r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Thu, 01 Sep 2022 09:20:43 GMT
Date: Thu, 01 Sep 2022 06:17:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 05:41:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yJn5cs5ozhKiU99KHKHwFFekFHwJXaWaW_DmEpRpGVixMtU8X7-tgg==
Age: 2171
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 81Hrmw4SCrlhUt5OJkPp-b4RwLo70tnsPyTQuXUTRM25IDCdPXinaQ==
age: 18126
X-Firefox-Spdy: h2
freeflywindstation.com/unicredit/carta
108.167.143.215301 Moved Permanently 254 B URL HTTP/1.1 freeflywindstation.com/unicredit/carta
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3bb5ec5d9b8f32057384da93d277c5f0
4938a935c27d1e136271837674720cc87f66d1ac
0479efe1b7437aec59154eef7d252a30bb7fbfa964f6b6f37e862b962c8b827a
Analyzer Verdict Alert openphish UniCredit Bank
fortinet Phishing
GET /unicredit/carta HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 06:17:22 GMT
Server: Apache
Location: http://freeflywindstation.com/unicredit/carta/
Content-Length: 254
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 06:17:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
freeflywindstation.com/unicredit/carta/
108.167.143.215200 OK 4.0 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1058), with CRLF line terminators
Hash 1a373b7629cf6d7ca938c9cb111b5c26
e7368d95eb55f1eb22488ef816deb4deb674d421
56819e64d070b10368d3af9906f14d438ec767e4a008489703e50e4f23f7dde1
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/ HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:22 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=166201304249; expires=Sun, 29-Aug-2032 06:17:22 GMT; Max-Age=315360000
COOKIE_KEY=166201304229; expires=Sun, 29-Aug-2032 06:17:22 GMT; Max-Age=315360000
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 4041
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
code.jquery.com/jquery-2.2.4.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freeflywindstation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 06:17:22 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662013042.dop226.sk1.t,1662013042.cds231.sk1.hn,1662013042.cds214.sk1.c
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 05:57:05 GMT
Expires: Thu, 01 Sep 2022 06:56:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7i3Nw-OTFnYf_28-0WyKCzvz0Az7NH15HbwWJkkjlJBUwjIK3RV6KA==
Age: 1218
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2519
Cache-Control: max-age=95483
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 06:17:23 GMT
Etag: "630f1697-1d7"
Expires: Fri, 02 Sep 2022 08:48:46 GMT
Last-Modified: Wed, 31 Aug 2022 08:06:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jp6d3+bwGdtd7wjlq6quyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5x8dWvOAwKNkGIVxkwoRM1DOXm8=
freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
108.167.143.215200 OK 467 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 467 kB (466866 bytes)
Hash 6a0f1ebcc7ae8d0d9ecb635fbbe68d65
74b6a40134f1cd63607dcfb090675c6a9481bf1e
98802cfc3623796dcb74be0f1aab505e95aefbd5bdcc471d084da36de80dd219
GET /unicredit/carta/assets/main.4c1b8b4624.css HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
freeflywindstation.com/unicredit/carta/assets/icon/orientation.png
108.167.143.215200 OK 8.9 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/icon/orientation.png
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 302 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 2073cded710eb1ff89baf36eac4cbc59
9a4a5185ae47a7630f3dfccdb234e924f044fc19
034e29c302d5a67bb29f401a4b26ece4d920b0891e88337a37919dbd74abbf84
GET /unicredit/carta/assets/icon/orientation.png HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 8882
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
freeflywindstation.com/unicredit/carta/assets/icon/login/msite/locator.png
108.167.143.215200 OK 2.3 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/icon/login/msite/locator.png
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 50c7809e2e4c323f6a92f5522f9f3348
5b0160b5f22afc8b9d82122793e880f70becd59e
6953f2685dc754d4e2489826d52fbf36a5c8d0aa18fb8c23be70dc2ba5e71402
GET /unicredit/carta/assets/icon/login/msite/locator.png HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2325
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Content-Type: image/png
freeflywindstation.com/unicredit/carta/assets/icon/login/msite/home.png
108.167.143.215200 OK 2.7 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/icon/login/msite/home.png
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 093ff98de56ace3c0c9c497446759840
9c5307f15c91ad9fead6234a7105fc55b08397b3
825ff7e698273277b498ff7a2ccdfd6c2db7712e0f6904a30e4d944e5adbb611
GET /unicredit/carta/assets/icon/login/msite/home.png HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2738
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Content-Type: image/png
freeflywindstation.com/unicredit/carta/assets/msite/footer/info-trasparenza.jpg
108.167.143.215200 OK 17 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/msite/footer/info-trasparenza.jpg
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 295 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 56b5bb79ce602307ebea7cef2eca03ec
61eb31d995e3508006c0c47366fdfd92d6ced384
ee937dcede34527a7158666d9ddcd10ea8f23558b285a6b8ca1b0ff6e01c1473
GET /unicredit/carta/assets/msite/footer/info-trasparenza.jpg HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:40 GMT
Accept-Ranges: bytes
Content-Length: 17060
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
freeflywindstation.com/unicredit/carta/assets/imgs/Logo-UniCredit.png
108.167.143.215200 OK 2.9 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/imgs/Logo-UniCredit.png
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 240 x 47, 8-bit colormap, non-interlaced\012- data
Hash 6da3b1dadbf4752b21c9976b5b5a0e59
d6222a646ba72ad6a6784ed8e9d26fb93f8f6c86
ce2a90b7453d592f36994cf622a4c7a016e6050c5dc115c97127e15f9adb2bab
GET /unicredit/carta/assets/imgs/Logo-UniCredit.png HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2879
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Content-Type: image/png
freeflywindstation.com/unicredit/carta/assets/imgs/logo-splash-msite.png
108.167.143.215200 OK 7.1 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/imgs/logo-splash-msite.png
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1174 x 285, 8-bit colormap, non-interlaced\012- data
Hash 65294bbb5427d8dd82b6001edec003f1
9a389c60ae57ff80fe2542d355709ea5f51d70fc
e62e38d3cda262687803f85dcfeb47f8a8960e01a4f493475b95bf0be235481f
GET /unicredit/carta/assets/imgs/logo-splash-msite.png HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 7123
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Content-Type: image/png
freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Regular.otf
108.167.143.215200 OK 64 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Regular.otf
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type OpenType font data\012- data
Hash ead58f7ad732335b3efcfcb49baa3982
7d98101c525a65129b0ef6d44913071d35721c18
9cfe221c6d9b096b2b7db501ec58d6ce58b03cd87a8cdda037cd5eb69d634bee
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/UniCredit-Regular.otf HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:14 GMT
Accept-Ranges: bytes
Content-Length: 63864
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: font/otf
freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Bold.otf
108.167.143.215404 Not Found 7.9 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Bold.otf
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Hash 250a9a2714fd315c7942285708a4cf36
94e1ab54361818682066ba069db9853ce0f207d2
dedcd1a0bc62923156415a1cb8150b39f97e4a82e51874f37ee13933e74da326
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/UniCredit-Bold.otf HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 7927
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.woff2
108.167.143.215404 Not Found 30 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.woff2
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Hash 68a7563ff056d729ad50735a0d8e4492
da692ed0402483deb7dada4f22d05a91f80be2d2
e7482dd1ceae6863583dbfda866c9b3e83c259c6716374a66f26c52695bcfee7
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/roboto-regular.woff2 HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Medium.otf
108.167.143.215200 OK 69 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Medium.otf
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type OpenType font data\012- data
Hash e06c0fb36f7080e2014d33df87f8f5d3
61cd7b696e9cdf680a8509cde6d66dd6a819ff8a
b3d6fea3cf3db29242671ea9d4f5498b05f82b938ff7e2bc94b2c399c06bdec6
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/UniCredit-Medium.otf HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:00 GMT
Accept-Ranges: bytes
Content-Length: 69416
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: font/otf
freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Light.otf
108.167.143.215200 OK 64 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Light.otf
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type OpenType font data\012- data
Hash 2f70f3a7da1eee3afb7f600fc0894f0f
d31c2d6465d4759f6521acfd0d8a0d03e413f350
d51aa085e49a4211758b17675299bdf1c65da3a2c7fdd1e4bd9ed1ce78e19a7b
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/UniCredit-Light.otf HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:12:54 GMT
Accept-Ranges: bytes
Content-Length: 64444
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: font/otf
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10296
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 06:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10296
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 06:17:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69fDjN-ZeYA8RVO_WGTY1KQHZ1t3PNdWIwq3ax1e1wKmuPODyGCMcQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:46:29 GMT
age: 55855
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:20 GMT
age: 31204
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfc1af67-f228-4148-a5f1-b9d751d203d5.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfc1af67-f228-4148-a5f1-b9d751d203d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e6bf286fe74ee70a2819dba1d843cd9
5a81f8462cfc9f17689152bb3a77407227099d41
4678c57ae3e892d1a39414992fe248b4638e6e1ba1ff9310c47c906e3a717cd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfc1af67-f228-4148-a5f1-b9d751d203d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4138
x-amzn-requestid: 63a73745-7dc5-434b-ad2c-4dbf05013749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjIrEH1cIAMFx_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630abb13-3e815ee876f88f0a2d1a825d;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 00:47:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lah1xj0ju15ZqU-bw95GqUx1TukEeI3PTbUFZqU8qaQWd9JX4JT8Xw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 07:23:24 GMT
age: 82440
etag: "5a81f8462cfc9f17689152bb3a77407227099d41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 31213
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:58:03 GMT
age: 55161
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce30929-1614-4a6d-80aa-fd9b2f12af34.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce30929-1614-4a6d-80aa-fd9b2f12af34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b629767aa19f78c2734128d2cb1e93d
2a66e9c2654e04097031304feca86eea7ab0395e
2bf73bd574a294029803eb25c23442a12519c5d186d806d165ea4fa9b8961b87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce30929-1614-4a6d-80aa-fd9b2f12af34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9305
x-amzn-requestid: 3ec274e1-6e02-4099-ba20-f622b20da568
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4ibGU-oAMFj9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd475-7f2b1dc86353361e105c6f7d;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 31J99N3FeSApJbAZbYRpIfPdeiBm4bucT3RwaoGFTwhQWxhncPHL8w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:54:54 GMT
age: 30150
etag: "2a66e9c2654e04097031304feca86eea7ab0395e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.woff
108.167.143.215404 Not Found 30 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.woff
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Hash 68a7563ff056d729ad50735a0d8e4492
da692ed0402483deb7dada4f22d05a91f80be2d2
e7482dd1ceae6863583dbfda866c9b3e83c259c6716374a66f26c52695bcfee7
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/roboto-regular.woff HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
freeflywindstation.com/unicredit/carta/assets/imgs/logo-msite.png
108.167.143.215404 Not Found 7.9 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/imgs/logo-msite.png
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Hash 250a9a2714fd315c7942285708a4cf36
94e1ab54361818682066ba069db9853ce0f207d2
dedcd1a0bc62923156415a1cb8150b39f97e4a82e51874f37ee13933e74da326
GET /unicredit/carta/assets/imgs/logo-msite.png HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 7927
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.ttf
108.167.143.215404 Not Found 7.9 kB URL HTTP/1.1 freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.ttf
IP 108.167.143.215:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Hash 250a9a2714fd315c7942285708a4cf36
94e1ab54361818682066ba069db9853ce0f207d2
dedcd1a0bc62923156415a1cb8150b39f97e4a82e51874f37ee13933e74da326
Analyzer Verdict Alert fortinet Phishing
GET /unicredit/carta/assets/fonts/roboto-regular.ttf HTTP/1.1
Host: freeflywindstation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=166201304229
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 06:17:24 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 7927
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8