Report - xarxc-muanetr.net/login.php

Report Overview

Submitted URL
xarxc-muanetr.net/login.php
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-18 04:15:58
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
xarxc-muanetr.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	375 kB	172.67.137.217
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.10.184.136
sentry.io	2743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	571 B	60 kB	35.188.42.15
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	143.204.42.158
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.4 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
firehose.us-west-2.amazonaws.com	5730	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	938 B	705 B	35.89.72.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-18	medium	xarxc-muanetr.net/login.php	Phishing
2023-01-18	medium	xarxc-muanetr.net/login_up.php	Phishing
2023-01-18	medium	xarxc-muanetr.net/login.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	xarxc-muanetr.net/modules/notifier/global.js?1673073157	15 kB	2023-03-08	2023-10-15
Pretty URL xarxc-muanetr.net/modules/notifier/global.js?1673073157 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:21:27 Last Seen2023-10-15 10:24:37 Times Seen1869 Hash 75017fa816a5cfab9fcecac0b84f9ed5 844ab1cfb5f24e43a0585ec4fa44053376a4d13c dd22b0163452cdeb3545cfa50dd2e2bcb9d37776b7d8a1a3a5bf73737332eddc Loading...

	xarxc-muanetr.net/cp/javascript/externals/prototype.js?1673367587	97 kB	2023-03-12	2023-10-14
Pretty URL xarxc-muanetr.net/cp/javascript/externals/prototype.js?1673367587 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:49:10 Last Seen2023-10-14 05:10:16 Times Seen151 Hash a7435ba70a0e79b03c70041024e24dbf 9e98ff4f4a812f56f0c26f257066d90fdec01c98 bc5fd56dd13d2a7a13bace2e08b7ba8e77614ed19e6d7f9d04ad561a9ab172f3 Loading...

	xarxc-muanetr.net/login_up.php	196 B	2023-03-12	2023-10-14
Pretty URL xarxc-muanetr.net/login_up.php IP 104.21.86.239 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:16:33 Last Seen2023-10-14 05:10:16 Times Seen41 Hash cd34e5e0696d59dda959f4267f3cf31c 0102436b16a586c726ac9c78da3a76c14dee2603 107ba579afa2ddd7d46e2c1f5197ac70d1e446d3f6d2318432e317c39cadb1bd Loading...

	xarxc-muanetr.net/login_up.php	499 B	2023-03-13	2023-03-13
Pretty URL xarxc-muanetr.net/login_up.php IP 104.21.86.239 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:51:14 Last Seen2023-03-13 01:51:14 Times Seen1 Hash 7b6e9c87b34257cd1a0ac79d7ebd7e24 bde18652398be3eafd5969e52c297850059fd10c 01c259578e95e3f4062e3cb631f663c0c97c3c0991e73ff0fe4989ffc005a183 Loading...

	xarxc-muanetr.net/login_up.php	51 B	2023-03-08	2024-04-17
Pretty URL xarxc-muanetr.net/login_up.php IP 104.21.86.239 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:21:27 Last Seen2024-04-17 18:18:36 Times Seen1072 Hash 4ba9671892ee40ef730a9de509f739aa fb9d10e170d9e076a15dafcc6f6c72c7e6dea4e9 89e0312bdb2d175a6b1fe8e30843f86a88f45354029b304c48baa69a776df696 Loading...

	xarxc-muanetr.net/cp/javascript/externals/require.js?1673367587	18 kB	2023-03-07	2024-04-17
Pretty URL xarxc-muanetr.net/cp/javascript/externals/require.js?1673367587 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-04-17 18:18:37 Times Seen2048 Hash 220acf7972072071438cc24778c255ff 590d02db4b7d2be0864a64efec3525e07a40e271 af09ac9bed074d089e213edb597d36acfe0ce46dfe9112f290776395fb61986d Loading...

	xarxc-muanetr.net/ui-library/plesk-ui-library.min.js?1673367587	486 kB	2023-03-12	2023-10-14
Pretty URL xarxc-muanetr.net/ui-library/plesk-ui-library.min.js?1673367587 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 09:49:10 Last Seen2023-10-14 05:10:16 Times Seen45 Hash bd51c884906f2d510bed534ab4b7dee5 41fdcc2cf84978cb4c50558243e4d7974fc4563c 5ed0765115d32c5f5f251675a60324ac42bbbe7a01632d380ff70649e3c6825d Loading...

