firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 20:14:02 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bbvt2e-wKkMbw-REoz-iWDFQ5BNGipn2vumpiP0eaJG_eNp8fT4bgw==
Age: 3048
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18246
Expires: Fri, 23 Sep 2022 02:08:57 GMT
Date: Thu, 22 Sep 2022 21:04:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SeP_I8Iqz7YDaOZHm9BBesHjyMWnjVcktIok-hIyzQ6bFxlNljPgYw==
age: 59377
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32b065d6bfb6af9392ca59f34bb8dbcd
bd45c08eb8822e6f9a934f3c9dad2950d4701fd2
0340efc7f035d172a8d6fe520bfae6eab976e26bcdecfc6abf76bdd6e1581091
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0340EFC7F035D172A8D6FE520BFAE6EAB976E26BCDECFC6ABF76BDD6E1581091"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 23 Sep 2022 03:04:49 GMT
Date: Thu, 22 Sep 2022 21:04:51 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 21:04:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
diramens.com/indexx.php
81.88.53.29200 OK 15 kB IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (891)
Hash 10a43e259d97e12ca68f711a50a2c50c
dd6368667b6a8f4cfe6f70b7e378cb90662cf65f
4d926d1f125d0f474ce0dba2a23c7221fd32f910986b455545abf7bf3f188fb1
Analyzer Verdict Alert openphish Interac e-Transfer
fortinet Phishing
GET /indexx.php HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/8.0.13
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15265
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/activityi.html
81.88.53.29200 OK 887 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/activityi.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5bc75ba11f81a22385a0ae9e793667e3
d10c4324bd473f46357a6c5b39471d77ac89100b
e22951dfe9ba6e7647dc20d03c0c9d64b8bc4aadb4092ef8909875b7942856d0
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "28517f-c4a-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 887
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/linkid.js
81.88.53.29200 OK 852 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/linkid.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1335)
Hash 2c9c1e44353bad2e6b729ad8674710e4
d00b7ce9bc66f3e76a107ae6f137727fa5995791
c1968f88dfb5ce136d3362a784a98f1972ce3cac12f7c06a3d599e180257d0a0
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/linkid.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "2851ff-621-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 852
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/analytics.js
81.88.53.29200 OK 12 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/analytics.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1640)
Hash 616ccec12342c51d39c4ba1f2c5d43d0
6301c8e1466345500439a9d1151a7a591ade58a8
6f85ec6ee2e96425c5a499983302fa9c509cff923b27b10167b78bfd9518fdc7
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/analytics.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285186-6c9d-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11595
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/interac-jqm.css
81.88.53.29200 OK 270 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/interac-jqm.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (697), with no line terminators
Hash 7534f41656e4508b99ceb183c1ca89c9
48417527d4a27f1dfeb4d0d0d1504643e6d4e4bd
4e64762a044954fd877be125196a9a9b4c4f2604bb3c7d8946a96af4f0757905
GET /INTERAC%20e-Transfer_fichiers/interac-jqm.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "2851f9-2b9-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 270
content-type: text/css
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/gtm.js
81.88.53.29200 OK 22 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/gtm.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type Unicode text, UTF-8 text, with very long lines (10041)
Hash f98b32b2888b43de60985c4bef251de1
49a653bf8361c813eaa98df41a83b781382d8089
73ac8eb82b93720891f637e5698abccb08cce259ca0e8745447281a814eff3a9
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/gtm.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285191-e1cc-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22505
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/jquery.css
81.88.53.29200 OK 10 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/jquery.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65398)
Hash 096c6c317eaf522a549ce33d4608eaf1
ea753d0988eecaffb9f984936352cd329577aedd
58b371aee6ced564d0ac1655703d7493a37c102aa8ed20cd24f383e99e00294e
GET /INTERAC%20e-Transfer_fichiers/jquery.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "2851fc-10c68-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 10222
content-type: text/css
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/jquery_002.css
81.88.53.29200 OK 13 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/jquery_002.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 50ad6ea9221d2e7bf413afa578770e5a
d7893a623d15c746534dc04bb814ec8106ccb215
6cb039913485b9e837526a095aa0b9708e57c5cfa7a475afc59fe00201d08f58
GET /INTERAC%20e-Transfer_fichiers/jquery_002.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "2851fe-1ef5f-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 12925
content-type: text/css
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/jquery-ui.css
