dev-wbpostalcx.pantheonsite.io/web/94427
23.185.0.4301 Moved Permanently 162 B URL HTTP/1.1 dev-wbpostalcx.pantheonsite.io/web/94427
IP 23.185.0.4:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427 HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://dev-wbpostalcx.pantheonsite.io/web/94427
Server: nginx
X-Pantheon-Styx-Hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
X-Styx-Req-Id: 6b8c5409-a520-11ed-8867-de08d1a6714c
Cache-Control: public, max-age=86400
Date: Sun, 05 Feb 2023 06:43:38 GMT
X-Served-By: cache-ams21071-AMS, cache-bma1678-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1675579418.993651,VS0,VE46
Vary: Cookie, Cookie
X-Robots-Tag: noindex
Age: 0
Accept-Ranges: bytes
Via: 1.1 varnish, 1.1 varnish
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7198
Expires: Sun, 05 Feb 2023 08:43:36 GMT
Date: Sun, 05 Feb 2023 06:43:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10339
Expires: Sun, 05 Feb 2023 09:35:57 GMT
Date: Sun, 05 Feb 2023 06:43:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 06:33:54 GMT
content-type: application/json
age: 584
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18020
Expires: Sun, 05 Feb 2023 11:43:58 GMT
Date: Sun, 05 Feb 2023 06:43:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /p9qtrxjKE0CKIBx1OArAM4+RTl7250PAT0fp5bfxEX9jP6m7E2Q/7Ezwg4OsDnrAqLvGvZUe8iMINb0qKaqrA==
x-amz-request-id: B9560280CACG7ZJE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 06:24:22 GMT
age: 1156
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427
23.185.0.4301 Moved Permanently 162 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427
IP 23.185.0.4:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427 HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
location: https://dev-wbpostalcx.pantheonsite.io/web/94427/
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 30b50db9-a520-11ed-91c7-d2c07b9f7710
cache-control: public, max-age=86400
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12721-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-timer: S1675579418.253387,VS0,VE22
vary: Cookie, Cookie
x-robots-tag: noindex
age: 99
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 162
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 06:43:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/
23.185.0.4200 OK 28 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/
IP 23.185.0.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1449)
Hash cd10c03cfc3663c97c9683dbc0ef2a13
a5e48d1259b9b7a9d861c14340e43c532e32714b
600b1d4f6759581f2dad777e2cc0f1883aef8307a23d90977d881b82b87b34ca
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/ HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 41499b24-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21025-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-timer: S1675579418.332182,VS0,VE59
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 27587
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/saved_resource(1)
23.185.0.4200 OK 59 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/saved_resource(1)
IP 23.185.0.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 84455fcbb9d61b5b76c43701007a7240
a39c2c1d2f997ea63adb3ac27e436a7e2374fe70
13c7df46eca6672ea379cb53820afa12862aed2f6e349f5fcaefd1f4d884bbc9
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/saved_resource(1) HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"63df4fb7-2b"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 4ad28e1e-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12727-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.504979,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 59
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/bsd
23.185.0.4200 OK 37 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/bsd
IP 23.185.0.4:0
File type ASCII text, with no line terminators
Hash 0c0982212f5443915a3b3afa003dab34
368c52b8f5718a0471bc5cbf6934d19d2884f9ce
76b2e00f0ce7e3a16b06bc1afa8697b53c18c1cf62e74755ae8b19eed401369f
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/bsd HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-11"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 4ad31a2d-a520-11ed-91c7-d2c07b9f7710
content-encoding: gzip
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12776-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.507385,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 37
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/assets/css/spinner.css
23.185.0.4200 OK 380 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/assets/css/spinner.css
IP 23.185.0.4:0
File type ASCII text, with CRLF line terminators
Hash 00ca23199a1a85f3c2cf38dabfeef853
f7da43579189b67a2e02e26b47da70d38562078e
af6ea681e0934131dc76799700e56c6416398f7ca618b6e66039276248286d30
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /web/94427/assets/css/spinner.css HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"63df4fb7-317"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6bd744fb-a520-11ed-bd7a-76d2222ea4b6
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21061-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.502353,VS0,VE30
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 380
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
23.185.0.4200 OK 599 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
IP 23.185.0.4:0
File type ASCII text, with very long lines (477)
Hash cac57a3c4bf741d845e6f013a4ed6f7a
fb84e768c3c246ee3c3e0d43cc116d1376f00449
e0d97d039af1dba42f2cb50e5a844b38617b18752c48ca95a5ee6186e40b72e5
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"63df4fb7-b0f"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6bd7d581-a520-11ed-91c7-d2c07b9f7710
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21026-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.504163,VS0,VE30
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 599
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/px
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/px
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/px HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-0"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 4ad2963f-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12783-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.515688,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/saved_resource
23.185.0.4200 OK 59 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/saved_resource
IP 23.185.0.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 84455fcbb9d61b5b76c43701007a7240
a39c2c1d2f997ea63adb3ac27e436a7e2374fe70
13c7df46eca6672ea379cb53820afa12862aed2f6e349f5fcaefd1f4d884bbc9