	xarxc-muanetr.net/modules/letsencrypt/global.js?1669123970	726 B	2023-03-07	2024-04-17
Pretty URL xarxc-muanetr.net/modules/letsencrypt/global.js?1669123970 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-04-17 18:18:36 Times Seen1346 Hash 4acc4592b2dce096cae6507c3eb1ee40 aaddedad4e54fd1a00a8d1df7becfb212393e414 02cc6928e5d72c61fbc379087a5ce4d29262a281c457aecebe86bbfb4a136af5 Loading...

	xarxc-muanetr.net/login_up.php	14 kB	2023-03-13	2023-03-13
Pretty URL xarxc-muanetr.net/login_up.php IP 104.21.86.239 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:51:14 Last Seen2023-03-13 01:51:14 Times Seen1 Hash ca825f69a8783d3ed7e13d5afc963de3 84f17a3f01961b3673db6e4e20fe9effbb8b82ee e76525f48433b2585ddec427f142196a630ffb1c4c8df1e959ab9790f01399f8 Loading...

HTTP Transactions (27)

URL IP Response Size

xarxc-muanetr.net/login.php

172.67.137.217

301 Moved Permanently

0 B

URL HTTP/1.1
xarxc-muanetr.net/login.php
IP
172.67.137.217:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login.php HTTP/1.1
Host: xarxc-muanetr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 04:15:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 18 Jan 2023 05:15:47 GMT
Location: https://xarxc-muanetr.net/login.php
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jo7JlZIb3AGDDVhl%2BZCPX1m5f2PLX2TfE1mDrlLm%2FQnU3Me%2BJ5moNdBMVlEDZdk%2F85V3sP%2F72TDh1a4MzmLunsjG3Wk2zCY8oAtEUTjzqPhaJlUR3kgOGaeHPYqEqlX1pvPeog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b482f14979b4f3-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8514
Expires: Wed, 18 Jan 2023 06:37:41 GMT
Date: Wed, 18 Jan 2023 04:15:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15761
Expires: Wed, 18 Jan 2023 08:38:28 GMT
Date: Wed, 18 Jan 2023 04:15:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 03:49:18 GMT
content-type: application/json
age: 1589
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14809
Expires: Wed, 18 Jan 2023 08:22:36 GMT
Date: Wed, 18 Jan 2023 04:15:47 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: u5agaIZQWsW1J3CnkPVtBI1RDhjFV5S/KTF2I1KTptpLkBsb34Mu8qRZT3E/m5hWXjNzkne24bg=
x-amz-request-id: EPFW3QW19CAP8AFF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 03:45:15 GMT
age: 1832
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 04:15:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/tTZfAYRgP2U

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/tTZfAYRgP2U
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
860d059646cbbf9604fa6926304f4433
3d4df10ca45cb7c386b4460d5ddd2e55037c9c4c
8e7b16a695e50765a0e8c9644ad104b231d02e5103be95382f0f70a1dc791182

HTTP Headers

POST /s/gts1p5/tTZfAYRgP2U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 04:15:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 03:48:57 GMT
age: 1611
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/tTZfAYRgP2U

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/tTZfAYRgP2U
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
860d059646cbbf9604fa6926304f4433
3d4df10ca45cb7c386b4460d5ddd2e55037c9c4c
8e7b16a695e50765a0e8c9644ad104b231d02e5103be95382f0f70a1dc791182

HTTP Headers

POST /s/gts1p5/tTZfAYRgP2U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 04:15:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2461
Cache-Control: max-age=106322
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 04:15:48 GMT
Etag: "63c66529-1d7"
Expires: Thu, 19 Jan 2023 09:47:50 GMT
Last-Modified: Tue, 17 Jan 2023 09:06:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.10.184.136

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.10.184.136:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zwO/t9JUR+VPgHippyfQ1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3PYFsNviUbz8yaxoC6XdY8CVfOs=

sentry.io/api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.23.0

35.188.42.15

200 OK

60 kB

URL HTTP/1.1
sentry.io/api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.23.0
IP
35.188.42.15:0
ASN
#15169 GOOGLE