81.88.53.29200 OK 139 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/jquery-ui.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 77e6cda27d3dfbb54647e9e08d52c3ca
6bc021fef9917cf472ca3c4a1a3981c278612d8b
852cc3c0f3d89d86d71e8049f029a2934ee8afddebb4d5b10e7d29d872bc990e
GET /INTERAC%20e-Transfer_fichiers/jquery-ui.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "2851fa-87-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 139
content-type: text/css
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/jquery-ui.js
81.88.53.29200 OK 5.0 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/jquery-ui.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (13097), with no line terminators
Hash f23a381026a69389281b8a3ce0361491
44be0ba5fc1f63c9336d561acacb42d52b5f66c9
1c1fcc79ff9c1a1faa340a90b8c7da0afd9aa3da0776402abc669d534c625c9f
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/jquery-ui.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "2851fb-3329-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5045
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/jquery.js
81.88.53.29200 OK 56 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/jquery.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 82329b340367362bae73f85e74cb037a
7fb80dbd914e6c299c36308976fd9413e825b128
c9b62f81c192b105009b99c2e3a223f1a34ca51e2d469428bff71cd28800be9f
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/jquery.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "2851fd-30d0e-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 55460
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/question-mark.svg
81.88.53.29200 OK 687 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/question-mark.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (758)
Hash 6f4a2388eba7c4ed3b9ba461cb3dfe76
3f29a78be2eadb03b3e33852da4800dc6bd51f80
93d5050c9d294809859ec6b66c41aaf40138adeeb1a919a30c608e6ad1c1f67a
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/question-mark.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285207-4c5-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 687
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/nav-logo.svg
81.88.53.29200 OK 2.7 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/nav-logo.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 90812ce2aad058af7e5b6425a6c13bf0
561ae8d75c0c992cad2fa7cbe7d817c6462acd4e
79fe6d320ad3e942f2a71b3ba6629c2010f8a0aa6b1c61ef799c53a230583090
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/nav-logo.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285204-1d47-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2745
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/manu.png
81.88.53.29200 OK 2.2 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/manu.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 362 x 139, 8-bit colormap, non-interlaced\012- data
Hash acaf725c2dc664344ba4985085f9f06c
9f746cb89aa130e095e093c01289b255ca3f23e2
e129b8fdd752311dd85762cc8ca8b31999380c3a36e1d6e8da714f0d41a35681
GET /INTERAC%20e-Transfer_fichiers/manu.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "285200-89b-5d763cc5e0080"
accept-ranges: bytes
content-length: 2203
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/desj.png
81.88.53.29200 OK 3.7 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/desj.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 403 x 125, 8-bit colormap, non-interlaced\012- data
Hash 4278f83f255df16adfe09508db4c8cab
81dbba55eceb89518d8166de3a8328c48b651264
7216e7d5b16f868bfb6b957d7e216ae8cba3595feefb16192e31f95bcf0e727e
GET /INTERAC%20e-Transfer_fichiers/desj.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "28518c-e97-5d763cc7c8500"
accept-ranges: bytes
content-length: 3735
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/meri.png
81.88.53.29200 OK 5.2 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/meri.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 441 x 114, 8-bit colormap, non-interlaced\012- data
Hash 773a9ef4874528ac29d748a34c60e7a8
cd356b6996706eb27731543d8271c609b1192850
05fe5e795ecda25ad8410df06fd848112c88b9aa75458caafc9fc8276362fceb
GET /INTERAC%20e-Transfer_fichiers/meri.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "285202-146c-5d763cc5e0080"
accept-ranges: bytes
content-length: 5228
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/gatewayInitJS.js
81.88.53.29200 OK 261 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/gatewayInitJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (389)
Hash 466ea54d2d14b76616a4a0e38d350f93
c50ae8c0cd1e286da42ec4aa21a51121c4bd54ff
e4d944a44f3b502312ffe7f35a92521f095b7502ef200bc0ec0e3a0f96706748
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/gatewayInitJS.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "28518e-1c8-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 261
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/navJS.js
81.88.53.29200 OK 384 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/navJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (422)
Hash 92a9da232cf39e8fcf68120dad16392c
b82769570500f44c5fcd6b561dc30ba98b83d133
25e686d2bc8cf36e7afced283e4eaaedf2cf16e530e7a861b1c2de81ccb7ba73