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/saved_resource HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"63df4fb7-2b"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 4ad2f472-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21062-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675579419.504468,VS0,VE35
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 59
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/seg
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/seg
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/seg HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-0"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 4ad26c25-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21077-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.516248,VS0,VE24
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/4050178.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/4050178.js
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/4050178.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
etag: "63df4fb7-0"
expires: Sun, 05 Feb 2023 06:42:42 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 4ad2879f-a520-11ed-91c7-d2c07b9f7710
cache-control: public, max-age=120
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21021-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.516977,VS0,VE27
vary: Accept-Encoding
x-robots-tag: noindex
age: 55
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/f(1).txt
23.185.0.4200 OK 1.1 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/f(1).txt
IP 23.185.0.4:0
File type ASCII text, with very long lines (2528), with no line terminators
Hash f7bf09284ae316d5c3e93a382e4a5f5f
f4c578ae0bf340d5ab34d5c73894db6a1b466dd6
7a851e7bae4d74f50e2741d60c35ab6e8a8c1080c8ffedf2f84458217d239434
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/f(1).txt HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"63df4fb7-9e0"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 6bd9da38-a520-11ed-8867-de08d1a6714c
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12744-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.519608,VS0,VE26
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1119
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/js
23.185.0.4200 OK 49 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/js
IP 23.185.0.4:0
File type ASCII text, with very long lines (1596)
Hash 62d31eb88dba4caaf44df4fe1077e09b
a51994ef0a180ddf1d4eb0c0e7a052a05916fcb2
0b927f74d6b20771facd456fb2cf1f8aea7e95aead8fb57187cb26862f44b78d
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"63df4fb7-1b8e7"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 4ad2e2d7-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21069-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.514518,VS0,VE34
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 48720
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/seg(1)
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/seg(1)
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/seg(1) HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-0"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 4ad2c6d0-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12771-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.529978,VS0,VE22
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/px(1)
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/px(1)
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/px(1) HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-0"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 4ad4065e-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12723-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.529468,VS0,VE23
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/px(2)
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/px(2)
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/px(2) HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-0"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 4ad2667d-a520-11ed-8867-de08d1a6714c
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21050-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.530866,VS0,VE25
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/seg(2)
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/seg(2)
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/seg(2) HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
etag: "63df4fb7-0"
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 4ad2bb64-a520-11ed-8867-de08d1a6714c
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12756-AMS, cache-bma1676-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675579419.532118,VS0,VE24
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/assets/js/main.js
23.185.0.4200 OK 560 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/assets/js/main.js
IP 23.185.0.4:0
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Hash f253ff3968dd80cefec84b09c5437a0f
0392cd7e1d577b7079bd0590673409711b4b3f77
1bfc467e8165b7296c7d9b8953c1069981e2bd9401ea63ed2d18b285c2ae59a2
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/assets/js/main.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-71f"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6bdc44d2-a520-11ed-91c7-d2c07b9f7710
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21033-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.535899,VS0,VE27
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 560
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/il_transverse_warning.svg
23.185.0.4200 OK 574 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/il_transverse_warning.svg
IP 23.185.0.4:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1080), with no line terminators
Hash 9d55298064d0b1f7253fbd98dc91225a
3dbc3e08fb91dd45d34af878c4dc31a1b51045e3
8bc2bdf82cd3be7623805b8abb5c118a2c092f220490447cd06da9dea418c278
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/il_transverse_warning.svg HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63df4fb7-438"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6bdc4ad4-a520-11ed-bd7a-76d2222ea4b6
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12781-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.533744,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 574
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/common/log.js
23.185.0.4200 OK 419 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/common/log.js
IP 23.185.0.4:0
File type ASCII text, with CRLF line terminators
Hash 45bdf328a2b2a3b7e6ed74f266e18808
9630fa83905b07b5a1433e7560596afff1d5f0d6
0a32f4d23aba5363b8d708fb8cd149ac87ed29958a28c0aafd887558d0f5c4ea
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/common/log.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-329"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 6bdda80b-a520-11ed-8867-de08d1a6714c
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12751-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.536253,VS0,VE43
