r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9084
Expires: Tue, 08 Nov 2022 18:59:09 GMT
Date: Tue, 08 Nov 2022 16:27:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3499
Cache-Control: max-age=154905
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 16:27:45 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:29:30 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4086
Expires: Tue, 08 Nov 2022 17:35:51 GMT
Date: Tue, 08 Nov 2022 16:27:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: klgrfqb8bJ5dGEZkpE3UyNKgqFmJrf3TxSV3kIGEgu92tNQoIRsYQf4+NPLGmOWMy6JwkiVX4ik=
x-amz-request-id: TSV9CJEVV31WPRBV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 16:11:22 GMT
age: 983
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 16:27:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 437dd13f8d4d23a3cc96729298df5e3f
9811c10578ee2209a81f40308e3182487a9e8314
0e0f9cb7cbff923f23bfb36fad8896f26f89dbb980a2a1a599172381f4acf074
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 16:27:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 21:28:13 GMT
Expires: Sun, 13 Nov 2022 21:28:12 GMT
Etag: "9811c10578ee2209a81f40308e3182487a9e8314"
Cache-Control: max-age=449426,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 766fad87bab1b512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6003
Cache-Control: max-age=152344
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 16:27:45 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:46:49 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vjFU4maQT6Bc8qB7q06GkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r6M/WB00W/FDKLWXTw0mktKUimc=
overlos-bf59b2.ingress-erytho.ewp.live/Neew/
63.250.43.133200 OK 28 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/
IP 63.250.43.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304), with CRLF line terminators
Hash 5d2070b804bd9e892c0ad2bb568c0c95
305074fe42359fe52e93666a12e28cc89cb06aa7
774032e2055352b56dd71ccb91a3c932b85efccd87d7f9214dc5c9da5e1aa072
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
GET /Neew/ HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:39:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 82120
x-cache: HIT
accept-ranges: bytes
content-length: 27665
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 403386689fd794c5f3d4429273c395f6
9c9ce4e3ae075a60bb8501919a3100605332f8fa
3e1f3f9de72e529bba6506517f941759f1aec789a806d17eb919aa8206e738ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 16:27:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 12:40:39 GMT
Expires: Sat, 12 Nov 2022 12:40:38 GMT
Etag: "9c9ce4e3ae075a60bb8501919a3100605332f8fa"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 766fad8d6acbb512-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 403386689fd794c5f3d4429273c395f6
9c9ce4e3ae075a60bb8501919a3100605332f8fa
3e1f3f9de72e529bba6506517f941759f1aec789a806d17eb919aa8206e738ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 16:27:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 12:40:39 GMT
Expires: Sat, 12 Nov 2022 12:40:38 GMT
Etag: "9c9ce4e3ae075a60bb8501919a3100605332f8fa"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 766fad8d8e08b4ed-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 403386689fd794c5f3d4429273c395f6
9c9ce4e3ae075a60bb8501919a3100605332f8fa
3e1f3f9de72e529bba6506517f941759f1aec789a806d17eb919aa8206e738ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 16:27:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 12:40:39 GMT
Expires: Sat, 12 Nov 2022 12:40:38 GMT
Etag: "9c9ce4e3ae075a60bb8501919a3100605332f8fa"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 766fad8d88ea0b69-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 403386689fd794c5f3d4429273c395f6
9c9ce4e3ae075a60bb8501919a3100605332f8fa
3e1f3f9de72e529bba6506517f941759f1aec789a806d17eb919aa8206e738ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 16:27:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 12:40:39 GMT
Expires: Sat, 12 Nov 2022 12:40:38 GMT
Etag: "9c9ce4e3ae075a60bb8501919a3100605332f8fa"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 766fad8d8d05b500-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 403386689fd794c5f3d4429273c395f6
9c9ce4e3ae075a60bb8501919a3100605332f8fa
3e1f3f9de72e529bba6506517f941759f1aec789a806d17eb919aa8206e738ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 16:27:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 12:40:39 GMT
Expires: Sat, 12 Nov 2022 12:40:38 GMT
Etag: "9c9ce4e3ae075a60bb8501919a3100605332f8fa"
Cache-Control: max-age=331371,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 766fad8d8fdbb4f7-OSL