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/navJS.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "285205-33a-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 384
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/generalCSS.css
81.88.53.29200 OK 3.9 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/generalCSS.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (16962), with no line terminators
Hash fb37c65e9b085e20f750e68168c3d719
959b8e89a929d78118e5b05483b1b32fa15358d6
4f820ff28193eaaaf9e4b30c88d0d41a4d83cdbd93f74127fbca40a0867ed41d
GET /INTERAC%20e-Transfer_fichiers/generalCSS.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "28518f-4242-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3872
content-type: text/css
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/GTIe8CSS.css
81.88.53.29200 OK 6.0 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/GTIe8CSS.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (31904), with no line terminators
Hash c062bcfc97ed8509fdf0b4425df0b76b
74c983dd991dc3bd7d54a719e35e59b9e129a698
91cbc91af62f2f2e9f1a053f2efa071c0694dc0296eab177d276539eb331d13d
GET /INTERAC%20e-Transfer_fichiers/GTIe8CSS.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "285190-7ca0-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6004
content-type: text/css
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg
81.88.53.29200 OK 1.6 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 847f6156142a8661b2fd48170e71a2c4
eed4fc73a22fd7f74adaba05fa7f275a74f06bfe
3e7cf9dc0da3b32233c10f4617010e8a0509b48867ebfcba22dd3e852fc02e90
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285209-143a-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1621
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/atb.png
81.88.53.29200 OK 24 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/atb.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 1280 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a9a907f7e3e07d47638677d69b22233
62e1951d1f4b18e55660b91365450d211f5f68fd
094d934d457220b698180fec8869efd2e660617ef5c4cde0beee2d565f2d45a5
GET /INTERAC%20e-Transfer_fichiers/atb.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285187-5f52-5d763cc7c8500"
accept-ranges: bytes
content-length: 24402
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/allModuleJS.js
81.88.53.29200 OK 5.4 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/allModuleJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (2136)
Hash fa7439f278f5c5cf7ee2855875d4e7d0
108f7869972d63fcf7aadb1d31d2b7ddd71be4a8
1c48ae739b71e890577621b1909aa2f1a80b9b16e6bbf9f5ebf35d846ee7f8ee
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/allModuleJS.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "285185-5953-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5420
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
91.198.174.208200 OK 24 kB URL HTTP/2 upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
IP 91.198.174.208:0
File type PNG image data, 1200 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash b2ba0a626f3d1c3a79eacaa7857d489d
3db11508b6083869feb401f2c56b5927f2c4d1cd
c85bd673696df783cd1cf6f65b78792ca322b4aa638dfb5529855fbb5830b4b1
GET /wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:08:42 GMT
content-type: image/png
content-length: 24368
last-modified: Thu, 15 Feb 2018 11:53:30 GMT
etag: b2ba0a626f3d1c3a79eacaa7857d489d
server: ATS/8.0.8
age: 6970
x-cache: cp3055 hit, cp3051 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3051"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/pc.png
81.88.53.29200 OK 4.1 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/pc.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type PNG image data, 482 x 104, 8-bit colormap, non-interlaced\012- data
Hash 5120dce8a8f4f410b27032a0ff8291f5
a119a21c49ab490f96ead1191a8ec7cdff383586
1268ec2ae11982ea5617e2694a5be6017d078cdbd95610874e5715be14b7ebc1
GET /INTERAC%20e-Transfer_fichiers/pc.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285206-1027-5d763cc7c8500"
accept-ranges: bytes
content-length: 4135
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg
81.88.53.29200 OK 585 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d891e1666cb7a2fbc9eb52d5c0f8714b
1bddac9818ad43cf8cc42dd13d958cf61a3c3b59
476deb1d4a7a46b01d55c3579b25e48b381d3464572135acb3ead93d5d3ec5f9
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "28520e-3c4-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 585
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg
81.88.53.29200 OK 2.5 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d278076e6523caba30d5f0145c1393f5
32c4fb38262b798e33711c37f25a272f7f969ae5
0b5af221f02975dec35eeae8daa0463ca8689c4e8dab3aea8dcc31e25ae42a79
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "28520f-1bec-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2458
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/CIBC_logo.svg
81.88.53.29200 OK 1.6 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/CIBC_logo.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3b45d8dd5b5a0ed44491fa8ae740c276
988fba3163c62950d2cc0a4311a33727baf64306
dbacf08a27c4e8aff1fad45c5761e50d4e5782031d87db2a7bd83c7b6fac9ed4
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/CIBC_logo.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285189-d52-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1636
