van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php
46.105.57.169200 OK 1.4 kB URL HTTP/1.1 van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php
IP 46.105.57.169:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (357), with CRLF line terminators
Hash 27515d937e64b2ea8e565273c10f366a
0ce90392a0d2b199c1881561051c68119d50f7d2
fb7fcd9a1e0737685d44df498d3d5a888db50100f547012908e2d09c305867d8
GET /hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php HTTP/1.1
Host: van-gheluwe.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Wed, 15 Feb 2023 05:02:00 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/5.6
vary: Accept-Encoding
content-encoding: gzip
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-iplb-request-id: 5B5A2A9A:BCEB_2E6939A9:0050_63EC6747_325CA7:24015
x-iplb-instance: 17196
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8281405c524ff6eb1b0046b1c9661ce4
8233cad9810b06677bb8330dc7492dd5d1a65067
f9758415d785323b3f2108cb7762c5fc6cdc7f9fc49a46d05d691e56f93bc19f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9758415D785323B3F2108CB7762C5FC6CDC7F9FC49A46D05D691E56F93BC19F"
Last-Modified: Tue, 14 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Wed, 15 Feb 2023 08:58:26 GMT
Date: Wed, 15 Feb 2023 05:02:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1e94f036b0e677a492e4238b9443034
862ebeb19164d77b65229976b12338c399ce0bd9
1875033f6e187cdb371b497b6640a3c9625283b6a4b12de5bbc5be326365b6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1875033F6E187CDB371B497B6640A3C9625283B6A4B12DE5BBC5BE326365B6A9"
Last-Modified: Mon, 13 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12615
Expires: Wed, 15 Feb 2023 08:32:15 GMT
Date: Wed, 15 Feb 2023 05:02:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 15 Feb 2023 04:37:24 GMT
content-type: application/json
age: 1476
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3534c46dafa4e959cb5f4aba0b1d8cd7
f4aa8774355b04bf1f074aeb73c56c52b32568ab
68b7b6679046611b607c073416e818c6d0391e2953ecc8781b02e57a9b5af306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B7B6679046611B607C073416E818C6D0391E2953ECC8781B02E57A9B5AF306"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11740
Expires: Wed, 15 Feb 2023 08:17:40 GMT
Date: Wed, 15 Feb 2023 05:02:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MBmeSEtQ4agt/fcWlS09+vqSEmcjNVFaZlLsqprqVjg1EoEy22iA2wa6nJYRG7D/V08MgJ4b/Ds=
x-amz-request-id: QBGS0KVDNHTK1RJG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 15 Feb 2023 04:47:12 GMT
age: 888
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 05:02:00 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/logo.png
46.105.57.169200 OK 8.0 kB URL HTTP/1.1 van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/logo.png
IP 46.105.57.169:0
File type PNG image data, 289 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d95537aeab6448757c1652cf3d0cff6
9e27eb7955c7281d077bca53e8c9bfc1b1e7f48f
72d11555972a6f3b75c19057d0fb0013ea2bb592b6a011e79ed87afcbd2bbfe6
Analyzer Verdict Alert urlquery phishing Phishing - WeTransfer
GET /hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/logo.png HTTP/1.1
Host: van-gheluwe.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php
HTTP/1.1 200 OK
date: Wed, 15 Feb 2023 05:02:00 GMT
content-type: image/png
content-length: 8007
server: Apache
accept-ranges: bytes
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-iplb-request-id: 5B5A2A9A:BCEB_2E6939A9:0050_63EC6748_325CC0:24015
x-iplb-instance: 17196
van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/sub.png
46.105.57.169200 OK 31 kB URL HTTP/1.1 van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/sub.png
IP 46.105.57.169:0
File type PNG image data, 241 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 82de4c77b2721479d19aebbe098c808f
a4ba654290b55f73fd394c8ed37f864ca1149b0d
f41a60b7606cd02e88741502f17c6bd48cfb084c9c01dc3d9cf4a1cc743e6bd9
Analyzer Verdict Alert urlquery phishing Phishing - WeTransfer
GET /hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/sub.png HTTP/1.1
Host: van-gheluwe.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php
HTTP/1.1 200 OK
date: Wed, 15 Feb 2023 05:02:00 GMT
content-type: image/png
content-length: 30556
server: Apache
accept-ranges: bytes
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-iplb-request-id: 5B5A2A9A:8189_2E6939A9:0050_63EC6748_2C3C4C:24014
x-iplb-instance: 17196
van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/bg.png
46.105.57.169200 OK 253 kB URL HTTP/1.1 van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/bg.png
IP 46.105.57.169:0
File type PNG image data, 1366 x 662, 8-bit/color RGBA, non-interlaced\012- data
Size 253 kB (252579 bytes)
Hash 03d89ee9957605c299c75176d52c69e8
4bd4833ab8f3a494386bf97c4bc72e8e93b8c16c
0f87d89d71f89ec01e907d372c2adb506a1b99bead90dbb88cde0df013bbab5f
Analyzer Verdict Alert urlquery phishing Phishing - WeTransfer
GET /hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/bg.png HTTP/1.1
Host: van-gheluwe.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php
HTTP/1.1 200 OK
date: Wed, 15 Feb 2023 05:02:00 GMT
content-type: image/png
content-length: 252579
server: Apache
accept-ranges: bytes
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-iplb-request-id: 5B5A2A9A:88B9_2E6939A9:0050_63EC6748_325D20:24015
x-iplb-instance: 17196
van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/favicon.ico
46.105.57.169200 OK 42 kB URL HTTP/1.1 van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/favicon.ico
IP 46.105.57.169:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda
Analyzer Verdict Alert urlquery phishing Phishing - WeTransfer
GET /hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/files/favicon.ico HTTP/1.1
Host: van-gheluwe.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://van-gheluwe.be/hfjhdjhjkdjd/fhsskasdkls/WeTransfer/wetransfer/WeTransfer/error.php
HTTP/1.1 200 OK
date: Wed, 15 Feb 2023 05:02:00 GMT
content-type: image/x-icon
content-length: 41566
server: Apache
accept-ranges: bytes
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-iplb-request-id: 5B5A2A9A:88B9_2E6939A9:0050_63EC6748_325D22:24015
x-iplb-instance: 17196
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 15 Feb 2023 04:14:54 GMT
age: 2826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9510916a15d80ca2eb9fc98904cb93ee
420495d8896aeaf34e73a1c6ad8d95c882553c11
4391a82749b95a599bd1605b98b665772676ea8707765b8d9f8451774f6a709f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4391A82749B95A599BD1605B98B665772676EA8707765B8D9F8451774F6A709F"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14155
Expires: Wed, 15 Feb 2023 08:57:55 GMT
Date: Wed, 15 Feb 2023 05:02:00 GMT
Connection: keep-alive
push.services.mozilla.com/
34.211.127.63101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.211.127.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3mFhgy4bQCVJcnuxQZeRlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JVZ15u2jHJDzKWRM3eHce2vcpxA=