urlquery - report: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (8)	344	No data	No data	23.36.76.226
tamarafreitas.com (19)	0	2021-09-09 16:21:43 UTC	2022-11-24 19:39:51 UTC	149.62.169.16	Unknown ranking
cfspart.impots.gouv.fr (2)	643420	2017-02-05 07:17:33 UTC	2022-11-24 14:12:55 UTC	145.242.11.27
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-24 05:36:55 UTC	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-24 05:30:55 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.43.228.5
ocsp.usertrust.com (1)	899	2012-05-21 15:43:18 UTC	2021-11-02 18:02:09 UTC	104.18.32.68

Scan Date	Severity	Indicator	Comment
2022-11-24	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	DGI (French Tax Authority)

Scan Date	Severity	Indicator	Comment
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing
2022-11-25	2	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node2 (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2022-12-06 12:49:12 +0000	27 - 0 - 14	tamarafreitas.com/LESS9382JS/ESATEESF433BVSED (...)	149.62.169.16
2022-12-06 10:03:05 +0000	27 - 0 - 15	tamarafreitas.com/LESS9382JS/ESATEESF433BVSED (...)	149.62.169.16
2022-12-04 11:22:37 +0000	0 - 0 - 17	tamarafreitas.com/reservas_2/font/Ace_Sans/OT (...)	149.62.169.16
2022-12-03 18:34:26 +0000	0 - 0 - 13	tamarafreitas.com/reservas/font/Ace_Sans/saud (...)	149.62.169.16
2022-11-25 05:24:42 +0000	0 - 0 - 14	tamarafreitas.com/reservas_2/font/Ace_Sans/OT (...)	149.62.169.16

Date	UQ / IDS / BL	URL	IP
2023-02-08 10:57:02 +0000	0 - 0 - 0	www.iptv-spain.com	185.129.249.246
2023-02-07 14:34:47 +0000	0 - 0 - 2	equilibrioconsciente.com/ines/ZS/4253b6ef4152 (...)	185.86.210.46
2023-02-07 01:42:36 +0000	0 - 0 - 28	fisioterapiaenvigo.es/	185.176.9.170
2023-02-06 20:30:32 +0000	0 - 0 - 6	gestine.es/wp/privacy-policy/login.html	188.164.198.167
2023-02-06 11:41:52 +0000	0 - 0 - 38	piensosfauna.com/	185.176.9.170

Date	UQ / IDS / BL	URL	IP
2022-12-06 12:49:12 +0000	27 - 0 - 14	tamarafreitas.com/LESS9382JS/ESATEESF433BVSED (...)	149.62.169.16
2022-12-06 10:03:05 +0000	27 - 0 - 15	tamarafreitas.com/LESS9382JS/ESATEESF433BVSED (...)	149.62.169.16
2022-12-04 11:22:37 +0000	0 - 0 - 17	tamarafreitas.com/reservas_2/font/Ace_Sans/OT (...)	149.62.169.16
2022-12-03 18:34:26 +0000	0 - 0 - 13	tamarafreitas.com/reservas/font/Ace_Sans/saud (...)	149.62.169.16
2022-11-25 05:24:42 +0000	0 - 0 - 14	tamarafreitas.com/reservas_2/font/Ace_Sans/OT (...)	149.62.169.16

Date	UQ / IDS / BL	URL	IP
2022-12-04 11:22:37 +0000	0 - 0 - 17	tamarafreitas.com/reservas_2/font/Ace_Sans/OT (...)	149.62.169.16