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
158.191.172.47200 OK 25 B URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
Hash 363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibBoutonVertPart.min.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:40 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Content-Type: text/css
Age: 1307885
X-Cache: HIT
X-Cache-Hits: 2127953
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js
158.191.172.47200 OK 3.9 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (547)
Hash 463049d793eabdbac8ae4e57b2a10ca7
011665ca0f2ca4db6e59f2f3cc3d9ddadbf11730
517abbf818972325e19936a02cac32ea14de3e1af6590ce46a27f35ab1e3dd8f
GET /etc.clientlibs/clientlibs/granite/utils.min.423ec59365a85ebded314ad7311ef508.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 18 Oct 2022 13:30:48 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3936
Content-Type: application/javascript
Age: 1825017
X-Cache: HIT
X-Cache-Hits: 2107031
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js
158.191.172.47200 OK 2.0 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (697)
Hash 35d8650ef29a52aad843bb646b784af9
fbc8c2d86c3bbc702b136a95a78c1198f16b9702
d7050f67214f0b4bfede756d0674e09b063a059ea1ef19bf1222c5bb03cd190e
GET /etc.clientlibs/clientlibs/granite/jquery/granite.min.579a107dd681c49bc61dae63734043cb.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:39 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:17 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:39 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2018
Content-Type: application/javascript
Age: 1307908
X-Cache: HIT
X-Cache-Hits: 2080895
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
158.191.172.47200 OK 211 B URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (313), with no line terminators
Hash ec818eb11121655b17a6fb83488e4554
0559cdabdc6ae6faf8dd3e6c3728f94443d96f1c
5f74bf966f485c3cdab1770f99d0bb7d6f4fdc4750e01288003e2daceb852089
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-google-map.min.87a76470d686bc99a65e1f582ee93f13.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:40 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Content-Type: application/javascript
Age: 1307885
X-Cache: HIT
X-Cache-Hits: 2401031
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js
158.191.172.47200 OK 6.7 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (679)
Hash 15f73cdfc00596b0e726695d7d967082
559cdb3e94a374771c7666cc9a0bec2d35c23707
7ab899234ee7533ef7e16d523b17ebfe4b983ac8f7b2913bb43aec57ea7229af
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibStoreLocatorGeneral.min.fed0763fde2431a7c1b27d703f22ca4e.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:50 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:49 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6674
Content-Type: application/javascript
Age: 1307876
X-Cache: HIT
X-Cache-Hits: 108394
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
158.191.172.47200 OK 21 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type Unicode text, UTF-8 text, with very long lines (543)
Hash 0f9698f3b98184c4f3339a514c6cacd8
b8a401e2b96d9ea931380288dedae8ff0a289ef1
eb205de4970ff5276f5dc203e9a19451147c945dc49024a85b2f42d1611377d6
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlibHeader.min.9b997b2ac9fca6031bd046f1edd29d81.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:17 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21206
Content-Type: application/javascript
Age: 1307908
X-Cache: HIT
X-Cache-Hits: 2186127
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js
158.191.172.47200 OK 43 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/clientlibs/granite/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type ASCII text, with very long lines (585)
Hash b2cb5ec0df7491a7dbf77c2a096af8bd
cd256128184df9fb517dc69a1922a12660acf004
acd382c682d443f991f484fb5b6325ae8d81cec6c80e970e2e1cb052f5a17635
GET /etc.clientlibs/clientlibs/granite/jquery.min.aaffcbf7942d5bedb07855e48cbc1afa.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:10 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43442
Content-Type: application/javascript
Age: 1307915
X-Cache: HIT
X-Cache-Hits: 2257961
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js
158.191.172.47200 OK 125 kB URL HTTP/1.1 www.credit-agricole.fr/etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type Unicode text, UTF-8 text, with very long lines (567)
Size 125 kB (125217 bytes)
Hash c8b977e07f47b5618206dc2d3c1ce2bf
3640602e969ea4f811305a51aa97a61f3114ae19