File type
data
Size
60 kB (60006 bytes)
Hash
cfb6f69b66e9b1ce294f56df5ed34ac7
15c8e290fb96fdc1851bd4ac4eaed75a2caea42c
adeb6519e63a9d81e0000df7f6a59c244ae42c9f899a12d2af439ca4d03fd843

HTTP Headers

POST /api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.23.0 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xarxc-muanetr.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://xarxc-muanetr.net
Content-Length: 430
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 04:15:49 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://xarxc-muanetr.net
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20804
Expires: Wed, 18 Jan 2023 10:02:33 GMT
Date: Wed, 18 Jan 2023 04:15:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20151
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 04:15:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20151
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 04:15:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7871 bytes)
Hash
8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xwxzja4wdr7AfJC7BU10NpD4zbhg8MLdQ35gmo9LP75IFy9WDaDInw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:53:53 GMT
age: 22916
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13495 bytes)
Hash
d3758350d3147d5c87a76e0fa377699b
82c224d5bd59a14aee0eb0da6566ac7c6051a53d
a04d22747abe1c9ddd47d1578215217cc52e41cb6d8eedd416afccab427e7d08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13111
x-amzn-requestid: 7a9bb405-c68d-496f-b608-e9d295c44c50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0MStGBBIAMFXag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4c0dd-75d87c0d763744951f13febd;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:13:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkIL919Q7OFO6bACXTrDan0f9D9rgrN0DJMQv1DYPLeWqT1CywCAEg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 03:29:16 GMT
age: 2793
etag: "aa47af3e7517390d10e89f0f18237cfdcc63cbed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13848 bytes)
Hash
8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 160148de-85b1-4456-a580-e079f391f979
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gErTIAMF_eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-52efcd642bd209373b16cf72;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ARZobaKhEsHSEJdma3SXwCn_IKwRJaDbgjHfq_p_0HypKFWoqJIOJw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:52:59 GMT
age: 22970
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5663 bytes)
Hash
4ec6c49f056e786896d54fe22c242391
cc6b64ff3f09853843b62e555456a1ad9f0909fb
42f0571efba18630c8deee17e98c6939a7050b04f613ad10515caf503e496b4d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5663
x-amzn-requestid: 9a1c75a4-1c8d-4bd2-b6ca-7fccb8b43c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gF5goAMFveA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-1d274e8074771db651e80979;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sAxuQECVKx0dfc2UM_E_70nKN8za1SBN4opMWr_74gT5ScurgZGVLw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:10:07 GMT
age: 21942
etag: "cc6b64ff3f09853843b62e555456a1ad9f0909fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c759021-8a43-4fb0-84ba-bf79089c1960.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7457 bytes)
Hash
534484a90a0be81c6c44151dcef60410
398061999a4d44ed006e97b00803ee0745a48c11
e61ceb050b97cff3e9a6786badb551ecee7754eb56aa8d104de4de2781f75ba2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c759021-8a43-4fb0-84ba-bf79089c1960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7457
x-amzn-requestid: 8b204568-d2be-4585-8e04-647e42f76e93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85HWnIAMFbJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-20988afb6b598ec71d175953;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7f1AtZzcTrMZ6gvh7Mg-62fvbFYejkIZaGNORi58T-as80WCOCTQEQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 04:54:51 GMT
age: 84058
etag: "398061999a4d44ed006e97b00803ee0745a48c11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8697 bytes)
Hash
381020ef41e1bb778e6cee364695c2ff
f241897089655dd0535cd851f53e18be6a0c6ecb
7a9834c6ae61836742ae920ae26213d115911be7a1feee9baaadc986c1fc4e7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8697
x-amzn-requestid: 08271a70-599b-4253-9535-88885b7af4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BNnEFLoAMFfmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648bd-4e770e1b48f78b917ae40a6f;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hfqg_Oxv5UywkZG5AlPhNk-swxwdGkUMnm7GB-_xKacRkXaanAppYw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:37:52 GMT
age: 74277
etag: "f241897089655dd0535cd851f53e18be6a0c6ecb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c382eee977f2053295a35d995e6addba
7633085ad0147bc805598d62350c48d9edf0bbd6
abdcc8a973f7c8cbb93932b92f3849a9f2b9abd6a54076a31d2e20c364bc556b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 04:15:49 GMT
Last-Modified: Wed, 18 Jan 2023 03:42:32 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OnTmTfGebjeiXmQUhRrdVAPBZyp8fEeKAJ9SJynQxsBBVdP-To-oSA==
Age: 1997