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 419
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/LOGO-LBP-digital-fd-clair-RVB.svg
23.185.0.4200 OK 1.8 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/LOGO-LBP-digital-fd-clair-RVB.svg
IP 23.185.0.4:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 465fcc6d1d6409eaf92e55dc2ec54b9c
f66b37435dce27bfb96f67e6a26a1c970a020b07
d52e0a622c8803029104fd93862c189827263036e4be5d9e8960a916d808a30d
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/LOGO-LBP-digital-fd-clair-RVB.svg HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63df4fb7-dd1"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 6bdf4cf5-a520-11ed-9b29-fe669fd185ba
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21031-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.532965,VS0,VE48
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1769
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/oct.js
23.185.0.4200 OK 18 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/oct.js
IP 23.185.0.4:0
Hash ae8629445339b57fd01c1692439b2404
fc3583208671e2685703fb0c44eae35fe5ea39e1
dfe7835f87b31a75e3444a105a57f77df4d6684516ca67a3df25af869f17cc57
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/oct.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-ddec"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6bd8fba0-a520-11ed-bd7a-76d2222ea4b6
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12720-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.512265,VS0,VE31
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/991001.js
23.185.0.4200 OK 2.5 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/991001.js
IP 23.185.0.4:0
Hash c0008507f86eda178ab48744f853a4d0
b8b25b71c9c213ec9b1a95585febea7d4665238d
cf0b8920a46a9c97ebcf3d0ff4ff91de2dd8dfff22f6cf4aa78b38cc2fd39d38
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/991001.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-158f"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 6bd9c60a-a520-11ed-8867-de08d1a6714c
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21026-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.519164,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:43:38 GMT
Last-Modified: Sun, 05 Feb 2023 04:57:44 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
mmtro.com/tro.js
195.66.82.41200 5.5 kB IP 195.66.82.41:0
File type ASCII text, with very long lines (537)
Hash 70ca7a250d4faa3da68afcbdea11b6e4
8a63fa9c96d840a73827ea28f94672b4fdc715b6
afc9350b8220df44e3eec16af392dda41ebe2d160c6e3d3e16f092960493951d
GET /tro.js HTTP/1.1
Host: mmtro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
date: Sun, 05 Feb 2023 06:43:38 GMT
content-type: text/javascript
vary: Accept-Encoding
x-rid: 63df501acef27f4402b7109b
cache-control: private, max-age=259200
p3p: policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
connection: close
transfer-encoding: chunked
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Regular.ttf
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Regular.ttf
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/base-fonts/resources/fonts/lato/Lato-Regular.ttf HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-redirect-by: WordPress
x-styx-req-id: 6bf090eb-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21021-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.666326,VS0,VE46
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/etc.clientlibs/labanquepostale/commons/clientlibs/designsystem/base/resources/svg-icons.svg
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/etc.clientlibs/labanquepostale/commons/clientlibs/designsystem/base/resources/svg-icons.svg
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /etc.clientlibs/labanquepostale/commons/clientlibs/designsystem/base/resources/svg-icons.svg HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-redirect-by: WordPress
x-styx-req-id: 6bf9a184-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21053-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.721326,VS0,VE47
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/base-fonts/resources/fonts/lato/Lato-Bold.ttf HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-redirect-by: WordPress
x-styx-req-id: 6bfa69fa-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21024-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.723833,VS0,VE51
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Light.ttf
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Light.ttf
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/base-fonts/resources/fonts/lato/Lato-Light.ttf HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-redirect-by: WordPress
x-styx-req-id: 6bfacc89-a520-11ed-8867-de08d1a6714c
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21036-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.733444,VS0,VE44
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-wbpostalcx.pantheonsite.io&d.r=1675579457757
93.184.221.133200 OK 207 B URL HTTP/2 cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-wbpostalcx.pantheonsite.io&d.r=1675579457757
IP 93.184.221.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 156d13a9471aa8d01e8aafd7330dc5b1
99dfd9a28e98032e6e6d510f32e4ddb1ddac4343
1b6f17ea3e1cbc6b005b2c76299fb8fa1832119d8fe5386f019125ee5b44a9a4
GET /iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-wbpostalcx.pantheonsite.io&d.r=1675579457757 HTTP/1.1
Host: cstatic.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 195546
cache-control: max-age=604800
content-type: text/html
date: Sun, 05 Feb 2023 06:43:38 GMT
etag: "282943589+gzip"
expires: Sun, 12 Feb 2023 06:43:38 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (ska/F730)
vary: Accept-Encoding
x-cache: HIT
content-length: 207
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 06:07:20 GMT
age: 2178
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cstatic.weborama.fr/iframe/external_libs.v2.js
93.184.221.133200 OK 3.1 kB URL HTTP/2 cstatic.weborama.fr/iframe/external_libs.v2.js
IP 93.184.221.133:0
File type ASCII text, with very long lines (8150)
Hash c05f11cb63f0ad9c04bce61aaad215af
ea14cb8d575944a3e809c6c73224867c0a53c37a
d1cc4d3c37246ac70f33ddeb2ebd95b14df46b1732a1e1cc35b633e600a90e8d
GET /iframe/external_libs.v2.js HTTP/1.1
Host: cstatic.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=&src=wamf.laposte.js&ref=dev-wbpostalcx.pantheonsite.io&d.r=1675579457757
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 422489
cache-control: max-age=604800
content-type: text/javascript
date: Sun, 05 Feb 2023 06:43:38 GMT
etag: "892405118+gzip"
expires: Sun, 12 Feb 2023 06:43:38 GMT
last-modified: Tue, 24 Jan 2023 09:15:53 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (ska/F68B)
vary: Accept-Encoding
x-cache: HIT
content-length: 3050
