urlquery - report: aidesfacturation.com/login.php

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-04 05:16:40 UTC	52.39.126.109
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-04 04:44:39 UTC	34.120.237.76
aidesfacturation.com (3)	0	2022-09-02 21:47:05 UTC	2022-09-04 22:10:18 UTC	45.131.187.249	Unknown ranking
r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-09-04 05:57:13 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-04 15:57:32 UTC	143.204.55.27
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-04 05:49:57 UTC	143.204.55.49
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-04 04:35:24 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-04 16:49:15 UTC	93.184.220.29

Scan Date	Severity	Indicator	Comment
2022-09-04	2	aidesfacturation.com/login.php	Phishing
2022-09-04	2	aidesfacturation.com/login.php	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-24 23:37:01 +0000	0 - 0 - 3	ameli-info-sante.com/	45.131.187.249
2023-03-23 13:34:30 +0000	0 - 1 - 0	amelirenouvcartevitale.com/login.php	45.131.187.249
2023-03-20 08:11:18 +0000	0 - 0 - 1	ameli-service-espace.com/login.php	45.131.187.249
2023-03-18 02:35:41 +0000	0 - 0 - 1	ameli-service-espace.com/login.php	45.131.187.249
2023-03-17 14:34:20 +0000	0 - 0 - 1	accueil-renouv.fr/login.php	45.131.187.249

Date	UQ / IDS / BL	URL	IP
2023-03-27 23:42:56 +0000	0 - 0 - 3	154.7.13.193/	154.7.13.193
2023-03-24 23:37:01 +0000	0 - 0 - 3	ameli-info-sante.com/	45.131.187.249
2023-03-24 02:48:54 +0000	0 - 0 - 2	helping-amazon.com/login.php	45.131.187.253
2023-03-23 14:31:27 +0000	0 - 0 - 2	helping-amazon.com/login.php	45.131.187.253
2023-03-23 13:34:30 +0000	0 - 1 - 0	amelirenouvcartevitale.com/login.php	45.131.187.249

Date	UQ / IDS / BL	URL	IP
2023-03-11 03:04:19 +0000	0 - 0 - 1	aidesfacturation.com/login.php	45.79.19.196
2022-09-04 22:10:34 +0000	0 - 0 - 2	aidesfacturation.com/login.php	45.131.187.249
2022-09-04 06:12:27 +0000	0 - 0 - 2	aidesfacturation.com/login.php	45.131.187.249
2022-09-04 03:15:45 +0000	0 - 0 - 2	aidesfacturation.com/	45.131.187.249
2022-09-03 21:08:18 +0000	0 - 0 - 2	aidesfacturation.com/	45.131.187.249

Date	UQ / IDS / BL	URL	IP
2023-02-21 05:00:31 +0000	0 - 0 - 4	netflix-mein-konto-de.com/	5.42.199.29
2023-02-03 18:26:49 +0000	0 - 0 - 0	order.sp.dadaowl.com	47.246.44.209
2022-12-29 03:38:51 +0000	0 - 0 - 3	rubriques-factures.fr/	104.40.140.210
2022-12-24 14:45:31 +0000	3 - 7 - 2	accueilsecuri.duckdns.org/	139.144.38.207
2022-12-17 20:11:03 +0000	0 - 0 - 2	xn--amliecartevital-cnb.com/login.php	213.226.123.102

Request	Response
GET /login.php HTTP/1.1 Host: aidesfacturation.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: aidesfacturation.com/login.php FQDN: aidesfacturation.com IP: 45.131.187.249 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 45.131.187.249 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Sun, 04 Sep 2022 22:11:07 GMT Content-Length: 162 Connection: keep-alive Location: https://aidesfacturation.com/login.php --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29" Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6293 Expires: Sun, 04 Sep 2022 23:55:16 GMT Date: Sun, 04 Sep 2022 22:10:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d931e0142ef5ffe9cdb4c4c6bfcb9bc9 Sha1: d9c4caf525e8926b042a14f38d374cc4033ed768 Sha256: f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 04 Sep 2022 21:44:24 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: LMw_lY030uLYZYXoMW87t710mwgYoMd4oRZ9tJLCjbnSq8lFnmRGNQ== Age: 1559 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.49 HASH: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345 143.204.55.49 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 20 Aug 2022 23:18:05 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sun, 04 Sep 2022 01:15:18 GMT etag: "742edb4038f38bc533514982f3d2e861" x-cache: Hit from cloudfront via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 2iLorfgKsQ6MeLH8mCNNgigGhhiKss2_cXXliycvi2nHW8UYVPyegg== age: 75306 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 742edb4038f38bc533514982f3d2e861 Sha1: cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 04 Sep 2022 22:10:23 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d539ec850aa93652a6c1b79e6e8579acba1ec5a6cfcc0780e77a34daebdec0e2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D539EC850AA93652A6C1B79E6E8579ACBA1EC5A6CFCC0780E77A34DAEBDEC0E2" Last-Modified: Fri, 02 Sep 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21594 Expires: Mon, 05 Sep 2022 04:10:17 GMT Date: Sun, 04 Sep 2022 22:10:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f6bd70bdaa61503761c9cb11aa3048e0 Sha1: 42bef30c72d074d706ef7c270d4d0e7f2165b825 Sha256: d539ec850aa93652a6c1b79e6e8579acba1ec5a6cfcc0780e77a34daebdec0e2
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sun, 04 Sep 2022 21:38:16 GMT Cache-Control: max-age=3600 Expires: Sun, 04 Sep 2022 22:08:19 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: W1tv-x8i061wsDizGM42SDJbAxcMOmC8x4V7hM8QyL6Yp3A8OGndCQ== Age: 1927 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /login.php HTTP/1.1 Host: aidesfacturation.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: aidesfacturation.com/login.php FQDN: aidesfacturation.com IP: 45.131.187.249 HASH: c4ecd0f63e5a53b98161ad142d4ee3514bd1f34e0522fb9a8e1db5807663b0d1 45.131.187.249 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Sun, 04 Sep 2022 22:11:07 GMT content-length: 42 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=a0oa1la57llnjvoahtscnu3to5; path=/ vary: Accept-Encoding content-encoding: gzip x-powered-by: PHP/8.0.22, PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 42 Md5: f5121e724cc803ca29fe0ec05adeb819 Sha1: bac1b3a64be4f2a29b0599b1562429e4ca8d6e1e Sha256: c4ecd0f63e5a53b98161ad142d4ee3514bd1f34e0522fb9a8e1db5807663b0d1 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2068 Cache-Control: 'max-age=158059' Date: Sun, 04 Sep 2022 22:10:24 GMT Last-Modified: Sun, 04 Sep 2022 21:35:56 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 77d035f38a45e8a1ec30d5fe9611880b Sha1: 01cf34de95257da64dac90edf5a86203f1160271 Sha256: 7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: AqMVP151TSlZy+CBdijVig== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.39.126.109 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.39.126.109 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: NNuhg98Idb1sjeFXiiTjbnVFlWg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14446 Expires: Mon, 05 Sep 2022 02:11:11 GMT Date: Sun, 04 Sep 2022 22:10:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b15f3f14bd92b7a544ec2347e6810c7b Sha1: dd55fd8396d796082edabb5ab6e2d7fb3b51b731 Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14446 Expires: Mon, 05 Sep 2022 02:11:11 GMT Date: Sun, 04 Sep 2022 22:10:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b15f3f14bd92b7a544ec2347e6810c7b Sha1: dd55fd8396d796082edabb5ab6e2d7fb3b51b731 Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14446 Expires: Mon, 05 Sep 2022 02:11:11 GMT Date: Sun, 04 Sep 2022 22:10:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b15f3f14bd92b7a544ec2347e6810c7b Sha1: dd55fd8396d796082edabb5ab6e2d7fb3b51b731 Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14446 Expires: Mon, 05 Sep 2022 02:11:11 GMT Date: Sun, 04 Sep 2022 22:10:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b15f3f14bd92b7a544ec2347e6810c7b Sha1: dd55fd8396d796082edabb5ab6e2d7fb3b51b731 Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14446 Expires: Mon, 05 Sep 2022 02:11:11 GMT Date: Sun, 04 Sep 2022 22:10:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b15f3f14bd92b7a544ec2347e6810c7b Sha1: dd55fd8396d796082edabb5ab6e2d7fb3b51b731 Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14855 x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wjuGtpoAMFvvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 14:29:26 GMT age: 27659 etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14855 Md5: ca50f9c56ff869b0b63ca71b1a9f8170 Sha1: 13b16ca74113dfd52ccf23e6bb39307fc713f984 Sha256: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8688 x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wifFJYoAMFi0g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: qWfbakQgavws0aT7URut5AdyniAYkEZcd3nz2mtU2zzT7ZhipObNEg== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 21:44:32 GMT age: 1553 etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8688 Md5: 6bb4b1d74f1443bc3328301ab3ae6464 Sha1: 2768253dacaaad6cb498c6b2eb7694208b0ce0a6 Sha256: 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9690 x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wx1HInIAMFiYA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: yzPHrri8V02gVOmIBfBfEiny6w522Ycn9U0Z_-L3VnHgUuhVkuWVdg== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 21:51:41 GMT age: 1124 etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9690 Md5: 1bdfdf7e36f78f2f0e4d7ede9fdb76a8 Sha1: babb88202741bbf2d4fd25e0731a4a7a6fcc28f8 Sha256: 949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11380 x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Xz8TLFA3oAMFQjg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0 x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: s0voKdiDdj0mq8-VRFSWcYcQXaWti7929bpdKSQMWDoVCmOAPepuDg== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 03:48:57 GMT age: 66088 etag: "6ce530af682094dc5413db9de02565691fab4da7" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11380 Md5: fc4ceb10dd9fcaab21ae58dcf10c401f Sha1: 6ce530af682094dc5413db9de02565691fab4da7 Sha256: 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37a5a560-36c9-4ce4-9cd9-c63ef9dd80e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: de9a30cf34ccda6ee06845151a41f489b42a0f9072b481b717abef90095e3f35 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10349 x-amzn-requestid: a1564fd3-2042-449b-baa8-7e06abf02fd2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5w-6EHXIAMFQaw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c85f-26179fef7b74e89f05022fe7;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:34:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: RTb9HYlXQLizx__DP8Pd9FGTylC1RDwk_YoqL8ZbcFnAAu4s0EmTKQ== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Sep 2022 22:13:00 GMT age: 86245 etag: "ffe21e93486c5763ae6ee17fe39c6dbb0cb3e714" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10349 Md5: b827f0dcea3d5bfab9139d239e9f0155 Sha1: ffe21e93486c5763ae6ee17fe39c6dbb0cb3e714 Sha256: de9a30cf34ccda6ee06845151a41f489b42a0f9072b481b717abef90095e3f35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09148d75-a4a3-47e6-8d91-01e8dfad4bc7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2c7f2aa1c725a5d39daf44ee746bb24b5c15aab41c67cf160814f7f87d1aacdf 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8931 x-amzn-requestid: cfc0940f-ad6a-4535-91b7-70b200af68d5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wwGEVEoAMFriw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c800-5b6e6e5e3401eba533fb63df;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: aa71ssSsXM8Z0Q2V4AitycF3hefEZXNqIYsr0vsJyhpE9cDpNEwh6Q== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Sep 2022 22:14:56 GMT age: 86129 etag: "5d5c724e26af57967b9a132a77d3986ba8d6ed9c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8931 Md5: 0eecb70391b63b662d13355e32d95ea1 Sha1: 5d5c724e26af57967b9a132a77d3986ba8d6ed9c Sha256: 2c7f2aa1c725a5d39daf44ee746bb24b5c15aab41c67cf160814f7f87d1aacdf
GET /favicon.ico HTTP/1.1 Host: aidesfacturation.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://aidesfacturation.com/login.php Cookie: PHPSESSID=a0oa1la57llnjvoahtscnu3to5 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: aidesfacturation.com/favicon.ico FQDN: aidesfacturation.com IP: 45.131.187.249 45.131.187.249 HTTP/2 404 Not Found content-type: text/html server: nginx date: Sun, 04 Sep 2022 22:11:07 GMT last-modified: Wed, 17 Aug 2022 19:23:29 GMT etag: W/"328-5e674ccbc4e4b" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Sun, 04 Sep 2022 21:44:24 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: LMw_lY030uLYZYXoMW87t710mwgYoMd4oRZ9tJLCjbnSq8lFnmRGNQ== 