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: d4128f90cee4c418df48d8236af8b6529bc8b9b87921d20b4915358161c2dfb1 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D4128F90CEE4C418DF48D8236AF8B6529BC8B9B87921D20B4915358161C2DFB1" Last-Modified: Thu, 24 Nov 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17275 Expires: Fri, 25 Nov 2022 10:12:07 GMT Date: Fri, 25 Nov 2022 05:24:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 191b1cd61cebdd9d90d35b797ed39f14 Sha1: 2c189e981b3cd4781944c7aea1e7e84e9b7a44ea Sha256: d4128f90cee4c418df48d8236af8b6529bc8b9b87921d20b4915358161c2dfb1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA" Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11854 Expires: Fri, 25 Nov 2022 08:41:46 GMT Date: Fri, 25 Nov 2022 05:24:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7c60904d097cde276e4e5632cef1b9f1 Sha1: 4f805026462589345d85e8df2d18eafba6237504 Sha256: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4303 Cache-Control: max-age=109122 Date: Fri, 25 Nov 2022 05:24:12 GMT Etag: "637f47ef-1d7" Expires: Sat, 26 Nov 2022 11:42:54 GMT Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af40a2fcf8debb90c3608002da6c907a Sha1: 3c75d6c0b557a3bd8d5db50155b8d896e852c145 Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 25 Nov 2022 05:17:24 GMT cache-control: public,max-age=3600 age: 408 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 4d7e4eed097b9c4e5d509419f1cfc85a Sha1: 290bb3d428a7c6330e2e3d73a952b16f820896c8 Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5221 Expires: Fri, 25 Nov 2022 06:51:13 GMT Date: Fri, 25 Nov 2022 05:24:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8c63b226725ca6e92e3ef586ac19e603 Sha1: d21ae42a1927501e5293ff3564f52b49f6b0decc Sha256: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: YmTpL7VdAS5SKdaxB2eJ/NbSZCxm3DghkEBV10S2tIh9XWl8KdWMAD/9Lwe6wtIR4WvTykCeqxk= x-amz-request-id: 8936M1FAS60KGENJ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 25 Nov 2022 04:40:40 GMT age: 2612 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: e42bcc860882969a9dc936911d7189ad87414cce987bad1a20b2cec022424497 149.62.169.16 HTTP/1.1 200 OK Content-Type: text/html Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Wed, 23 Nov 2022 14:31:15 GMT ETag: "302b-5ee242412d2c0-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 3048 Keep-Alive: timeout=3, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 3048 Md5: fbd5c58b56a192d8fcf3b3afcacfd934 Sha1: ab22e46ac1f115ad0b9bcd937a0ece3c43e2a99f Sha256: e42bcc860882969a9dc936911d7189ad87414cce987bad1a20b2cec022424497 Alerts: Blocklists: - openphish: DGI (French Tax Authority) - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 25 Nov 2022 05:24:12 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/application2.9.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 1d39a4f3cf58c3cd31caa2ee9212b5dde6de2e4d6caa2eaa2f3e164f2eb62c2f 149.62.169.16 HTTP/1.1 200 OK Content-Type: text/plain Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT ETag: "c31-57b0829281200-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 961 Keep-Alive: timeout=3, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 961 Md5: 6bd5729eab64b6b818d71ec94df199a0 Sha1: e524f4227989cad420c8420ca30d0b55b7ec0b89 Sha256: 1d39a4f3cf58c3cd31caa2ee9212b5dde6de2e4d6caa2eaa2f3e164f2eb62c2f Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/jquery.min.js.a.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/jquery-ui.js.b.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/datepicker-jquery-ui.js HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 19:00:10 GMT ETag: "2e24-57b0920470280-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/bootstrap.js.d.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=299 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.js.e.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=299 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/satelit.js.f.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=299 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/dialogue.js.11.