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/ill_citoyenne.svg
23.185.0.4200 OK 1.5 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/ill_citoyenne.svg
IP 23.185.0.4:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 826e7a4a4676eb3cb3823a4f9e8f9deb
17aa9f72f0aea7f3abae9e340ec27d08a1d3b859
97607fb052141b0869f310cb458748723725e92e690f689d7791b6051f1f8f2c
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/ill_citoyenne.svg HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63df4fb7-f3f"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6c181908-a520-11ed-91c7-d2c07b9f7710
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21031-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.925338,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1475
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/libs/granite/csrf/token.json
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/libs/granite/csrf/token.json
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /libs/granite/csrf/token.json HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-redirect-by: WordPress
x-styx-req-id: 6c167470-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21067-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.916637,VS0,VE43
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7328
Expires: Sun, 05 Feb 2023 08:45:47 GMT
Date: Sun, 05 Feb 2023 06:43:39 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.224.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.224.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nxIZKLj6Yb5XWqE7oc/3qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zhHJmoUiQdbpAQpix+JQDAul5xw=
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/base-fonts/resources/fonts/lato/Lato-Regular.woff HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-redirect-by: WordPress
x-styx-req-id: 6c59bb65-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:39 GMT
x-served-by: cache-ams12730-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.357667,VS0,VE40
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/base-fonts/resources/fonts/lato/Lato-Bold.woff HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-redirect-by: WordPress
x-styx-req-id: 6c984066-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:39 GMT
x-served-by: cache-ams12782-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579420.765826,VS0,VE44
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 9.5 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
Hash ba5c1be51362e2036b508d45eaa6bf1d
011ad9865cfd7a37e8a59790f8e2dd4c34555591
a359fc3184df6b493cf2e38656cfc4e68454990eee6bd7c8073e0a7073c74eaa
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6c188e24-a520-11ed-bd7a-76d2222ea4b6
date: Sun, 05 Feb 2023 06:43:39 GMT
x-served-by: cache-ams21028-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.929654,VS0,VE414
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 5.0 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
Hash c4ac0e8b0d18459b6ea2159d2488500e
cc6fcdb21bdc4d51dcaf340567de9b1c5e40ab02
6581b7283601cd875585a1177ba81469b4f35a2f30897db5d1974acc1608c395
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 6c57cd9e-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:39 GMT
x-served-by: cache-ams12754-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.977951,VS0,VE781
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
185.83.142.19307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?//its.tradelab.fr/?type=tlsync&uuid2=$UID&callback=tl_sync HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
AN-X-Request-Uuid: 4d51fb55-b298-42a3-a249-86d4bdeecb90
Set-Cookie: uuid2=5041322525339170628; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.de/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.de/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:43:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
185.83.142.19307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
AN-X-Request-Uuid: 573cbeb4-3e85-4f61-9dd5-7643bd3bb51b
Set-Cookie: uuid2=3848633048274357317; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/px?id=991000&t=2
185.89.210.244307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=991000&t=2
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=991000&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
AN-X-Request-Uuid: 2951b5e5-4be2-4863-be38-1d19a7a308f0
Set-Cookie: uuid2=3501119303504621768; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.com/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/993136125/?random=1656518854176&cv=9&fst=1656518400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=60&u_java=false&u_nplug=5&u_nmime=2>m=2oa6r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.labanquepostale.fr%2Fparticulier%2Fconnexion-espace-client.html&ref=https%3A%2F%2Fwww.labanquepostale.fr%2F&tiba=Connexion%20%C3%A0%20l%27espace%20client%20-%20La%20Banque%20Postale&async=1&fmt=3&is_vtc=1&random=1411629599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 06:43:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/px?id=991001&t=2
185.89.210.244307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=991001&t=2
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=991001&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
AN-X-Request-Uuid: e2879d0b-d987-4f4f-8b68-6d29a986932b
Set-Cookie: uuid2=5850754693415551531; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
185.83.142.19307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?//its.tradelab.fr/?type=convr&x=1&uuid2=$UID&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
AN-X-Request-Uuid: 4a370a10-1165-49c5-b59f-3694ac2d3ac6
Set-Cookie: uuid2=8880298431222057624; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Light.woff
23.185.0.4302 Found 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts/resources/fonts/lato/Lato-Light.woff
IP 23.185.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
fortinet Phishing
GET /web/94427/asset/base-fonts/resources/fonts/lato/Lato-Light.woff HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-redirect-by: WordPress
x-styx-req-id: 6cd8127f-a520-11ed-8867-de08d1a6714c
date: Sun, 05 Feb 2023 06:43:40 GMT
x-served-by: cache-ams12779-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579420.183952,VS0,VE45
vary: Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 0
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 5.0 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
Hash bb93c360d54c9323e293e8206c173ab2
fd57c0fd91028c9296ede827b6404c52a10e44c5
12e4752b66c755eb6ce73f49dad1e68cd35ac435167246ed4c1e7417a42f592c
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6c599464-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:39 GMT
x-served-by: cache-ams12773-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.355131,VS0,VE398