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg
81.88.53.29200 OK 2.5 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6b17ee9e5c1f9e53f3bb4e6d75fcf5e5
a660ae2025f2a9cb04c7a735a515844384f2d980
8d993e5e8fac311de67175976b1e6ce02c325c271714c4f34aa9936a2b62e399
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "28520d-14fa-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2509
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg
81.88.53.29200 OK 1.8 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 57566b27daf2c01ba629e34597b7850d
fb821e20161d3a1eaa093c7470ec02a8db30b033
24f7ce5cf408afa0ca0e6791c2d54ab9e0e079906d25d2622f051153131b3349
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285210-122a-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1789
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/mot.jpg
81.88.53.29200 OK 6.5 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/mot.jpg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 394x222, components 3\012- data
Hash e6d32407de0c1e524a0988b138d40c7b
bc4c5d2ae32177bd98622b1b85f441b0c57377ac
3ed11bc953873717966f08d8ab4c4424f63dfd8ea184eceee7214c9eb85f964b
GET /INTERAC%20e-Transfer_fichiers/mot.jpg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285203-1995-5d763cc7c8500"
accept-ranges: bytes
content-length: 6549
content-type: image/jpeg
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg
81.88.53.29200 OK 1.5 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 01e882b010ede8051c77624d98c92064
048a85f91f3d40c217780e34d70c2b9d466964d5
6aa100ec505dde22f8b029077a86d7437455a7663169b12dc139f24e7da3a73e
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "28520c-f23-5d763cc5e0080-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1538
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/footer-logo-en.svg
81.88.53.29200 OK 9.6 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/footer-logo-en.svg
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 605a657ccb7f03fb0c97fe310e2df2ab
93dd26d820a3a86bdbe77ae8a8fe8a76fac28232
e7023bfce55688ed4af3cc2cfcd2857b9099b81cdc7f6a09aaf7b028b38a5f3b
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/footer-logo-en.svg HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "28518d-82c9-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9613
content-type: image/svg+xml
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/vendorJS.js
81.88.53.29200 OK 51 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/vendorJS.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f66813a1b81cbc966ac14159203fcd74
f59b300d34d6718e0c1bb677e2bdf0371ceaa456
7879fdb56ed4e8c5995f2a0cfc5a009b1e19f3410590fc3b36c248c18827e8dd
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/vendorJS.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285213-26c52-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 51111
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.html
81.88.53.29200 OK 246 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type HTML document text\012- exported SGML document, ASCII text
Hash 1450f4aee73dee0fb49b5cfe04eea41d
d31bda338241a1ba0b849d9d8a404531174793c7
74b0399ac4d32ca99e66b5a47cdd0e963668eb02743c861cabf66254c48dbfdd
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285182-1d7-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 246
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.gif
81.88.53.29200 OK 42 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.gif
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a.gif HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285181-2a-5d763cc7c8500"
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js
81.88.53.29200 OK 5.4 kB URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (956)
Hash cf85935e855c1d038a7a801fd486574e
b487966f97abfa1edc0f1fa1caaf68ab8388071d
46c9f808693667e3a0dd3a8b69c785284aa35db824818fa3f02ae5bc6a036e01
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285184-371a-5d763cc7c8500-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5421
content-type: application/javascript
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif
81.88.53.29200 OK 42 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/INTERAC%20e-Transfer_fichiers/activityi.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285183-2a-5d763cc7c8500"
accept-ranges: bytes
content-length: 42
content-type: image/gif
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 21:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 21:11:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KR64wJcwv7LsCc7_0GPOFKRJIpFDnCNiH8xOIEfn4KgjpTOy0TWwGg==
Age: 89
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1e5d1781e5cc805dd39ff9627361b258
3e1ab5dd88f76ce4b3336d6ac0bc2a8f49b957cc
eea54f7046610575c31c642a500fe0421d406ff77d6ec6591f6cc51c2ce348c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1e5d1781e5cc805dd39ff9627361b258
3e1ab5dd88f76ce4b3336d6ac0bc2a8f49b957cc
eea54f7046610575c31c642a500fe0421d406ff77d6ec6591f6cc51c2ce348c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1e5d1781e5cc805dd39ff9627361b258
3e1ab5dd88f76ce4b3336d6ac0bc2a8f49b957cc
eea54f7046610575c31c642a500fe0421d406ff77d6ec6591f6cc51c2ce348c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diramens.com/resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html
81.88.53.29404 Not Found 1.5 kB URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 254b2c8160412e6cf778944a24274435
f9b6fc34f16f792aa0e763fe1ad70e897669873b
1eaf48dbb91a239b74d42187a0fc830558bfc4545c578951525b28401a198fb1
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 22 Sep 2022 20:41:09 GMT
expires: Thu, 22 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 1423
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diramens.com/getAllFisandCus.do?lang=en
81.88.53.29404 Not Found 1.4 kB URL HTTP/2 diramens.com/getAllFisandCus.do?lang=en
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash ca9a4ad2dd031f931fa67e487d479e33
b9d5aabe08ba9869894d38dd3f13b8bc7957a28a
a61f6a78150d937c13ef5810b451f46b3efbd4bae0604e77dd179a47e2afc2d9
Analyzer Verdict Alert fortinet Phishing
GET /getAllFisandCus.do?lang=en HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=1851391447&t=pageview&_s=1&dl=https%3A%2F%2Fdiramens.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=221195478&cid=2130027754.1663880691&tid=UA-53324311-1>m=GTM-5SR238&z=1353744523
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=1851391447&t=pageview&_s=1&dl=https%3A%2F%2Fdiramens.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=221195478&cid=2130027754.1663880691&tid=UA-53324311-1>m=GTM-5SR238&z=1353744523
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j47&aip=1&a=1851391447&t=pageview&_s=1&dl=https%3A%2F%2Fdiramens.com%2Findexx.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=221195478&cid=2130027754.1663880691&tid=UA-53324311-1>m=GTM-5SR238&z=1353744523 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Thu, 22 Sep 2022 10:35:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 37783
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diramens.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js
81.88.53.29404 Not Found 1.4 kB URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash af70c768dbd36eec026c11457ae31d8a
787eefe189378191904840202f370eaa4de567f0
f3b911465a0904eab262424ecb6589139f8833eee0d244b92bc1e34fd3ea664a
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html
81.88.53.29404 Not Found 1.4 kB URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash beab0223e8891caaebfe208ea93994d1
a8e7ba4974b0758201ece60a9b0515e241ecb026
87915f7ae9f8ad65f5d1c939a976a6896b9d66e21e0c1d55054a39251a9dfa0d
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 503
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Last-Modified: Thu, 22 Sep 2022 20:56:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/r/collect?v=1&_v=j47&aip=1&a=1851391447&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdiramens.com%2Findexx.php&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=240493689&cid=2130027754.1663880691&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=2002380699
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/r/collect?v=1&_v=j47&aip=1&a=1851391447&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdiramens.com%2Findexx.php&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=240493689&cid=2130027754.1663880691&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=2002380699
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&_v=j47&aip=1&a=1851391447&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdiramens.com%2Findexx.php&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=240493689&cid=2130027754.1663880691&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=2002380699 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=2130027754.1663880691&jid=221195478&_u=SGCAgAAB~&z=25064527
142.251.1.154200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=2130027754.1663880691&jid=221195478&_u=SGCAgAAB~&z=25064527
IP 142.251.1.154:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=2130027754.1663880691&jid=221195478&_u=SGCAgAAB~&z=25064527 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diramens.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
81.88.53.29404 Not Found 1.4 kB URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Hash 954e974b2e2f707dd5df7e7c860d657e
006b946184be5cb57a1e4e049868a2812fdd9454
721402a207b2533e3418f3d52eb5b18d93941cb03d6d8c434f65c922635e48ad
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e163c7149996bc42837a90494321d2a
d4da33dcbd188b93a0c24200b61d264fe0768628
b57307ad9901b41f5403f1108939655805c4b3eb8d598ad20da9dadc6f54208f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&sscte=1&crd=
216.58.207.226302 Found 76 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&sscte=1&crd=
IP 216.58.207.226:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/viewthroughconversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Sep-2022 21:19:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY4-LCPKa-cAP076viA4&sscte=1&crd=CJqqsQI
216.58.207.226302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY4-LCPKa-cAP076viA4&sscte=1&crd=CJqqsQI
IP 216.58.207.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY4-LCPKa-cAP076viA4&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Sep-2022 21:19:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY62DCJaIZ4PdhbAP&sscte=1&crd=
216.58.207.226302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY62DCJaIZ4PdhbAP&sscte=1&crd=