83fd9d50794ef11fc8a202476b193d3dbdd1d016744253fe0f1dca37da8e021b
GET /etc.clientlibs/settings/wcm/designs/ca/npc/clientlib-bootstrap-jquery.min.1661914e05c676ce450674555cc1e5b0.js HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:09 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Age: 1307916
X-Cache: HIT
X-Cache-Hits: 2392108
Accept-Ranges: bytes
Content-Length: 125217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:41 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:12 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:41 GMT
Content-Type: image/svg+xml
Age: 1307913
X-Cache: HIT
X-Cache-Hits: 566376
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:12 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Content-Type: image/svg+xml
Age: 1307913
X-Cache: HIT
X-Cache-Hits: 595342
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
158.191.172.47200 OK 2.0 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/npc/logos/logo_ca.png
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type PNG image data, 83 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash a5777291aa794d7d07285c839571662a
284f3d6b64462c946a640072bb57e512307bf8ab
1c8399c9f4f09feb8f95fe39465cc7e70597b0097ad92da954db82646ec68dc3
GET /content/dam/assetsca/npc/logos/logo_ca.png HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 12:57:19 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:07 GMT
Content-Length: 2037
Cache-Control: max-age=2592000
Expires: Mon, 28 Nov 2022 12:57:19 GMT
Content-Type: image/png
Age: 1307919
X-Cache: HIT
X-Cache-Hits: 1598884
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
63.250.43.133200 OK 172 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
IP 63.250.43.133:0
File type Unicode text, UTF-8 text, with very long lines (8828)
Size 172 kB (171970 bytes)
Hash 90fbf56d9969eb4bf72f5223635463d1
820290b172634487df9456a43b107efe3c9923a6
040db686c8365b3cb9771d4f8fe0e5beeaa168206131bc0ab323f65ea540b450
GET /Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:14 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-14260d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
content-length: 171970
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css
63.250.43.133200 OK 3.3 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css
IP 63.250.43.133:0
File type ASCII text, with very long lines (1706)
Hash 901e90eae4125b35be9a4b2e6c5a3820
455a9708ce7e53bf3a335023646e2d67dd3ecdbd
39eac444c78bbf83d6d638975d560fc834e87ca8d3e2c40eadc0a81dd81bd391
GET /Neew/css/clientlibStoreLocatorAccesCRPart.min.ddd3469fd6c3f8f331e0d3b3d56134c3.css HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:14 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-2fad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
content-length: 3313
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css
63.250.43.133200 OK 4.6 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css
IP 63.250.43.133:0
File type Unicode text, UTF-8 text, with very long lines (1706)
Hash 1d84c32d430613bb512c2e35d7331cb7
ab032994b22667d0876870161632410d6712fc4a
3f650ae899941fc3ff356e7f573f7f70ce09d1d19e933dbb52a7b032242e896d
GET /Neew/css/clientlibStoreLocatorT34Part.min.3d681effb62b10a9dbb880f358fea379.css HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:14 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-4b31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
content-length: 4647
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css
63.250.43.133200 OK 4.1 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css
IP 63.250.43.133:0
File type ASCII text, with very long lines (1706)
Hash 6c8b4dc7e80249e5d5f9034bb30d2f12
730e7fdfb48197eee3a85f83d8fab2aab87bfce1
af405241aa6af050a11387c6a0d1319a3fd80ff7d9aeeb139d9a51ade09e4216
GET /Neew/css/clientlibStoreLocatorT33Part.min.1f61aaac8fd08ba4c317656d6f0e4a62.css HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:14 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-3dcb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
content-length: 4067
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css
63.250.43.133200 OK 3.5 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css
IP 63.250.43.133:0
File type ASCII text, with very long lines (1706)
Hash 1cc92a85285572be6b54284bd43b5d6a
69e072cd654507d58809b7dd1eaf4144d78fe4ab
913d2fd2a9954b4bf386f97ac88b326aa51be8a51ba50c7be40bab9fbfadaaac
GET /Neew/css/clientlibStoreLocatorPart.min.804c7ef8e65f13b908c3b5f2466ea356.css HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:14 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-31d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