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=299 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/boutonsgeneriques.js.12 HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/javascript Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=298 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 25 Nov 2022 05:11:11 GMT cache-control: public,max-age=3600 age: 781 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.css HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: cfb13152305d35d13df83c4032dc8f3de604c4657a558196631aaebaf9fedf5b 149.62.169.16 HTTP/1.1 200 OK Content-Type: text/css Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT ETag: "65d5e-57b0829281200-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Keep-Alive: timeout=3, max=299 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (65368) Size: 82166 Md5: 537620cf9cd248b48a89cf20754ac51f Sha1: c33fadbe3c75124384d99ba2f1deb817b32e919f Sha256: cfb13152305d35d13df83c4032dc8f3de604c4657a558196631aaebaf9fedf5b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2044 Cache-Control: max-age=101800 Date: Fri, 25 Nov 2022 05:24:13 GMT Etag: "637f3429-1d7" Expires: Sat, 26 Nov 2022 09:40:53 GMT Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb6949e7abaa473393f7c604691de14f Sha1: 599681bba3947709baa603bbae2dd7afd04059a4 Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: mCyRPAJA0E03w/4R2cibxg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.43.228.5 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.43.228.5 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: eEVVP4bDSprgVlwTRaCNhIB1Nn8= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.8.delaye HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 3f13e198d0d42544194bea9062e8463a9ef77047211658af992eec1938b84e0c 149.62.169.16 HTTP/1.1 200 OK Content-Type: application/x-troff-man Date: Fri, 25 Nov 2022 05:24:12 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT ETag: "65d1f-57b0829281200" Accept-Ranges: bytes Content-Length: 417055 X-Powered-By: PleskLin Keep-Alive: timeout=3, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (65368) Size: 417055 Md5: a17499b977aa5f68f889dc91ee6dcf96 Sha1: 8ce8afa4564ccdd7fc337a694a2b8021cd020ec4 Sha256: 3f13e198d0d42544194bea9062e8463a9ef77047211658af992eec1938b84e0c Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/ta3.png HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: bda626f9a65798d374231e7a83027fbb2dbb53b9e7662a247f32a4de1b03b4f2 149.62.169.16 HTTP/1.1 200 OK Content-Type: image/png Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT ETag: "1b0-57b0829281200" Accept-Ranges: bytes Content-Length: 432 X-Powered-By: PleskLin Keep-Alive: timeout=3, max=298 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 17 x 19, 8-bit/color RGB, non-interlaced\012- data Size: 432 Md5: 9ae0b7a7040b979825e1d4c8fb9589a3 Sha1: d838d04af56a4a081397c8b9c73219c5c4805e6b Sha256: bda626f9a65798d374231e7a83027fbb2dbb53b9e7662a247f32a4de1b03b4f2
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/suit.png HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: ad20b04fe8aa8e8c54449b387d21e854198e618a820bbca3f8a8bb01f62b0761 149.62.169.16 HTTP/1.1 200 OK Content-Type: image/png Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT ETag: "5b1-57b0829281200" Accept-Ranges: bytes Content-Length: 1457 X-Powered-By: PleskLin Keep-Alive: timeout=3, max=298 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 88 x 68, 8-bit/color RGB, non-interlaced\012- data Size: 1457 Md5: b8f3245ef96c6b7e0d6724f9930f8cf5 Sha1: 41a1509019219d6efe2ae0ecd9dcf9de1c1417f9 Sha256: ad20b04fe8aa8e8c54449b387d21e854198e618a820bbca3f8a8bb01f62b0761
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/boutton.png HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 833cf2f16ce40bd7ddd7b31bce4ce464d92e9cbe032fc12675fd80ef55239a6f 149.62.169.16 HTTP/1.1 200 OK Content-Type: image/png Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT ETag: "3e9-57b0829281200" Accept-Ranges: bytes Content-Length: 1001 X-Powered-By: PleskLin Keep-Alive: timeout=3, max=299 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 107 x 37, 8-bit/color RGB, non-interlaced\012- data Size: 1001 Md5: bbeb4383154a9c108865ac7a04d28886 Sha1: cc9d69202a0742e699490586c1e03f3be426c243 Sha256: 833cf2f16ce40bd7ddd7b31bce4ce464d92e9cbe032fc12675fd80ef55239a6f
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/fonts/opensan/opensans-regular.20.del HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd 149.62.169.16 HTTP/1.1 200 OK Content-Type: text/html Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00" Accept-Ranges: bytes Content-Length: 11812 Vary: Accept-Encoding X-Powered-By: PleskLin Keep-Alive: timeout=3, max=298 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 11812 Md5: e58a860d8e41196fe5a0d71131d5f341 Sha1: eb3088e3a139889d331af84dcf3e06fba2613c63 Sha256: b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/cfspart.impots.gouv.fr/stl/styles/rwd/img/favicon-152.png HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/cfspart.impots.gouv.fr/stl (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 082c5eba49fccc8b9d7bb3594c72ffb1e741eb051a806af3daf126a294e5da2f 149.62.169.16 HTTP/1.1 404 Not Found Content-Type: text/html Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Tue, 06 Sep 2022 17:25:01 GMT ETag: "719-5e80579f03efb" Accept-Ranges: bytes Content-Length: 1817 X-Powered-By: PleskLin Keep-Alive: timeout=3, max=298 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 1817 Md5: 9f3e4c2e5bca00e0d1a5667ec3876881 Sha1: 769ed6d0b884bf25025ed37ee437e6ee21601d64 Sha256: 082c5eba49fccc8b9d7bb3594c72ffb1e741eb051a806af3daf126a294e5da2f