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c382eee977f2053295a35d995e6addba
7633085ad0147bc805598d62350c48d9edf0bbd6
abdcc8a973f7c8cbb93932b92f3849a9f2b9abd6a54076a31d2e20c364bc556b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 18 Jan 2023 04:15:49 GMT
Last-Modified: Wed, 18 Jan 2023 03:20:11 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L75kw16kF_HihVHE4sSHwgTNVwqr_1ym6zMLmon9Bm9cN28uGzxLlA==
Age: 3338

xarxc-muanetr.net/login_up.php

104.21.86.239

200 OK

372 kB

URL HTTP/2
xarxc-muanetr.net/login_up.php
IP
104.21.86.239:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14192)
Size
372 kB (372166 bytes)
Hash
70e7f91ac3f195e13879447463dc0b12
8904a49658c3d388bfbc23a73ef670839c635177
5c7b16aebf609c11faa95c4797942544fb57e6dd3585af408a0f8845af24247a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login_up.php HTTP/1.1
Host: xarxc-muanetr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 18 Jan 2023 04:15:48 GMT
content-type: text/html; charset=utf-8
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 18 Jan 2023 04:15:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usqLqL0mh7bRKo7ZQ7CyUyw%2BNTNPvfSs4bJwBaDJMMTsDcu7y%2BTawPanUdrDa0fpJsMFiLVgiHBti8VM03uQIespAQVtlQJ2InJ4NzpvP9li%2FOFNHhwshIJzgPTq6DkhJmNg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b482f5d9f5b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firehose.us-west-2.amazonaws.com/

35.89.72.0

200 OK

247 B

URL HTTP/1.1
firehose.us-west-2.amazonaws.com/
IP
35.89.72.0:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
247 B (247 bytes)
Hash
2b92c6c579bb697aa5b06e836a36e122
367df11fec14a3f29f7010d21b4c33638055c539
2a9078b9123916ca69ab9d121059b406c0547ddae31418d759b836114671ee15

HTTP Headers

POST / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Amz-User-Agent: aws-sdk-js/2.1267.0 callback
Content-Type: application/x-amz-json-1.1
X-Amz-Target: Firehose_20150804.PutRecord
X-Amz-Content-Sha256: f86fab9b64b47c49f716010f661cc56296604dcbb19b1898b01854e870e3e0a0
X-Amz-Date: 20230118T041549Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAR4YEYRJLZOCG766Q/20230118/us-west-2/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=36558fb039a7c3e944da64174aae5ae55878ddf7e4800a251c1b84cb2d3b8ac8
Content-Length: 290
Origin: https://xarxc-muanetr.net
Connection: keep-alive
Referer: https://xarxc-muanetr.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amzn-RequestId: fd627414-fd83-6b20-a123-00a236a09f1d
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-amz-id-2: 24wjZNpmNTrq8Ro6sFIaTyX7AWqvY2siZCFwrh3JDRszwZ3ygQfi9VU3VYXypvGmTBtH92IhfGSuZkoE/NAqfebeahp66Qzk
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Type: application/x-amz-json-1.1
Content-Length: 247
Date: Wed, 18 Jan 2023 04:15:50 GMT

xarxc-muanetr.net/login.php

104.21.86.239

303 See Other

0 B

URL HTTP/2
xarxc-muanetr.net/login.php
IP
104.21.86.239:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /login.php HTTP/1.1
Host: xarxc-muanetr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 303 See Other
date: Wed, 18 Jan 2023 04:15:48 GMT
content-type: text/html; charset=utf-8
location: https://xarxc-muanetr.net/login_up.php
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 18 Jan 2023 04:15:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar5hPXhr%2FqNMoAR8j5%2FfiwfmXWZdPWIJsWGsOQBSihSqGLts3xwGfw%2BYHnJJXYwnEweBTFKWCmrprD6JnNazreyXc7Z5Tab4AhrrCFedQv9JRxAx4KKcUCkD7%2BMVSOo6VaGCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b482f4a971b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML