Report - www.auroratraining-mail.net/?cid=38292369&sid=1566464&lid=0&o=1

Report Overview

Visited public
2024-11-01 14:22:15
Tags
Submit Tags
URL
www.auroratraining-mail.net/?cid=38292369&sid=1566464&lid=0&o=1
Finishing URL
www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1
IP / ASN
148.59.128.71
#33561 LUNAVI-WY
Title
Opt-Out

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-10-30	512 B	1.2 kB	35.244.181.201
www.auroratraining-mail.net	unknown	2022-02-22	2022-02-22	2024-10-21	2.9 kB	26 kB	148.59.128.71

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1	ScriptElement	0 B	0001-01-01	2025-06-29
Pretty URL www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 IP 148.59.128.71 ASN #33561 LUNAVI-WY Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-29 06:07 Times Seen5190344 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (6)

	URL	IP	Response	Size
	GET www.auroratraining-mail.net/?cid=38292369&sid=1566464&lid=0&o=1	148.59.128.71	302 Found	195 B
URL User Request GET HTTP/2 www.auroratraining-mail.net/?cid=38292369&sid=1566464&lid=0&o=1 IP 148.59.128.71:443 ASN #33561 LUNAVI-WY Certificate IssuerLet's Encrypt Subject.auroratraining-mail.net Fingerprint06:7D:BD:D4:32:80:2E:83:B9:54:82:F1:27:A7:D0:45:F6:0C:96:88 ValidityWed, 18 Sep 2024 12:37:15 GMT - Tue, 17 Dec 2024 12:37:14 GMT File type HTML document, ASCII text Size 195 B (195 bytes) Hash a453ba65b55594ab093b971f50c2a68e 7c3721d955186e18d6ee63ad8ce4e5ee595839e3 f8f868091164f3c277fa1881b9b74713805e5954531727d76cf14e7ffd6b26ba HTTP Headers GET /?cid=38292369&sid=1566464&lid=0&o=1 HTTP/1.1 Host: www.auroratraining-mail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found cache-control: private content-type: text/html location: /external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 server: Microsoft-IIS/10.0 set-cookie: ASPSESSIONIDAEDASQCR=GBCOLNDCCJAFAIDMFBOBDDDF; secure; path=/ x-powered-by: ASP.NET access-control-allow-origin: access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE access-control-allow-headers: Authorization x-frame-options: SAMEORIGIN date: Fri, 01 Nov 2024 14:21:52 GMT content-length: 195 X-Firefox-Spdy: h2

	GET www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1	148.59.128.71	200 OK	3.1 kB
URL User Request GET HTTP/2 www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 IP 148.59.128.71:443 ASN #33561 LUNAVI-WY Certificate IssuerLet's Encrypt Subject.auroratraining-mail.net Fingerprint06:7D:BD:D4:32:80:2E:83:B9:54:82:F1:27:A7:D0:45:F6:0C:96:88 ValidityWed, 18 Sep 2024 12:37:15 GMT - Tue, 17 Dec 2024 12:37:14 GMT File type HTML document, ASCII text, with very long lines (760), with CRLF line terminators Size 3.1 kB (3053 bytes) Hash 40c94cb033ebe7882dba54e1f51a3ae3 758219c3e44e57bc671fc9a2840f97faba12dedd 265c4c50f51f80c2e00ff1c1ab7d166e42f16c440cf2b32e19eb5f95e943d686 HTTP Headers GET /external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 HTTP/1.1 Host: www.auroratraining-mail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: ASPSESSIONIDAEDASQCR=GBCOLNDCCJAFAIDMFBOBDDDF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK cache-control: private content-type: text/html; charset=utf-8 content-encoding: gzip vary: Accept-Encoding server: Microsoft-IIS/10.0 x-aspnet-version: 4.0.30319 x-powered-by: ASP.NET access-control-allow-origin: access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE access-control-allow-headers: Authorization x-frame-options: SAMEORIGIN date: Fri, 01 Nov 2024 14:21:52 GMT content-length: 3053 X-Firefox-Spdy: h2`

	GET www.auroratraining-mail.net/images/letter.gif	148.59.128.71	200 OK	287 B
URL GET HTTP/2 www.auroratraining-mail.net/images/letter.gif IP 148.59.128.71:443 ASN #33561 LUNAVI-WY Requested by https://www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 Certificate IssuerLet's Encrypt Subject.auroratraining-mail.net Fingerprint06:7D:BD:D4:32:80:2E:83:B9:54:82:F1:27:A7:D0:45:F6:0C:96:88 ValidityWed, 18 Sep 2024 12:37:15 GMT - Tue, 17 Dec 2024 12:37:14 GMT File type GIF image data, version 89a, 12 x 7 Size 287 B (287 bytes) Hash bb8a3855899e74558389009ae136f501 fd4d789311ec43948a2b5a1929c8118e6847b1a3 8070e90a0696428a3a5911bfde4a4ff3dbefbc1224864b6cdda94274fed811d6 HTTP Headers GET /images/letter.gif HTTP/1.1 Host: www.auroratraining-mail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 Cookie: ASPSESSIONIDAEDASQCR=GBCOLNDCCJAFAIDMFBOBDDDF Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: image/gif last-modified: Mon, 28 Jul 2008 21:33:25 GMT accept-ranges: bytes etag: "da22fe90f9f0c81:0" server: Microsoft-IIS/10.0 x-powered-by: ASP.NET access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE access-control-allow-headers: Authorization x-frame-options: SAMEORIGIN date: Fri, 01 Nov 2024 14:21:53 GMT content-length: 287 X-Firefox-Spdy: h2`

	GET www.auroratraining-mail.net/images/branding/01232017045856.png	148.59.128.71	200 OK	8.8 kB
URL GET HTTP/2 www.auroratraining-mail.net/images/branding/01232017045856.png IP 148.59.128.71:443 ASN #33561 LUNAVI-WY Requested by https://www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 Certificate IssuerLet's Encrypt Subject.auroratraining-mail.net Fingerprint06:7D:BD:D4:32:80:2E:83:B9:54:82:F1:27:A7:D0:45:F6:0C:96:88 ValidityWed, 18 Sep 2024 12:37:15 GMT - Tue, 17 Dec 2024 12:37:14 GMT File type PNG image data, 164 x 55, 8-bit/color RGBA, non-interlaced Size 8.8 kB (8808 bytes) Hash 66aeab08a1b69efc4471662fd608079b dc2f3f27adad61679a5dff6128c96c0b88bef7c7 e1821338fa4906c648a6989a44639bde308f1a59d95d9526fc329cbe9610d412 HTTP Headers GET /images/branding/01232017045856.png HTTP/1.1 Host: www.auroratraining-mail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 Cookie: ASPSESSIONIDAEDASQCR=GBCOLNDCCJAFAIDMFBOBDDDF Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: image/png last-modified: Mon, 23 Jan 2017 21:58:56 GMT accept-ranges: bytes etag: "544e0e4c375d21:0" server: Microsoft-IIS/10.0 x-powered-by: ASP.NET access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE access-control-allow-headers: Authorization x-frame-options: SAMEORIGIN date: Fri, 01 Nov 2024 14:21:53 GMT content-length: 8808 X-Firefox-Spdy: h2`

	GET www.auroratraining-mail.net/favicon.ico	148.59.128.71	200 OK	11 kB
URL GET HTTP/2 www.auroratraining-mail.net/favicon.ico IP 148.59.128.71:443 ASN #33561 LUNAVI-WY Requested by https://www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 Certificate IssuerLet's Encrypt Subject.auroratraining-mail.net Fingerprint06:7D:BD:D4:32:80:2E:83:B9:54:82:F1:27:A7:D0:45:F6:0C:96:88 ValidityWed, 18 Sep 2024 12:37:15 GMT - Tue, 17 Dec 2024 12:37:14 GMT File type MS Windows icon resource - 3 icons, 48x48, 24 bits/pixel, 32x32, 8 bits/pixel Size 11 kB (10990 bytes) Hash f3807d2b00e88016ca99cb0f52ced94c c099a4a92c1811f6a9bc3db2967109d5ce30a8a4 c08716b286c83f94d0a3418440f9498dbf90ebef07df95993b5a67d54c1443cb HTTP Headers GET /favicon.ico HTTP/1.1 Host: www.auroratraining-mail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.auroratraining-mail.net/external_pages/remove.aspx?cid=38292369&sid=1566464&lid=0&o=1 Cookie: ASPSESSIONIDAEDASQCR=GBCOLNDCCJAFAIDMFBOBDDDF Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: image/x-icon last-modified: Thu, 12 Oct 2017 18:57:52 GMT accept-ranges: bytes etag: "0384a18c43d31:0" server: Microsoft-IIS/10.0 x-powered-by: ASP.NET access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE access-control-allow-headers: Authorization x-frame-options: SAMEORIGIN date: Fri, 01 Nov 2024 14:21:53 GMT content-length: 10990 X-Firefox-Spdy: h2`

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201	200 OK	444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP 35.244.181.201:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type XML 1.0 document, ASCII text, with very long lines (332) Size 444 B (444 bytes) Hash 3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers `GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-12-12-13-36-01.chain; p384ecdsa=V8Z6om5u7Vqq_va3RlAjpr4fWAv3-RWP2jHvOWc-HmTkHdjB2CUMiLbhj256fYrCq-UCSQeSZZ3aqeWd6Em3BV9y_fPxefyvmFgFmC8JxJo_xIqbSZ9o7BAPZF2R1voU strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: EXPIRED content-encoding: gzip via: 1.1 google date: Fri, 01 Nov 2024 14:21:37 GMT content-type: text/xml; charset=utf-8 vary: Accept-Encoding content-length: 444 age: 34 cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2