mon-remboursement-impots-gouv.ezustermek.hu/Impots
301 Moved Permanently 266 B URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots
IP
ASN #5483 Magyar Telekom plc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 80666db7459a8ba769d98364de9202cf
2f82592961857f37307e75ed2f7a60d385ffa5a0
e1ed13a7a72d32c93bb16e98c4bedbcb9c9ba5418dac83e1be751018100e588d
Analyzer Verdict Alert openphish DGI (French Tax Authority)
fortinet Phishing
GET /Impots HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 07 Nov 2022 15:15:28 GMT
Server: Apache
Location: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
Content-Length: 266
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Mon, 07 Nov 2022 16:15:51 GMT
Date: Mon, 07 Nov 2022 15:15:29 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4102
Cache-Control: max-age=159851
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:29 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:39:40 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4102
Cache-Control: max-age=159851
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:29 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:39:40 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10580
Expires: Mon, 07 Nov 2022 18:11:49 GMT
Date: Mon, 07 Nov 2022 15:15:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gQLc61a6iRSIGcM4XhLI4JtP752pYNtPxeI0xgb0dTAFbojZ0hraEy7madx+a1bineuu3RxsKxc=
x-amz-request-id: K0GF4SYQDZ3TFEVV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 07 Nov 2022 15:10:55 GMT
age: 274
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mon-remboursement-impots-gouv.ezustermek.hu/Impots/
200 OK 12 kB URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/
IP
ASN #5483 Magyar Telekom plc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 6f4f1c8d7c61e5e26a7ff33b50f5d9f5
27d641ce0bfeeb577c205ca8baecdbaa5c0f96e6
2262610875f05d0b4ee9b3f64d1723b684a1f44e0a35bd2b7efa673ce823f631
Analyzer Verdict Alert fortinet Phishing
GET /Impots/ HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:28 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 15:15:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
File type ASCII text, with very long lines (19015)
Hash 7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 07 Nov 2022 15:15:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5778554
expires: Sat, 28 Oct 2023 15:15:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bz1Ba8wkdTcd6b%2BenLY0i4DJY%2F94ZdIc6u%2F%2BEjPIHQF%2BSs29FcO68tUsZqvm27IyCy9q5mB5hkiezWzluMU%2FSiQHUuQtr58OS0GSaWF3JCS7SiWTPO7CkXZ33hbP8cB5U4tTwdam"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7667064fcbf4b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/icon.css
200 OK 902 B URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/icon.css
IP
ASN #5483 Magyar Telekom plc.
File type ASCII text, with CRLF line terminators
Hash 22cb7ba178885866e99f31f543e7dfab
99ca110367c26add04b999cb4abad33435dc5b1b
f08a26fe4f299cb5e1528dfa2eb259205c90083c897f0d9bc29e6a5a5e20d996
GET /Impots/css/icon.css HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 08:49:58 GMT
Accept-Ranges: bytes
Content-Length: 902
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
200 OK 278 B IP
Hash ff6ad72e87fe7c42189db32cb24f2caf
64314e22c3b81d4ea74cfe469c6d1f283c35bb06
99aa5af6b24e0c5a7c4d1bad39bb8f086235ebbfa5773180453d8ebd47e448b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5491
Cache-Control: max-age=148640
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:29 GMT
Etag: "6368ad3e-116"
Expires: Wed, 09 Nov 2022 08:32:49 GMT
Last-Modified: Mon, 07 Nov 2022 07:01:18 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/theme.css
200 OK 22 kB URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/theme.css
IP
ASN #5483 Magyar Telekom plc.
File type assembler source, ASCII text, with CRLF line terminators
Hash 140b945fcb059e6561dad266a1e2ec00
610c38c71fe6e8e4c8004ae4badaf6492857237b
dc5185989d5dda1165ad3c60412bb17bd276d7e79298b222e1b9ae29383d2aa4
GET /Impots/css/theme.css HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 08:49:58 GMT
Accept-Ranges: bytes
Content-Length: 22128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mon-remboursement-impots-gouv.ezustermek.hu/Impots/js/start.js
200 OK 8.5 kB URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/js/start.js
IP
ASN #5483 Magyar Telekom plc.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 37b3737e22610b50785ccb06555ec6e4
e64a0e3bd4b5316e7960ed89500567162c384932
c6ac1e1503e52f1be340a13f32f53d3234e88199699c680cbcc721ae734fe549
Analyzer Verdict Alert fortinet Phishing
GET /Impots/js/start.js HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 20:53:48 GMT
Accept-Ranges: bytes
Content-Length: 8508
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/tooltip.css
404 Not Found 315 B URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/tooltip.css
IP
ASN #5483 Magyar Telekom plc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Impots/css/tooltip.css HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
HTTP/1.1 404 Not Found
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash ff6ad72e87fe7c42189db32cb24f2caf
64314e22c3b81d4ea74cfe469c6d1f283c35bb06
99aa5af6b24e0c5a7c4d1bad39bb8f086235ebbfa5773180453d8ebd47e448b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5491
Cache-Control: max-age=148640
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:29 GMT
Etag: "6368ad3e-116"
Expires: Wed, 09 Nov 2022 08:32:49 GMT
Last-Modified: Mon, 07 Nov 2022 07:01:18 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 23:55:22 GMT
expires: Thu, 02 Nov 2023 23:55:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 400807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 1d44deca0bfbd584bf28adc6f821c345
7192761c68c6718a52af3f1bbf3903b195d255f6
9d7f4760a5b653b1ca34788280cdca00d486c370ac4a22eacd9a37368466eac3
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 22:12:16 GMT
Expires: Sat, 12 Nov 2022 22:12:15 GMT
Etag: "7192761c68c6718a52af3f1bbf3903b195d255f6"
Cache-Control: max-age=602516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 161
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76670650a87cb4f9-OSL
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 1d44deca0bfbd584bf28adc6f821c345
7192761c68c6718a52af3f1bbf3903b195d255f6
9d7f4760a5b653b1ca34788280cdca00d486c370ac4a22eacd9a37368466eac3
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 22:12:16 GMT
Expires: Sat, 12 Nov 2022 22:12:15 GMT
Etag: "7192761c68c6718a52af3f1bbf3903b195d255f6"
Cache-Control: max-age=602516,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 161
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76670650aa750b61-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4b960cb663c9a47ccb8be722e0ac0f5d
36d37e8a0e97a65891c80375e850e36bb04d13fa
0076803c110b6bbc49b591119daa8ca2085b1cacd1f9c37e7ff8fe45e2fa149e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 06:59:06 GMT
Expires: Fri, 11 Nov 2022 06:59:05 GMT
Etag: "36d37e8a0e97a65891c80375e850e36bb04d13fa"
Cache-Control: max-age=315214,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76670650bd13b4fa-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4b960cb663c9a47ccb8be722e0ac0f5d
36d37e8a0e97a65891c80375e850e36bb04d13fa
0076803c110b6bbc49b591119daa8ca2085b1cacd1f9c37e7ff8fe45e2fa149e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 06:59:06 GMT
Expires: Fri, 11 Nov 2022 06:59:05 GMT
Etag: "36d37e8a0e97a65891c80375e850e36bb04d13fa"
Cache-Control: max-age=315214,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76670650b9a00b39-OSL