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 5.0 kB URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
Hash 13d86f1a4a01032b0328a4e3d6946f67
61033301f0127f057cf56c1f2d000dae392b0856
3d731b088a090ff483873aaf5d9088158c6a246086bde855476534e2bcc1d6a7
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6ca0c0ca-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:40 GMT
x-served-by: cache-ams21062-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579420.822669,VS0,VE415
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
185.83.142.19302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dtlsync%26uuid2%3D%24UID%26callback%3Dtl_sync HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: //its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
AN-X-Request-Uuid: 4f8ca8ad-a243-430f-a86b-fcd53d39b4e8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
185.89.210.244200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D991000%26t%3D2
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fpx%3Fid%3D991000%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 46e708a7-4ec2-4d25-b8f4-236a14b23197
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
185.83.142.19302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991001%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: //its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={"a":991001,"l":[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],"i":1,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=2602146
AN-X-Request-Uuid: 2ec27b15-2c75-4755-ac8a-05bbd6a7d68c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
185.89.210.244200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D991001%26t%3D2
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fpx%3Fid%3D991001%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 790ab6e6-0767-4e08-9f2d-4073183cfcbf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
185.83.142.19302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3F%2F%2Fits.tradelab.fr%2F%3Ftype%3Dconvr%26x%3D1%26uuid2%3D%24UID%26cdata%3D%257B%2522a%2522%253A991000%252C%2522l%2522%253A%255B6129654%252C6129670%252C6129677%252C6129705%252C6140244%252C6140246%252C6140363%252C6141029%252C6205745%252C6205752%252C6205755%252C6205762%252C6220830%252C8124214%252C8124594%252C8124968%252C8124973%252C8125344%252C8141760%252C8141763%252C8141816%252C8141850%252C8141875%252C8141880%252C8141931%252C8141938%252C8176847%252C8176869%252C8176878%252C8178278%252C8178332%252C8217168%252C8239623%252C8245529%252C8245533%252C8245537%252C8245540%252C8260100%252C8445392%252C8505468%252C8505515%252C9271738%252C9271745%252C9271969%252C9272093%252C9272160%252C9272905%252C9408323%252C9408407%252C9408587%252C9408663%252C9408768%252C9511553%252C9611699%252C9611846%252C9683342%252C9683349%252C9719394%252C10005812%252C10226877%252C10226889%252C10226919%252C10244639%252C10381193%252C10480996%252C12967986%252C12968507%252C12968515%252C12968543%252C12968782%252C12968784%252C13104005%252C13259085%252C13477519%252C14058054%252C14058197%252C14058205%252C14058228%252C14069494%252C14069497%252C14069560%252C14069565%252C14069590%252C14069626%252C14074179%252C14112662%252C14130392%252C14212376%252C14212411%252C14212419%252C14212455%252C14212467%252C14212692%252C14212694%252C14570528%252C14570544%255D%252C%2522i%2522%253A1%252C%2522c%2522%253A7%252C%2522t%2522%253A%2522h%2522%252C%2522m%2522%253A%2522null%2522%252C%2522vi%2522%253A0%252C%2522vc%2522%253A0%252C%2522hf%2522%253A0%252C%2522x%2522%253A%257B%257D%257D%26advid%3D2602146 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: //its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={"a":991000,"l":[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],"i":1,"c":7,"t":"h","m":"null","vi":0,"vc":0,"hf":0,"x":{}}&advid=2602146
AN-X-Request-Uuid: 71f1df4f-7263-49b8-ac4c-c0bb8a76c562
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Sun, 05 Feb 2023 08:07:08 GMT
Date: Sun, 05 Feb 2023 06:43:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5008
Expires: Sun, 05 Feb 2023 08:07:08 GMT
Date: Sun, 05 Feb 2023 06:43:40 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 7f35c21b427b8b44a51b53930c6b671a
70f41c757fc60544e95bc1d86368d514f671cb85
1b5c34603cf5f3e05e656b94e267bf7956a6104eb59ff36d0ea7612e1fdba395
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:05:31 GMT
Expires: Sun, 05 Feb 2023 21:05:31 GMT
ETag: "70f41c757fc60544e95bc1d86368d514f671cb85"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 7f35c21b427b8b44a51b53930c6b671a
70f41c757fc60544e95bc1d86368d514f671cb85
1b5c34603cf5f3e05e656b94e267bf7956a6104eb59ff36d0ea7612e1fdba395
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:05:31 GMT
Expires: Sun, 05 Feb 2023 21:05:31 GMT
ETag: "70f41c757fc60544e95bc1d86368d514f671cb85"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 32401
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 11012
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bee08788da5b88dde69aeb1d4de005c9
537c7a19a9395a60452b6b0b3ae08d47f4705181
02365d88ae9ff3ace3f29509df0e436ab0838d44714ef0f25dea463d665f794a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 544d13b9-8d45-4029-88e0-280f27cc0fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi4-SHN1IAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76ec1-3f1ee84f53fe45cc01439a28;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtyPO9j12ZpU3XdElRgCrqB4XNERrppavwJZJn5As8mqjjDLyZBmsw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
age: 32401
etag: "537c7a19a9395a60452b6b0b3ae08d47f4705181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 7f35c21b427b8b44a51b53930c6b671a
70f41c757fc60544e95bc1d86368d514f671cb85
1b5c34603cf5f3e05e656b94e267bf7956a6104eb59ff36d0ea7612e1fdba395
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:05:31 GMT
Expires: Sun, 05 Feb 2023 21:05:31 GMT
ETag: "70f41c757fc60544e95bc1d86368d514f671cb85"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 63474
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 56995
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mWqq5MbsWYvQmSzPw3kTdjzTkz22mNHbOoqyiHfbxv0BhNhgFfnZGw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 32388
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
85.17.192.105200 OK 35 B URL HTTP/1.1 its.tradelab.fr/?type=tlsync&uuid2=0&callback=tl_sync
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 83c8c161f7f7b84ec6c6249fdf0ce33f
c67ae10034c6cb91dbbd26a5a5b1ec77a2b83597
2aca65361735825e9195f619974779e860a6517d43f0c2ad97a169e3621b291d
GET /?type=tlsync&uuid2=0&callback=tl_sync HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
uuid=8923056183530888064; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&uuid2=0&cdata={%22a%22:991001,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146 HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