                                        
                                            
Age: 1559 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    91dd975a7b17b2922dd23c0e49314e40

                                                Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2

                                                Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 04 Sep 2022 22:10:23 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sun, 04 Sep 2022 21:38:16 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Sun, 04 Sep 2022 22:08:19 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: W1tv-x8i061wsDizGM42SDJbAxcMOmC8x4V7hM8QyL6Yp3A8OGndCQ== 

                                        
                                            
Age: 1927 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2068 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:10:24 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 21:35:56 GMT 

                                        
                                            
Server: ECS (ska/F712) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    77d035f38a45e8a1ec30d5fe9611880b

                                                Sha1:   01cf34de95257da64dac90edf5a86203f1160271

                                                Sha256: 7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14446 

                                        
                                            
Expires: Mon, 05 Sep 2022 02:11:11 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:10:25 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    b15f3f14bd92b7a544ec2347e6810c7b

                                                Sha1:   dd55fd8396d796082edabb5ab6e2d7fb3b51b731

                                                Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14446 

                                        
                                            
Expires: Mon, 05 Sep 2022 02:11:11 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:10:25 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    b15f3f14bd92b7a544ec2347e6810c7b

                                                Sha1:   dd55fd8396d796082edabb5ab6e2d7fb3b51b731

                                                Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14446 

                                        
                                            
Expires: Mon, 05 Sep 2022 02:11:11 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:10:25 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    b15f3f14bd92b7a544ec2347e6810c7b

                                                Sha1:   dd55fd8396d796082edabb5ab6e2d7fb3b51b731

                                                Sha256: 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8688 

                                        
                                            
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wifFJYoAMFi0g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: qWfbakQgavws0aT7URut5AdyniAYkEZcd3nz2mtU2zzT7ZhipObNEg== 

                                        
                                            
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 21:44:32 GMT 

                                        
                                            
age: 1553 

                                        
                                            
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8688

                                                Md5:    6bb4b1d74f1443bc3328301ab3ae6464

                                                Sha1:   2768253dacaaad6cb498c6b2eb7694208b0ce0a6

                                                Sha256: 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11380 

                                        
                                            
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Xz8TLFA3oAMFQjg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: s0voKdiDdj0mq8-VRFSWcYcQXaWti7929bpdKSQMWDoVCmOAPepuDg== 

                                        
                                            
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 03:48:57 GMT 

                                        
                                            
age: 66088 

                                        
                                            
etag: "6ce530af682094dc5413db9de02565691fab4da7" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11380

                                                Md5:    fc4ceb10dd9fcaab21ae58dcf10c401f

                                                Sha1:   6ce530af682094dc5413db9de02565691fab4da7

                                                Sha256: 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09148d75-a4a3-47e6-8d91-01e8dfad4bc7.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8931 

                                        
                                            
x-amzn-requestid: cfc0940f-ad6a-4535-91b7-70b200af68d5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wwGEVEoAMFriw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c800-5b6e6e5e3401eba533fb63df;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: aa71ssSsXM8Z0Q2V4AitycF3hefEZXNqIYsr0vsJyhpE9cDpNEwh6Q== 

                                        
                                            
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 03 Sep 2022 22:14:56 GMT 

                                        
                                            
age: 86129 

                                        
                                            
etag: "5d5c724e26af57967b9a132a77d3986ba8d6ed9c" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8931

                                                Md5:    0eecb70391b63b662d13355e32d95ea1

                                                Sha1:   5d5c724e26af57967b9a132a77d3986ba8d6ed9c

                                                Sha256: 2c7f2aa1c725a5d39daf44ee746bb24b5c15aab41c67cf160814f7f87d1aacdf

URL	aidesfacturation.com/login.php
IP	45.131.187.249 (Hong Kong)
ASN	#137523 HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-04 22:10:34 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (8)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.131.187.249

Last 5 reports on ASN: HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

Last 5 reports on domain: aidesfacturation.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (22)

Overview

Domain Summary (8)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.131.187.249

Last 5 reports on ASN: HONGKONG CLOUD NETWORK TECHNOLOGY CO., LIMITED

Last 5 reports on domain: aidesfacturation.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (22)

Network Intrusion Detection Systems