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/fonts/opensan/opensans-regular.21.del HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd 149.62.169.16 HTTP/1.1 200 OK Content-Type: text/html Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00" Accept-Ranges: bytes Content-Length: 11812 Vary: Accept-Encoding X-Powered-By: PleskLin Keep-Alive: timeout=3, max=297 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 11812 Md5: e58a860d8e41196fe5a0d71131d5f341 Sha1: eb3088e3a139889d331af84dcf3e06fba2613c63 Sha256: b98e58f0f2c62969d61ce2ec31043dacb8d378ecbbfcae138b6250d432e195dd Alerts: Blocklists: - fortinet: Phishing
GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/fonts/opensan/opensans-regular.22.del HTTP/1.1 Host: tamarafreitas.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/ (...) FQDN: tamarafreitas.com IP: 149.62.169.16 HASH: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 149.62.169.16 HTTP/1.1 200 OK Content-Type: text/html Date: Fri, 25 Nov 2022 05:24:13 GMT Server: Apache Last-Modified: Tue, 20 Nov 2018 00:49:52 GMT ETag: "2e24-57b0e02e6ec00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-Powered-By: PleskLin Content-Length: 4017 Keep-Alive: timeout=3, max=297 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358) Size: 4017 Md5: 2d5605a88880ddef7fb72a9280900f78 Sha1: 9729a6edf55c86a130364c3daaa9163caa132570 Sha256: 17270a908d31534a62cdaf28cbb5232f628299ebfbbd0f89e0e1547ab90fd399 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.usertrust.com/ FQDN: ocsp.usertrust.com IP: 104.18.32.68 HASH: 7e361f2e2ef74f999fca6c51ccfb030e996dbee63256ccc2e16276c03d023e88 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 05:24:13 GMT Content-Length: 2236 Connection: keep-alive Last-Modified: Wed, 23 Nov 2022 10:12:16 GMT Expires: Wed, 30 Nov 2022 10:12:15 GMT Etag: "56bd11cefa7ffbba217fe6305ce065fce4b0ae80" Cache-Control: max-age=602758,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 72 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 76f7f4f33ce6b51e-OSL --- Additional Info --- Magic: data Size: 2236 Md5: 4acf128ebf36446272a690550af5cdfb Sha1: 56bd11cefa7ffbba217fe6305ce065fce4b0ae80 Sha256: 7e361f2e2ef74f999fca6c51ccfb030e996dbee63256ccc2e16276c03d023e88
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 4c8004bc9e00eee99a9f298b42e2d48d3cdffe375306552349e7f47e49f7b53a 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 05:24:14 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 21 Nov 2022 18:59:04 GMT Expires: Mon, 28 Nov 2022 18:59:03 GMT Etag: "9cae75546ae058f3e75bb3543d8a5d8ba4d4b47e" Cache-Control: max-age=307489,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f7f4f34fc4b518-OSL --- Additional Info --- Magic: data Size: 472 Md5: 331d3c2cc73bd370b3e747f9a6cca248 Sha1: 9cae75546ae058f3e75bb3543d8a5d8ba4d4b47e Sha256: 4c8004bc9e00eee99a9f298b42e2d48d3cdffe375306552349e7f47e49f7b53a
GET /stl/styles/rwd/img/favicon.ico HTTP/1.1 Host: cfspart.impots.gouv.fr User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://tamarafreitas.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cfspart.impots.gouv.fr/stl/styles/rwd/img/favicon.ico FQDN: cfspart.impots.gouv.fr IP: 145.242.11.27 HASH: 0197564551359801a069d06a2455b5a9dc6e0ee06a855e8f1419c409764ecc5e 145.242.11.27 HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 05:24:14 GMT Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Set-Cookie: lemondgfipprodpart=_test_client; domain=cfspart.impots.gouv.fr; path=/ Pragma: no-cache Connection: close Location: https://cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL3N0bC9zdHlsZXMvcndkL2ltZy9mYXZpY29uLmljbw== Content-Length: 324 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 324 Md5: 17efb749d9472c5c4ee9511ac32349d6 Sha1: d427f9a8dd211391276970116539e8d38b2455db Sha256: 0197564551359801a069d06a2455b5a9dc6e0ee06a855e8f1419c409764ecc5e
GET /LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL3N0bC9zdHlsZXMvcndkL2ltZy9mYXZpY29uLmljbw== HTTP/1.1 Host: cfspart.impots.gouv.fr User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://tamarafreitas.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cfspart.impots.gouv.fr/LoginAccess?op=c&url=aHR0cHM6Ly9 (...) FQDN: cfspart.impots.gouv.fr IP: 145.242.11.27 HASH: da9b08a2926cc47fdf80fc0483d8b5e00b6b91b3bda4f194c51c13f46161b89d 145.242.11.27 HTTP/1.1 200 OK Content-Type: text/html; charset=ISO-8859-1 Date: Fri, 25 Nov 2022 05:24:14 GMT Server: Apache Set-Cookie: ctxcfs=fa09781799b929796a71b08d2e01ced7; domain=cfspart.impots.gouv.fr; path=/ Strict-Transport-Security: max-age=63072000; includeSubdomains; preload X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' https://app.franceconnect.gouv.fr https://cfsfc.impots.gouv.fr ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ; X-Frame-Options: SAMEORIGIN Via: dpapusx027 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 12868 Keep-Alive: timeout=1, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (464) Size: 12868 Md5: b0b7dba38ea75802a71688b40b838999 Sha1: b0b9c75f8fda33a1d1dbe1ad4cd0b08aa1157948 Sha256: da9b08a2926cc47fdf80fc0483d8b5e00b6b91b3bda4f194c51c13f46161b89d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14680 Expires: Fri, 25 Nov 2022 09:28:54 GMT Date: Fri, 25 Nov 2022 05:24:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14680 Expires: Fri, 25 Nov 2022 09:28:54 GMT Date: Fri, 25 Nov 2022 05:24:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14680 Expires: Fri, 25 Nov 2022 09:28:54 GMT Date: Fri, 25 Nov 2022 05:24:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14680 Expires: Fri, 25 Nov 2022 09:28:54 GMT Date: Fri, 25 Nov 2022 05:24:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14680 Expires: Fri, 25 Nov 2022 09:28:54 GMT Date: Fri, 25 Nov 2022 05:24:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: b75c00c21f5854618bc06d14b8d83c40 Sha1: ae14f585ae9682e6c2fad146c12c00ee4d83e8f3 Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10679 x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b4J3VEM5IAMFtcg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0 x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GkCprkFbPK6I-bo5k-rs37xaRDpqgUYbOydu2fd5-fTwqQ-d5lWlWw== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 05:12:48 GMT age: 686 etag: "2ec124224738807229328a3ade6ca493ccf4b287" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10679 Md5: e2580ebded0a32ceecc3083ae1db2b37 Sha1: 2ec124224738807229328a3ade6ca493ccf4b287 Sha256: 010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F216636c8-4200-4f0d-83d2-8579be32f1ac.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4270 x-amzn-requestid: 7327f8fb-804b-4d09-83dc-628e35ffa74b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB8xFwXoAMFkqQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe384-33f83cea2c585279140f4f59;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: NLXTbS53l_c-lByM8Ym4_tfOlgP2lB-F1dYxOSfdeEfBSM41X0Cpug== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:35:01 GMT etag: "6217a262002244ef3f2e8034076a735cafd9888a" age: 28153 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4270 Md5: 648677a7e7bab1896a190d2e5fb7243c Sha1: 6217a262002244ef3f2e8034076a735cafd9888a Sha256: 72f2913f7c0770ebab0f2683bdc1ec5a5db8872e8f2c62a8fd5c9178b95dbb06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: blE0hGNioAMF_Tg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0 x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 07:14:07 GMT age: 79807 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11586 x-amzn-requestid: df9d2675-0615-4993-83ab-87cdac30c05f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b8JyoGElIAMFh-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637b2343-315ac9210f212c9134ffa103;Sampled=0 x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:39 GMT x-amz-cf-pop: SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: snfgherDVfBenP9XouMzFtaWfXLh4TeiwDmEb0hQh5L9Ww57Hkxl3g== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 22:30:43 GMT age: 24811 etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11586 Md5: c6b9b5ebc32235ed8f3e15df013963f0 Sha1: 46ee95ebee3d60f64d2b7f568673b13ea27a42a3 Sha256: 4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6049 x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: brsokHSgoAMF_RQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0 x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: KDIu_SbDdEi4ynoXJsXclQJmaAse8FTkyZdGCzmv0Pvgj3C0bus8XQ== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 02:55:18 GMT age: 8936 etag: "29edd439b6e7894bc4771fc655a50d926f349a08" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6049 Md5: 73f65dfa986cf95e8fb459778b945c59 Sha1: 29edd439b6e7894bc4771fc655a50d926f349a08 Sha256: c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3955 x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCM9NGJHoAMF4sQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 02:07:28 GMT age: 11806 etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3955 Md5: 4006a9037ab5f28dca62b0aa7a704c41 Sha1: 74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D4128F90CEE4C418DF48D8236AF8B6529BC8B9B87921D20B4915358161C2DFB1" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 23:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=17275 

                                        
                                            
Expires: Fri, 25 Nov 2022 10:12:07 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    191b1cd61cebdd9d90d35b797ed39f14

                                                Sha1:   2c189e981b3cd4781944c7aea1e7e84e9b7a44ea

                                                Sha256: d4128f90cee4c418df48d8236af8b6529bc8b9b87921d20b4915358161c2dfb1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4303 

                                        
                                            
Cache-Control: max-age=109122 

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:12 GMT 

                                        
                                            
Etag: "637f47ef-1d7" 

                                        
                                            
Expires: Sat, 26 Nov 2022 11:42:54 GMT 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    af40a2fcf8debb90c3608002da6c907a

                                                Sha1:   3c75d6c0b557a3bd8d5db50155b8d896e852c145

                                                Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5221 

                                        
                                            
Expires: Fri, 25 Nov 2022 06:51:13 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8c63b226725ca6e92e3ef586ac19e603

                                                Sha1:   d21ae42a1927501e5293ff3564f52b49f6b0decc

                                                Sha256: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

                                        
                                            GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_/inea.css HTTP/1.1 

                                        
                                            
Host: tamarafreitas.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         149.62.169.16

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:12 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT 

                                        
                                            
ETag: "65d5e-57b0829281200-gzip" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
X-Powered-By: PleskLin 

                                        
                                            
Keep-Alive: timeout=3, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (65368)