IP 216.58.207.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9M0sY62DCJaIZ4PdhbAP&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Sep-2022 21:19:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276
142.250.74.164302 Found 76 B URL HTTP/2 www.google.com/pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276
IP 142.250.74.164:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276&ipr=y&prhg=0
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wgpmV3O/61Uu9+UU0ykuCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: knxQny1q6/dwMhnz3pDt43JtLtQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276&ipr=y&prhg=0
142.250.74.3200 OK 76 B URL HTTP/2 www.google.no/pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276&ipr=y&prhg=0
IP 142.250.74.3:0
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/1p-conversion/954740125/?random=462546697&cv=8&fst=1663880691356&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY9XGB9uL-cAP65eXmA0&random=3977616276&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840&ipr=y&prhg=0
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840&ipr=y&prhg=0
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/979606057/?random=416016992&cv=8&fst=1663880691356&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=9M0sY4-LCPKa-cAP076viA4&random=2137347840&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530&ipr=y&prhg=0
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530&ipr=y&prhg=0
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/981124174/?random=1767571672&cv=8&fst=1663880691356&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=https%3A%2F%2Fdiramens.com%2Findexx.php&ref=https%3A%2F%2Fdiramens.com%2Findexx.php&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9M0sY62DCJaIZ4PdhbAP&random=1868892530&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://diramens.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 21:04:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 21:04:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4129
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4129
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4129
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 21:04:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
age: 82410
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:03 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 82130
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 84631
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 84631
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: itH-GLLUay6dtfjGStUDeT3wOwVf-S3tWSY31HjriEFaRUiD8aFKNw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:06:02 GMT
age: 14331
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 18:56:48 GMT
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
age: 7685
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
diramens.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
81.88.53.29404 Not Found 0 B URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:52 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/hsbc.png
81.88.53.29200 OK 0 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/hsbc.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /INTERAC%20e-Transfer_fichiers/hsbc.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:34 GMT
etag: "285192-b4f-5d763cc5e0080"
accept-ranges: bytes
content-length: 2895
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/INTERAC%20e-Transfer_fichiers/simpl.png
81.88.53.29200 OK 0 B URL HTTP/2 diramens.com/INTERAC%20e-Transfer_fichiers/simpl.png
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /INTERAC%20e-Transfer_fichiers/simpl.png HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 07 Feb 2022 01:48:36 GMT
etag: "285212-2dce9-5d763cc7c8500"
accept-ranges: bytes
content-length: 187625
content-type: image/png
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/www.googletagmanager.com/gtm5445.html?id=GTM-5SR238
81.88.53.29404 Not Found 0 B URL HTTP/2 diramens.com/www.googletagmanager.com/gtm5445.html?id=GTM-5SR238
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /www.googletagmanager.com/gtm5445.html?id=GTM-5SR238 HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/resources/newgateway/vendor/jquery.mobile-1.4.5.min.html
81.88.53.29404 Not Found 0 B URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery.mobile-1.4.5.min.html
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery.mobile-1.4.5.min.html HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/favicon.ico
81.88.53.29404 Not Found 0 B IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /favicon.ico HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:52 GMT
server: Apache
X-Firefox-Spdy: h2
diramens.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
81.88.53.29404 Not Found 0 B URL HTTP/2 diramens.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
IP 81.88.53.29:0
ASN #39729 Register S.p.A.
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css HTTP/1.1
Host: diramens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diramens.com/indexx.php
Cookie: _ga=GA1.2.2130027754.1663880691; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Thu, 22 Sep 2022 21:04:51 GMT
server: Apache
X-Firefox-Spdy: h2