uuid=8322995942731578834; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node5.tradelab.fr
its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&uuid2=0&cdata={%22a%22:991000,%22l%22:[6129654,6129670,6129677,6129705,6140244,6140246,6140363,6141029,6205745,6205752,6205755,6205762,6220830,8124214,8124594,8124968,8124973,8125344,8141760,8141763,8141816,8141850,8141875,8141880,8141931,8141938,8176847,8176869,8176878,8178278,8178332,8217168,8239623,8245529,8245533,8245537,8245540,8260100,8445392,8505468,8505515,9271738,9271745,9271969,9272093,9272160,9272905,9408323,9408407,9408587,9408663,9408768,9511553,9611699,9611846,9683342,9683349,9719394,10005812,10226877,10226889,10226919,10244639,10381193,10480996,12967986,12968507,12968515,12968543,12968782,12968784,13104005,13259085,13477519,14058054,14058197,14058205,14058228,14069494,14069497,14069560,14069565,14069590,14069626,14074179,14112662,14130392,14212376,14212411,14212419,14212455,14212467,14212692,14212694,14570528,14570544],%22i%22:1,%22c%22:7,%22t%22:%22h%22,%22m%22:%22null%22,%22vi%22:0,%22vc%22:0,%22hf%22:0,%22x%22:{}}&advid=2602146 HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
uuid=6983856011675145597; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node1.tradelab.fr
secure.adnxs.com/seg?add=2491894:0&t=2
185.89.210.244307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=2491894:0&t=2
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=2491894:0&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
AN-X-Request-Uuid: 71e53111-f3d2-4994-8664-aeb08fabfa03
Set-Cookie: uuid2=643146239188600738; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
185.89.210.244200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D2491894%3A0%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 27b7a7f1-323e-481b-af0f-fd652753c383
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVJctyJ9!]tbP6j2F-XstGt!@Dps$ut[T; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
its.tradelab.fr/?type=tp&advid=2602146&uuid=8923056183530888064&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
85.17.192.105302 Found 0 B URL HTTP/1.1 its.tradelab.fr/?type=tp&advid=2602146&uuid=8923056183530888064&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?type=tp&advid=2602146&uuid=8923056183530888064&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=8923056183530888064; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
iev0=eJyrVjIyMzAyNDFTsqpWKiopVrIyNDM3NTW3NDEyMDc21FEqSs4rUbIyADJSSosgDKBIJoRVXACSq60FAHv1Exk=; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
Access-Control-Allow-Origin: *
X-Powered-By: Tradelab ITS / node2.tradelab.fr
Location: https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
216.58.207.226302 Found 285 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 99eacce2df6348525adbb66179b6a122
9ae2089704548b1c8545021a9de724f71fa8fb84
cd793d1e2bdcc66fa07e118627012f0d24684aa085f149eed09b86a06ade7384
GET /pixel?google_nid=tradelab_dmp&google_cm HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
date: Sun, 05 Feb 2023 06:43:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 285
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 06:58:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
216.58.207.226302 Found 256 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=tradelab_dmp&google_cm=&google_tc=
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 71887a73cc8a27e417a04a9a689586c0
d3128cba3bfccf3eb54562cccc344d30ca175703
86083e6edab8fa44c3d8b0b5ff3a7292f6bdf16e2a3046f90a285f036b0ce96b
GET /pixel?google_nid=tradelab_dmp&google_cm=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://its.tradelab.fr/?type=tlsync_dbm&google_error=3
date: Sun, 05 Feb 2023 06:43:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 06:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
its.tradelab.fr/?type=tlsync_dbm&google_error=3
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=tlsync_dbm&google_error=3
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=tlsync_dbm&google_error=3 HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=1386697897054911062; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:40 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node5.tradelab.fr
cdn.tradelab.fr/fseg/2135.js?add=12608265
152.195.132.24200 OK 7.1 kB URL HTTP/2 cdn.tradelab.fr/fseg/2135.js?add=12608265
IP 152.195.132.24:0
File type ASCII text, with very long lines (518)
Hash a8abc02c39b7287b0f19d82b533bbb31
ea31ae5d5508ebc6becbc825440410a9afde3bf5
1306b25aace96607b313f03fd25f8bd7185ba2d8c622913cb76c7d5cfa0964f5
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /fseg/2135.js?add=12608265 HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 432
cache-control: max-age=1800
content-type: application/javascript
date: Sun, 05 Feb 2023 06:43:41 GMT
etag: "1bbd-59ff7646fd68a"
expires: Sun, 05 Feb 2023 07:13:41 GMT
last-modified: Tue, 03 Mar 2020 18:22:54 GMT
server: ECAcc (lhb/6364)
x-cache: HIT
content-length: 7101
X-Firefox-Spdy: h2
cdn.tradelab.fr/conv/991000.js
152.195.132.24200 OK 2.0 kB URL HTTP/2 cdn.tradelab.fr/conv/991000.js
IP 152.195.132.24:0
File type ASCII text, with very long lines (832)
Hash 866cef51cc7a1af978bd63d062ad7597
fc1a7e138eff4b50c0a722a777684720ff1a1450
339200fc612e99e909baf07bd33255243a505dbbb0b92ebe802b0ec89c843053
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /conv/991000.js HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 773
cache-control: max-age=1800
content-type: application/javascript
date: Sun, 05 Feb 2023 06:43:41 GMT
etag: "15a7-5c445be4e9274-gzip"
expires: Sun, 05 Feb 2023 07:13:41 GMT
last-modified: Tue, 08 Jun 2021 18:58:28 GMT
server: ECAcc (ska/F753)
vary: Accept-Encoding
x-cache: HIT
content-length: 2034
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=12608265&t=2
185.89.210.244307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=12608265&t=2
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=12608265&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:41 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
AN-X-Request-Uuid: 9174e4af-bbfa-46b6-bab2-6bfc9364b4bb
Set-Cookie: uuid2=3383092501676674634; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:41 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
its.tradelab.fr/?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-wbpostalcx.pantheonsite.io%252Fweb%252F94427%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-wbpostalcx.pantheonsite.io%252Fweb%252F94427%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=fseg&uuid2=0&sid=12608265&val=undefined&fun=2135&step=1&siev=12608262&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-wbpostalcx.pantheonsite.io%252Fweb%252F94427%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:41 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:41 GMT; Secure; SameSite=None
uuid=6453815519111219296; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:41 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&cdata=%7B%22a%22%3A991000%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8178278%2C8178332%2C8217168%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:41 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=1816172002502457174; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:41 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node3.tradelab.fr
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
185.89.210.244200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608265%26t%3D2
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D12608265%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:41 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 906a10aa-b150-45a9-a94d-e4c8369e55da
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GVRctyJ9!]tbP6j2F-XstGt!@Dqb$vBtX; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:41 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.tradelab.fr/fseg/2135.js?add=12608266
152.195.132.24200 OK 7.1 kB URL HTTP/2 cdn.tradelab.fr/fseg/2135.js?add=12608266
IP 152.195.132.24:0
File type ASCII text, with very long lines (518)
Hash a8abc02c39b7287b0f19d82b533bbb31
ea31ae5d5508ebc6becbc825440410a9afde3bf5
1306b25aace96607b313f03fd25f8bd7185ba2d8c622913cb76c7d5cfa0964f5
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /fseg/2135.js?add=12608266 HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 436
cache-control: max-age=1800
content-type: application/javascript
date: Sun, 05 Feb 2023 06:43:45 GMT
etag: "1bbd-59ff7646fd68a"
expires: Sun, 05 Feb 2023 07:13:45 GMT
last-modified: Tue, 03 Mar 2020 18:22:54 GMT
server: ECAcc (ska/F73F)
x-cache: HIT
content-length: 7101
X-Firefox-Spdy: h2
cdn.tradelab.fr/conv/991001.js
152.195.132.24200 OK 2.0 kB URL HTTP/2 cdn.tradelab.fr/conv/991001.js
IP 152.195.132.24:0
File type ASCII text, with very long lines (808)
Hash 76ab9cb9225329cbb283ca854ec51436
0b6c85a3be3979ecb9c5464c793fad122794b9a9
e44c53266fbef09b992000993e8e46ed1ad51742ab33fb389b2eb934c66c0b5d
Analyzer Verdict Alert urlquery phishing Phishing - La Banque postale
urlquery phishing Phishing - La Banque postale
GET /conv/991001.js HTTP/1.1
Host: cdn.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-origin: *
age: 707
cache-control: max-age=1800
content-type: application/javascript
date: Sun, 05 Feb 2023 06:43:45 GMT
etag: "158f-5c445be5b05ff-gzip"
expires: Sun, 05 Feb 2023 07:13:45 GMT
last-modified: Tue, 08 Jun 2021 18:58:28 GMT
server: ECAcc (ska/F730)
vary: Accept-Encoding
x-cache: HIT
content-length: 2023
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=12608266&t=2
185.89.210.244307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=12608266&t=2
IP 185.89.210.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=12608266&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
AN-X-Request-Uuid: 5f5c8bd2-b5e8-440f-8bbe-df23224d58f8
Set-Cookie: uuid2=3608596186588187002; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
185.89.210.244200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D12608266%26t%3D2
IP 185.89.210.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D12608266%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 06:43:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: f15e4ba4-c985-4794-82a6-d79823a3818b
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?ectyJ9!]tbP6j2F-XstGt!@Dts$x('i; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 06:43:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
its.tradelab.fr/?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-wbpostalcx.pantheonsite.io%252Fweb%252F94427%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-wbpostalcx.pantheonsite.io%252Fweb%252F94427%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=fseg&uuid2=0&sid=12608266&val=undefined&fun=2135&step=2&siev=12608263&fp=0&advid=2602146&isregen=0&ua=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0&ur=https%253A%252F%252Fdev-wbpostalcx.pantheonsite.io%252Fweb%252F94427%252F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: uuid2=0; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:45 GMT; Secure; SameSite=None
uuid=5480187513628608466; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:45 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0,post-check=0,pre-check=0
Access-Control-Allow-Origin: *
P3p: CP="CAO PSA OUR"
its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
85.17.192.105200 OK 43 B URL HTTP/1.1 its.tradelab.fr/?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D
IP 85.17.192.105:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /?type=convr&x=1&cdata=%7B%22a%22%3A991001%2C%22l%22%3A%5B6129654%2C6129670%2C6129677%2C6129705%2C6140244%2C6140246%2C6140363%2C6141029%2C6205745%2C6205752%2C6205755%2C6205762%2C6220830%2C8124214%2C8124594%2C8124968%2C8124973%2C8125344%2C8141760%2C8141763%2C8141816%2C8141850%2C8141875%2C8141880%2C8141931%2C8141938%2C8176847%2C8176869%2C8176878%2C8239623%2C8245529%2C8245533%2C8245537%2C8245540%2C8260100%2C8445392%2C8505468%2C8505515%2C9271738%2C9271745%2C9271969%2C9272093%2C9272160%2C9272905%2C9408323%2C9408407%2C9408587%2C9408663%2C9408768%2C9511553%2C9611699%2C9611846%2C9683342%2C9683349%2C9719394%2C10005812%2C10226877%2C10226889%2C10226919%2C10244639%2C10381193%2C10480996%2C12967986%2C12968507%2C12968515%2C12968543%2C12968782%2C12968784%2C13104005%2C13259085%2C13477519%2C14058054%2C14058197%2C14058205%2C14058228%2C14069494%2C14069497%2C14069560%2C14069565%2C14069590%2C14069626%2C14074179%2C14112662%2C14130392%2C14212376%2C14212411%2C14212419%2C14212455%2C14212467%2C14212692%2C14212694%2C14570528%2C14570544%5D%2C%22i%22%3A1%2C%22c%22%3A7%2C%22t%22%3A%22h%22%2C%22m%22%3A%22null%22%2C%22vi%22%3A0%2C%22vc%22%3A0%2C%22hf%22%3A0%2C%22x%22%3A%7B%7D%7D&advid=2602146&xur=dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F&adata=%7B%22c%22%3A%7B%22ref_url%22%3A%22%22%2C%22ref_ts%22%3A1675579460%2C%22page_url%22%3A%22dev-wbpostalcx.pantheonsite.io%2Fweb%2F94427%2F%22%2C%22dm%22%3A%22www.labanquepostale.fr%22%7D%2C%22v%22%3A%7B%22vis_cnt%22%3A1%2C%22frst_vis_ts%22%3A1675579458%2C%22prev_vis_ts%22%3A1675579458%2C%22curr_vis_ts%22%3A1675579460%2C%22total_page_cnt%22%3A1%2C%22prev_page_cnt%22%3A1%2C%22curr_page_cnt%22%3A1%7D%7D HTTP/1.1
Host: its.tradelab.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 06:43:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=1182137999511943480; Max-Age=7776000; Domain=.tradelab.fr; Path=/; Expires=Sat, 06 May 2023 05:43:45 GMT; Secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Powered-By: Tradelab ITS / node2.tradelab.fr
dev-wbpostalcx.pantheonsite.io/web/94427/asset/css/bootstrap.min.css
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/css/bootstrap.min.css
IP 23.185.0.4:0
GET /web/94427/asset/css/bootstrap.min.css HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"63df4fb7-2606e"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 6bd736e2-a520-11ed-8867-de08d1a6714c
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21060-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.501985,VS0,VE30
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/f.txt
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/f.txt
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/f.txt HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/plain
etag: W/"63df4fb7-9c44"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 6bd7b961-a520-11ed-9b29-fe669fd185ba
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21078-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.505558,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/wreport_wcm.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/wreport_wcm.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/wreport_wcm.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-3e68"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 6bd852df-a520-11ed-8867-de08d1a6714c
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12739-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.509728,VS0,VE28
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/e1e16f7b41.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/e1e16f7b41.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/e1e16f7b41.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-4071"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6bd8c520-a520-11ed-bd7a-76d2222ea4b6
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12769-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.512705,VS0,VE26
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/wamfactory_dpm.laposte.min.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/wamfactory_dpm.laposte.min.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/wamfactory_dpm.laposte.min.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-1398"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6bd8b10f-a520-11ed-91c7-d2c07b9f7710
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21075-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.510192,VS0,VE29
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 6c97b6de-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:40 GMT
x-served-by: cache-ams21041-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579420.764416,VS0,VE416
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/bat.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/bat.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/bat.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-976d"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6bd802af-a520-11ed-bd7a-76d2222ea4b6
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12777-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.507953,VS0,VE27
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base.min.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base.min.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/base.min.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-8aad4"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-tzcc8
x-styx-req-id: 6bdc7062-a520-11ed-bd7a-76d2222ea4b6
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12743-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.534336,VS0,VE31
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6ce1b1f4-a520-11ed-91c7-d2c07b9f7710
date: Sun, 05 Feb 2023 06:43:40 GMT
x-served-by: cache-ams12733-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579420.249204,VS0,VE405
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css
IP 23.185.0.4:0
GET /web/94427/asset/base.min.99f35a940b6f6915d544e01fa9d9b267.css HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css
etag: W/"63df4fb7-3cf1d"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6bd785db-a520-11ed-91c7-d2c07b9f7710
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12751-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.504491,VS0,VE31
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/991000.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/991000.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/991000.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-15a7"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-lmnzm
x-styx-req-id: 6bd9d230-a520-11ed-91c7-d2c07b9f7710
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams12732-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.517768,VS0,VE27
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js
104.17.24.14200 OK 0 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.js
IP 104.17.24.14:0
GET /ajax/libs/jquery/3.4.1/jquery.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dev-wbpostalcx.pantheonsite.io
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 06:43:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 69049
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-4472c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 892613
expires: Fri, 26 Jan 2024 06:43:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOLkXX72lCbV75eEX25qeEF%2B1HWOC%2FhpZ0bwewWjAGJ5uTqr9Pd2fD6KCP95cv7z61BErR6TnfWGqg01ag0B%2B32FVmoJqIjigHYEd9fqwhZdwwsYDEfxU%2B7r%2BmGBZL7G%2BwCR0S80"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7949ac465f100b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/web/94427/asset/uwt.js
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/web/94427/asset/uwt.js
IP 23.185.0.4:0
Analyzer Verdict Alert fortinet Phishing
GET /web/94427/asset/uwt.js HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63df4fb7-ddec"
expires: Sun, 05 Feb 2023 06:43:37 GMT
last-modified: Sun, 05 Feb 2023 06:41:59 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-d-7bf94d47df-w8bbb
x-styx-req-id: 6bdbcaba-a520-11ed-8867-de08d1a6714c
cache-control: no-cache, must-revalidate
date: Sun, 05 Feb 2023 06:43:38 GMT
x-served-by: cache-ams21071-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579419.508603,VS0,VE52
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
23.185.0.4200 OK 0 B URL HTTP/2 dev-wbpostalcx.pantheonsite.io/wp-admin/install.php
IP 23.185.0.4:0
GET /wp-admin/install.php HTTP/1.1
Host: dev-wbpostalcx.pantheonsite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dev-wbpostalcx.pantheonsite.io/web/94427/asset/base-fonts.min.a7e7927fdac70bd77ee0c5330bedd24b.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3fe4-c-5c4c6d4599-sm9vh
x-styx-req-id: 6c97a483-a520-11ed-9b29-fe669fd185ba
date: Sun, 05 Feb 2023 06:43:40 GMT
x-served-by: cache-ams12726-AMS, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675579420.763835,VS0,VE403
vary: Accept-Encoding, Cookie, Cookie
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2