cfspart.impots.gouv.fr/templates/images/spi.svg
200 OK 1.6 kB URL HTTP/1.1 cfspart.impots.gouv.fr/templates/images/spi.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, Unicode text, UTF-8 text
Hash 6765220d8144a292226e6b140745fa83
d021933199f04d4608c135b52fbe05c5175861f6
9d4f3119e041d6cc648d6d6a7cab92432bd13c4b7766f240d784280dc84302c7
GET /templates/images/spi.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Server: Apache
Last-Modified: Mon, 26 Aug 2019 06:35:15 GMT
ETag: "233aa-156d-590ff5bd73fff"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx040
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 1619
Age: 59
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
cfspart.impots.gouv.fr/templates/images/logo-fc.svg
200 OK 4.0 kB URL HTTP/1.1 cfspart.impots.gouv.fr/templates/images/logo-fc.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 95cddb5a0930c5478bdedd22bf006af5
6a70bb7472d1d2f3ac8f9d9f14ec3f4bb62305b9
7d5e5c2e7164fac1a3d5c5f06dc70a0d2cfb80087a1c77c2f229ac5b507cad49
GET /templates/images/logo-fc.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Server: Apache
Last-Modified: Mon, 26 Aug 2019 06:35:15 GMT
ETag: "233b1-3645-590ff5bd743e7"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx040
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 4049
Age: 59
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Hash 33543c5cc5d88f5695dd08c87d280dfd
600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
GET /s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mon-remboursement-impots-gouv.ezustermek.hu
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 07:01:27 GMT
expires: Fri, 03 Nov 2023 07:01:27 GMT
cache-control: public, max-age=31536000
age: 375243
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mon-remboursement-impots-gouv.ezustermek.hu/Impots/images/logo.svg
200 OK 54 kB URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/images/logo.svg
IP
ASN #5483 Magyar Telekom plc.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (54335), with no line terminators
Hash 98667a7d9e5511a5d145881316f7d027
b358a39c8be4765a2ef175feb12f02bc7dfe1301
eb00a60062dad3584d01aac5b8797e80dc3b53440e7c9922d302a31a0dc4a14c
Analyzer Verdict Alert fortinet Phishing
GET /Impots/images/logo.svg HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/css/theme.css
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 08:49:58 GMT
Accept-Ranges: bytes
Content-Length: 54335
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4b960cb663c9a47ccb8be722e0ac0f5d
36d37e8a0e97a65891c80375e850e36bb04d13fa
0076803c110b6bbc49b591119daa8ca2085b1cacd1f9c37e7ff8fe45e2fa149e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 06:59:06 GMT
Expires: Fri, 11 Nov 2022 06:59:05 GMT
Etag: "36d37e8a0e97a65891c80375e850e36bb04d13fa"
Cache-Control: max-age=315214,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76670650f9440b55-OSL
mon-remboursement-impots-gouv.ezustermek.hu/Impots/pages/step_2.html
200 OK 2.5 kB URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/pages/step_2.html
IP
ASN #5483 Magyar Telekom plc.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 1f787eb4be4efd074762496604f9d702
650c05ba1fd1b2d76476a582f2cab6e92b729e1a
b9d7a5a55e6c7d337a327e5be640a64caf69b04426e491ae795edf1f7814998d
Analyzer Verdict Alert fortinet Phishing
GET /Impots/pages/step_2.html HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 20:54:08 GMT
Accept-Ranges: bytes
Content-Length: 2478
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
mon-remboursement-impots-gouv.ezustermek.hu/Impots/images/favicon.ico
200 OK 2.2 kB URL HTTP/1.1 mon-remboursement-impots-gouv.ezustermek.hu/Impots/images/favicon.ico
IP
ASN #5483 Magyar Telekom plc.