                                                Size:   82166

                                                Md5:    537620cf9cd248b48a89cf20754ac51f

                                                Sha1:   c33fadbe3c75124384d99ba2f1deb817b32e919f

                                                Sha256: cfb13152305d35d13df83c4032dc8f3de604c4657a558196631aaebaf9fedf5b

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: mCyRPAJA0E03w/4R2cibxg== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.43.228.5

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: eEVVP4bDSprgVlwTRaCNhIB1Nn8= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/ta3.png HTTP/1.1 

                                        
                                            
Host: tamarafreitas.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         149.62.169.16

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:13 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT 

                                        
                                            
ETag: "1b0-57b0829281200" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 432 

                                        
                                            
X-Powered-By: PleskLin 

                                        
                                            
Keep-Alive: timeout=3, max=298 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 17 x 19, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   432

                                                Md5:    9ae0b7a7040b979825e1d4c8fb9589a3

                                                Sha1:   d838d04af56a4a081397c8b9c73219c5c4805e6b

                                                Sha256: bda626f9a65798d374231e7a83027fbb2dbb53b9e7662a247f32a4de1b03b4f2

                                        
                                            GET /reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/boutton.png HTTP/1.1 

                                        
                                            
Host: tamarafreitas.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         149.62.169.16

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:13 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Mon, 19 Nov 2018 17:51:04 GMT 

                                        
                                            
ETag: "3e9-57b0829281200" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 1001 

                                        
                                            
X-Powered-By: PleskLin 

                                        
                                            
Keep-Alive: timeout=3, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 107 x 37, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   1001

                                                Md5:    bbeb4383154a9c108865ac7a04d28886

                                                Sha1:   cc9d69202a0742e699490586c1e03f3be426c243

                                                Sha256: 833cf2f16ce40bd7ddd7b31bce4ce464d92e9cbe032fc12675fd80ef55239a6f

                                        
                                            GET /reservas_2/cfspart.impots.gouv.fr/stl/styles/rwd/img/favicon-152.png HTTP/1.1 

                                        
                                            
Host: tamarafreitas.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         149.62.169.16

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:13 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Tue, 06 Sep 2022 17:25:01 GMT 

                                        
                                            
ETag: "719-5e80579f03efb" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 1817 

                                        
                                            
X-Powered-By: PleskLin 

                                        
                                            
Keep-Alive: timeout=3, max=298 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text

                                                Size:   1817

                                                Md5:    9f3e4c2e5bca00e0d1a5667ec3876881

                                                Sha1:   769ed6d0b884bf25025ed37ee437e6ee21601d64

                                                Sha256: 082c5eba49fccc8b9d7bb3594c72ffb1e741eb051a806af3daf126a294e5da2f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:14 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Mon, 21 Nov 2022 18:59:04 GMT 

                                        
                                            
Expires: Mon, 28 Nov 2022 18:59:03 GMT 

                                        
                                            
Etag: "9cae75546ae058f3e75bb3543d8a5d8ba4d4b47e" 

                                        
                                            
Cache-Control: max-age=307489,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb6 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 76f7f4f34fc4b518-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    331d3c2cc73bd370b3e747f9a6cca248

                                                Sha1:   9cae75546ae058f3e75bb3543d8a5d8ba4d4b47e

                                                Sha256: 4c8004bc9e00eee99a9f298b42e2d48d3cdffe375306552349e7f47e49f7b53a

                                        
                                            GET /LoginAccess?op=c&url=aHR0cHM6Ly9jZnNwYXJ0LmltcG90cy5nb3V2LmZyL3N0bC9zdHlsZXMvcndkL2ltZy9mYXZpY29uLmljbw== HTTP/1.1 

                                        
                                            
Host: cfspart.impots.gouv.fr

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://tamarafreitas.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         145.242.11.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=ISO-8859-1

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:14 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Set-Cookie: ctxcfs=fa09781799b929796a71b08d2e01ced7; domain=cfspart.impots.gouv.fr; path=/ 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Xss-Protection: 1; mode=block 