content-length: 3505
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/js/client-edited.js
63.250.43.133200 OK 198 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/js/client-edited.js
IP 63.250.43.133:0
File type Unicode text, UTF-8 text, with very long lines (566), with CRLF line terminators
Size 198 kB (198211 bytes)
Hash 95aed53d2048e08bb4c0d9af389e10c8
a35071ef43157a914af03e47e94b04628bd4be14
195b69ab2ae781960c93611145857fc5709bc0a8556fef0b7536e0f456c5e2f0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/js/client-edited.js HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:15 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-c2a1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
content-length: 198211
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
23.61.210.130200 OK 59 kB URL HTTP/2 cdn.tagcommander.com/3315/tc_PortailClientCreditAgricole_1.js
IP 23.61.210.130:0
File type Unicode text, UTF-8 text, with very long lines (55676)
Hash cc032a1e1e49f8cc73d637c7d0e01d00
bbea7bbb42211c0ebd0f7926525267256a071b04
75d1a636ab1d5093ba6dfe280246f5e59baa6106250873e8e4e4bee1bc95d07f
GET /3315/tc_PortailClientCreditAgricole_1.js HTTP/1.1
Host: cdn.tagcommander.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: "58823a0212eb374ed7bc932145d12f70+gzip"
last-modified: Mon, 03 Oct 2022 09:38:46 GMT
server: ECS (frb/6776)
vary: Accept-Encoding
x-amz-id-2: NiVvHOyTuiWPOIdAAJQ9R106OlBDObIG7ygbmHn8HkeYpkaW0NWRC4Z4xCd2kBgtkK0PX3cH6k8=
x-amz-request-id: JNM47CK3XVVPRJX6
x-cdn: VDMS
content-length: 58563
cache-control: must-revalidate, max-age=86400
date: Tue, 08 Nov 2022 16:27:46 GMT
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Book.woff2
63.250.43.133200 OK 42 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Book.woff2
IP 63.250.43.133:0
File type Web Open Font Format (Version 2), TrueType, length 41728, version 3.19726\012- data
Hash d838b98f75e3cb9574f9b8b796eb1e8f
fcdf131af872ce9ecda9a437cdf67d23c5940d97
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
Analyzer Verdict Alert fortinet Phishing
GET /Neew/fonts/Gotham-Book.woff2 HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:16 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-a300"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
access-control-allow-origin: https://overlos-bf59b2.ingress-erytho.ewp.live
content-type: font/woff2
content-length: 41728
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Bold.woff2
63.250.43.133200 OK 39 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Bold.woff2
IP 63.250.43.133:0
File type Web Open Font Format (Version 2), TrueType, length 39264, version 3.19726\012- data
Hash 003e90cf8cb3f8b4bef30d6764da18ed
512e44f40b54d0e5e081dda9fd5ea8a4429a508c
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
Analyzer Verdict Alert fortinet Phishing
GET /Neew/fonts/Gotham-Bold.woff2 HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:16 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-9960"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
access-control-allow-origin: https://overlos-bf59b2.ingress-erytho.ewp.live
content-type: font/woff2
content-length: 39264
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Light.woff2
63.250.43.133200 OK 40 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Light.woff2
IP 63.250.43.133:0
File type Web Open Font Format (Version 2), TrueType, length 40280, version 3.19726\012- data
Hash 7624ae091962735719fb82bf900c22b7
393477ccdcd62b914d90dd379dd7d677d761e416
e266d1f2bcf1da0faff6964637fdcd9a4e47c50a7a56be74424f409f30c83c5e
Analyzer Verdict Alert fortinet Phishing
GET /Neew/fonts/Gotham-Light.woff2 HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:16 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-9d58"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
access-control-allow-origin: https://overlos-bf59b2.ingress-erytho.ewp.live
content-type: font/woff2
content-length: 40280
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Medium.woff2
63.250.43.133200 OK 42 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/Gotham-Medium.woff2
IP 63.250.43.133:0
File type Web Open Font Format (Version 2), TrueType, length 41488, version 3.19726\012- data
Hash 68ce85d44fef05344ea74f94f3e6b472
3a380914e04ef35820bbe619e1f902d4b250a997
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
Analyzer Verdict Alert fortinet Phishing
GET /Neew/fonts/Gotham-Medium.woff2 HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:16 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-a210"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
