-486e-9240-88183bfcec21
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2IlgiH`.l!]tbP6j2F-XstGt!@DiO$pDwv; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 16:32:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
its.tradelab.fr/?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F38615%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F38615%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-bpbusines.pantheonsite.io%252Fwp%252F38615%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:53 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:53 GMT; Secure; SameSite=None
uuid=1881498683817196316; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:53 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
62.212.64.230200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 62.212.64.230:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1669998766%2C%22page_url%22%3A%22dev-bpbusines.pantheonsite.io%2Fwp%2F38615%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1669998765%2C%22prev_vis_ts%22%3A1669998765%2C%22curr_vis_ts%22%3A1669998766%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.7
Date: Fri, 02 Dec 2022 16:32:53 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=1183238662424979172; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Thu, 02 Mar 2023 16:32:53 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node2.tradelab.fr
dev-bpbusines.pantheonsite.io/wp/38615/asset/oct.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/oct.js
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/oct.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-ddec"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f4489c12-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12724-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.908064,VS0,VE31
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/wreport_wcm.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/wreport_wcm.js
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/wreport_wcm.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-3e68"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: f448dec7-725e-11ed-b44e-4a12cea051da
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12767-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.908092,VS0,VE37
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
mmtro.com/tro.js
195.66.82.41200 OK 0 B IP 195.66.82.41:0
GET /tro.js HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 16:32:47 GMT
content-type: text/javascript
vary: Accept-Encoding
x-rid: 638a28af0b048c9760cf2629
cache-control: private, max-age=259200
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 5
server: fdb141453c85e6bc89a824a70a7bfd71a273b947
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/uwt.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/uwt.js
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/uwt.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-ddec"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f448c6fe-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12742-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.904359,VS0,VE36
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/wamfactory_dpm.laposte.min.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/wamfactory_dpm.laposte.min.js
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/wamfactory_dpm.laposte.min.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-1398"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-s8zjr
x-styx-req-id: f4485266-725e-11ed-a182-b27c140de4ff
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21022-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.908096,VS0,VE36
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/991001.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/991001.js
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/991001.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-158f"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-gz6nj
x-styx-req-id: f44d9708-725e-11ed-a40c-2234dac4ee8d
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21024-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.916899,VS0,VE63
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/f.txt
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/f.txt
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/f.txt HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"6389b896-9c44"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7568bdff88-57th2
x-styx-req-id: f44737cb-725e-11ed-95ce-ceec288c9991
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams21049-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.898858,VS0,VE38
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-bpbusines.pantheonsite.io/wp/38615/asset/bat.js
23.185.0.3200 OK 0 B URL HTTP/2 dev-bpbusines.pantheonsite.io/wp/38615/asset/bat.js
IP 23.185.0.3:0
Analyzer Verdict Alert fortinet Phishing
GET /wp/38615/asset/bat.js HTTP/1.1
Host: dev-bpbusines.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-bpbusines.pantheonsite.io/wp/38615/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6389b896-976d"
expires: Fri, 02 Dec 2022 16:32:45 GMT
last-modified: Fri, 02 Dec 2022 08:34:30 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-6f455f7586-w4tdq
x-styx-req-id: f447bf7e-725e-11ed-b44e-4a12cea051da
cache-control: no-cache, must-revalidate
date: Fri, 02 Dec 2022 16:32:46 GMT
x-served-by: cache-ams12721-AMS, cache-bma1678-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669998767.903380,VS0,VE36
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2