                                        
                                            
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' https://app.franceconnect.gouv.fr https://cfsfc.impots.gouv.fr ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ; 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Via: dpapusx027 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 12868 

                                        
                                            
Keep-Alive: timeout=1, max=100 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (464)

                                                Size:   12868

                                                Md5:    b0b7dba38ea75802a71688b40b838999

                                                Sha1:   b0b9c75f8fda33a1d1dbe1ad4cd0b08aa1157948

                                                Sha256: da9b08a2926cc47fdf80fc0483d8b5e00b6b91b3bda4f194c51c13f46161b89d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14680 

                                        
                                            
Expires: Fri, 25 Nov 2022 09:28:54 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:14 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    b75c00c21f5854618bc06d14b8d83c40

                                                Sha1:   ae14f585ae9682e6c2fad146c12c00ee4d83e8f3

                                                Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14680 

                                        
                                            
Expires: Fri, 25 Nov 2022 09:28:54 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 05:24:14 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    b75c00c21f5854618bc06d14b8d83c40

                                                Sha1:   ae14f585ae9682e6c2fad146c12c00ee4d83e8f3

                                                Sha256: a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10679 

                                        
                                            
x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: b4J3VEM5IAMFtcg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: GkCprkFbPK6I-bo5k-rs37xaRDpqgUYbOydu2fd5-fTwqQ-d5lWlWw== 

                                        
                                            
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 05:12:48 GMT 

                                        
                                            
age: 686 

                                        
                                            
etag: "2ec124224738807229328a3ade6ca493ccf4b287" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10679

                                                Md5:    e2580ebded0a32ceecc3083ae1db2b37

                                                Sha1:   2ec124224738807229328a3ade6ca493ccf4b287

                                                Sha256: 010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4309 

                                        
                                            
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: blE0hGNioAMF_Tg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g== 

                                        
                                            
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 07:14:07 GMT 

                                        
                                            
age: 79807 

                                        
                                            
etag: "126771b86638108050cf57c0d12faa27f80f0edb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4309

                                                Md5:    841a4b110022a99ddea6f7bf66df0fa1

                                                Sha1:   126771b86638108050cf57c0d12faa27f80f0edb

                                                Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b4f6042-6f6f-4572-b535-71b1a4b587e8.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6049 

                                        
                                            
x-amzn-requestid: 96e5c00c-1565-4e9f-aa5b-6da99785a03b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: brsokHSgoAMF_RQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63748e36-547f241a67f3703958f2eade;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 16 Nov 2022 07:16:06 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: KDIu_SbDdEi4ynoXJsXclQJmaAse8FTkyZdGCzmv0Pvgj3C0bus8XQ== 

                                        
                                            
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 02:55:18 GMT 

                                        
                                            
age: 8936 

                                        
                                            
etag: "29edd439b6e7894bc4771fc655a50d926f349a08" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6049

                                                Md5:    73f65dfa986cf95e8fb459778b945c59

                                                Sha1:   29edd439b6e7894bc4771fc655a50d926f349a08

                                                Sha256: c6182797d5fce1a086580a338929e851a73ccb75e6432b12969aae6f0952fa27

URL	tamarafreitas.com/reservas_2/font/Ace_Sans/OTF/AceSans/gouv_frportail_node22/FMf5BFHFS54dfFRANCE22IMPOTsd/7e85f/Paiement_confirmation.html
IP	149.62.169.16 (Spain)
ASN	#50926 Axarnet Comunicaciones, S.l.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-25 05:24:23 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	15
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (11)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 149.62.169.16

Last 5 reports on ASN: Axarnet Comunicaciones, S.l.

Last 5 reports on domain: tamarafreitas.com

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (44)

Overview

Domain Summary (11)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 149.62.169.16

Last 5 reports on ASN: Axarnet Comunicaciones, S.l.

Last 5 reports on domain: tamarafreitas.com

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (44)

Network Intrusion Detection Systems