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash 2f34a3977599611db24405c819cb116f
4568ce43171f2a05903b38462891cd064ecc32e2
dd57f113a2eaa7ba3e6b1c507d22910ecd42437f9fef9577cfb8f4719cde59aa
GET /Impots/images/favicon.ico HTTP/1.1
Host: mon-remboursement-impots-gouv.ezustermek.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/Impots/
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:29 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 08:49:58 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon
cfspart.impots.gouv.fr/templates/images/spi1.svg
200 OK 979 B URL HTTP/1.1 cfspart.impots.gouv.fr/templates/images/spi1.svg
IP
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (4014), with no line terminators
Hash e5db04c8040f973fc6cf0400081d7584
ec944e1481bee81f88a340ddcc5ae1b20d5a5732
68294bf0310d7bdac0ccc0019f11af8389d798a950a92639ca96cf00e929549d
GET /templates/images/spi1.svg HTTP/1.1
Host: cfspart.impots.gouv.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 15:15:30 GMT
Server: Apache
Last-Modified: Mon, 26 Aug 2019 06:35:15 GMT
ETag: "234e0-fb8-590ff5bd7864e"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Via: dpapusx040
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; font-src 'self' https://fonts.gstatic.com https://fonts.googleapis.com ; form-action 'self' ; img-src 'self' https://www.impots.gouv.fr ; upgrade-insecure-requests ;
X-Frame-Options: SAMEORIGIN
Content-Length: 979
Age: 59
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.digicert.com/
200 OK 471 B IP
Hash e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4581
Cache-Control: max-age=155257
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 15:15:30 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:23:07 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1kHnInJL2RsI9oVAcJkz9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PB+qJYJZ26mA5oJmnN5GN7tjUQQ=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14085
Expires: Mon, 07 Nov 2022 19:10:17 GMT
Date: Mon, 07 Nov 2022 15:15:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14085
Expires: Mon, 07 Nov 2022 19:10:17 GMT
Date: Mon, 07 Nov 2022 15:15:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14085
Expires: Mon, 07 Nov 2022 19:10:17 GMT
Date: Mon, 07 Nov 2022 15:15:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nVtRSCFPqKF3dF0E9tQ4Ojyz7CXl7OkKDm7vDfOlrH9_8axDPoEvNQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:44:34 GMT
age: 63058
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0a079a6dfb70fb2a2d6b5aff7103f73
55ffd5d6cb8074bdbdb8d06719119021bc81aeab
196ffd4e5245355c1c5d67f49b28200630ccfe1e4ebaa7280154b7adaf39b18f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9435
x-amzn-requestid: 7c39c00f-1362-44c1-9628-749045e542b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIU9G5gIAMFzZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364ba85-57fbfb872251c37f4137b262;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:08:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GaFmcnh2vF0lCj_QPQ7SAIT_UzHHyr8UaHa-R_ifuZsX7quU0mBJ9Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 19:49:42 GMT
age: 69950
etag: "55ffd5d6cb8074bdbdb8d06719119021bc81aeab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1190aa1b3db742f1cc476e53b34479b7
7e7ba87cfbc21acc28219c68521eedd6d3f614a0
6724e0c14b11cf9ef8c2050116115e5f7985f744184a7d2e8ea4c0189bd1997d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7309
x-amzn-requestid: 0d1c4df8-769e-497b-999c-b1087d79dfe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKLIGGWHIAMFhiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63672566-1745417f7ed16a0576321e03;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 03:09:26 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jxy0K13kA9KV6V4d_-nxs7HZk7J2JgKeJFsC1NXhJI0SvEBXSuRBbQ==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 03:38:14 GMT
age: 41838
etag: "7e7ba87cfbc21acc28219c68521eedd6d3f614a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:48:52 GMT
age: 62800
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 06:28:00 GMT
age: 31652
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a5e060b41bd5313b1cf828c1d5ecbcc
e63e4bee84953491236a8261ef07b5a4743fa891
e8750b0156ed980f11682d92f5c60ce2783518b37f156e74340617a74d826813
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13224
x-amzn-requestid: fb0d928d-925b-4b89-9165-e17cf9c3492d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJy6zH3GoAMFdtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366feab-01cda80140a9174e718833c3;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 00:24:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wlegOy4mTlSGjBv2VVBylItdbR8-hLnME8lZEkEO_XmSA04Y29HjrQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 15:14:16 GMT
age: 76
etag: "e63e4bee84953491236a8261ef07b5a4743fa891"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mon-remboursement-impots-gouv.ezustermek.hu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 07 Nov 2022 15:15:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 10877876
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76670650094db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
84.2.35.185
23.36.77.32
104.18.32.68
54.189.35.180
145.242.11.27
93.184.220.29