access-control-allow-origin: https://overlos-bf59b2.ingress-erytho.ewp.live
content-type: font/woff2
content-length: 41488
x-cacheable: YES
age: 81151
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2
63.250.43.133404 Not Found 146 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2
IP 63.250.43.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff2 HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:47 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 16:27:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 16:27:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 16:27:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 16:27:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 16:27:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:39 GMT
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
age: 67508
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b64fcd58491917edfc8ffb57c1382cd0
edf97aab58dacd11fa52924b1382c2bf1ede5e55
a2c60a2f7780085b4643ab7f521fb6c858ca72c3170e6f3acd2250b9c3b14cc5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12662
x-amzn-requestid: edaa58fb-c3eb-4af0-ad32-be8c7cf14421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKLHSBoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a40-4c35cd455ff7a829756eeb56;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FjjrCP8dJDZrk38J0SqWxN2Ya4O3-hcO_uW5ULwOQTREh4-MU_szA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 67666
etag: "edf97aab58dacd11fa52924b1382c2bf1ede5e55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:38 GMT
age: 67509
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:49:14 GMT
age: 67113
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37802736d42529da1237e5d89e253928
6f246d25b36dc880489f3af2ae8767a0f5f2542b
b21622ee7e858a4508096480ec3ffba824e96d469b0fcfa0f6daaabad296fd40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12165
x-amzn-requestid: 7baae03c-2e22-477c-9c14-d21a26469b47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEFHdIAMF_XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-2edb1d9722872b1166a5b085;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1QlljbC_YBobvvYSxTH2jH4a4kZAK8Am-k6CNxJrLIm1TY1gbfP1gg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:40 GMT
age: 67507
etag: "6f246d25b36dc880489f3af2ae8767a0f5f2542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 35986
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
158.191.172.47200 OK 244 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size 244 kB (243919 bytes)
Hash b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:51 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:10 GMT
Content-Length: 243919
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:51 GMT
Content-Type: image/jpeg
Age: 1307916
X-Cache: HIT
X-Cache-Hits: 69897
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
63.250.43.133404 Not Found 146 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff
IP 63.250.43.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.woff HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:47 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/favicon.ico
63.250.43.133204 No Content 0 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/favicon.ico
IP 63.250.43.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 07 Nov 2022 17:55:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 81150
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
63.250.43.133404 Not Found 146 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf
IP 63.250.43.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/css/clientlib-resources/resources/fonts/npcicons-crunchy/npcicons-crunchy.ttf HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:47 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/npcicons-crunchy.woff2
63.250.43.133200 OK 16 kB URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/fonts/npcicons-crunchy.woff2
IP 63.250.43.133:0
File type Web Open Font Format (Version 2), TrueType, length 16124, version 1.0\012- data
Hash 7eefcde0bd0f11ff896e571772c36544
7e205d90e6f19f35ee0f73f51d67f9377b8a0b64
2b4f1630e7cc5b5f4b6dd7b74888509cf60f756f29f3b4405cd0310c10155361
Analyzer Verdict Alert fortinet Phishing
GET /Neew/fonts/npcicons-crunchy.woff2 HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/css/clientlib-part.min.6997f510cd1b95aa8cb2ce288417bf45.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 17:55:17 GMT
last-modified: Thu, 03 Nov 2022 02:16:00 GMT
etag: "63632460-3efc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
access-control-allow-origin: https://overlos-bf59b2.ingress-erytho.ewp.live
content-type: font/woff2
content-length: 16124
x-cacheable: YES
age: 81150
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Origin: https://overlos-bf59b2.ingress-erytho.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:41 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:13 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:41 GMT
Content-Type: image/svg+xml
Age: 1307914
X-Cache: HIT
X-Cache-Hits: 594476
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Origin: https://overlos-bf59b2.ingress-erytho.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:40 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:09 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:40 GMT
Content-Type: image/svg+xml
Age: 1307918
X-Cache: HIT
X-Cache-Hits: 564282
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Origin: https://overlos-bf59b2.ingress-erytho.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:41 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:12 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:41 GMT
Content-Type: image/svg+xml
Age: 1307915
X-Cache: HIT
X-Cache-Hits: 566378
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
158.191.172.47200 OK 4.7 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash cbaae5274e188fc4d2a7d2ca6bd7315b
42305d482d76c79fe5dcce6e416b79e270b1a41c
496c50651eaf7fb688931365c6b48c921fc33c21d162062e22851f5d2a8c1dfb
GET /content/dam/assetsca/master/public/commun/images/autre/images/CA_Logo_seul-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/
Origin: https://overlos-bf59b2.ingress-erytho.ewp.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 13:09:41 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 24 Oct 2022 13:09:12 GMT
Cache-Control: max-age=2592000
Expires: Wed, 23 Nov 2022 13:09:41 GMT
Content-Type: image/svg+xml
Age: 1307915
X-Cache: HIT
X-Cache-Hits: 566379
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
overlos-bf59b2.ingress-erytho.ewp.live/Neew/undefinedjsonp/inbenta.js
63.250.43.133404 Not Found 146 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/undefinedjsonp/inbenta.js
IP 63.250.43.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/undefinedjsonp/inbenta.js HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:47 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22d633d497f2e25eab580a648c05434
8e549621e4182a257895a03db93e786bd86072a5
2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5978
x-amzn-requestid: e4cff3d7-86a7-44a8-8858-7c893c19e76c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAVFHdWIAMFQZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a86-60d1a8250e0017a3574a6642;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:37:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qSguV2gfEtxsoWSMifxQEbIAAqhUDgVom0IWauJEIrFoMA5f17J-GA==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:26 GMT
age: 67528
etag: "8e549621e4182a257895a03db93e786bd86072a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub
63.250.43.133404 Not Found 0 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub
IP 63.250.43.133:0
Analyzer Verdict Alert fortinet Phishing
GET /etc/cloudsettings.kernel.js/conf/ca/settings/cloudsettings/default/contexthub HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://overlos-bf59b2.ingress-erytho.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/undefined
63.250.43.133404 Not Found 0 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/undefined
IP 63.250.43.133:0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/undefined HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://overlos-bf59b2.ingress-erytho.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/libs/granite/csrf/token.json
63.250.43.133404 Not Found 0 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/libs/granite/csrf/token.json
IP 63.250.43.133:0
Analyzer Verdict Alert fortinet Phishing
GET /libs/granite/csrf/token.json HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://overlos-bf59b2.ingress-erytho.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
overlos-bf59b2.ingress-erytho.ewp.live/Neew/undefined
63.250.43.133404 Not Found 0 B URL HTTP/2 overlos-bf59b2.ingress-erytho.ewp.live/Neew/undefined
IP 63.250.43.133:0
Analyzer Verdict Alert fortinet Phishing
GET /Neew/undefined HTTP/1.1
Host: overlos-bf59b2.ingress-erytho.ewp.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overlos-bf59b2.ingress-erytho.ewp.live/Neew/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Nov 2022 16:27:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://overlos-bf59b2.ingress-erytho.ewp.live/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2