detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 08 Dec 2022 13:51:25 GMT
Age: 82161
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
perfectwoodart.com/baroleb
188.114.97.1301 Moved Permanently 242 B URL HTTP/1.1 perfectwoodart.com/baroleb
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d11e25c022e8c7008c9aa94b1b26c041
6857bcb6cb94809bed7d4d47520c74580b4a8e1b
9835e3437514a35711f4c4a86a3bf8a7b6b909a66c4db278ce9646d599476475
Analyzer Verdict Alert openphish Rabobank Nederland
fortinet Phishing
GET /baroleb HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 12:40:47 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://perfectwoodart.com/baroleb/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55u1XDCHVwaswY6EccxecH6xC%2FzXZIXNV80Qo1k39B8emCSVBACo6DnRPgHzQTPR9p66n2tGraaEJqOOEQxPCMXs84XaMqESTfl7%2BEo3IxGsJHOM6nL8SQRkgShGM6V6oERCyR0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfad79641c02-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3034
Expires: Fri, 09 Dec 2022 13:31:21 GMT
Date: Fri, 09 Dec 2022 12:40:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d42836dc0e2e2d4a7a0e9a567283f604
fb3997901684cdb8c58a011cdeee33e5301a68f0
d0bc935f0d67f7c5aad533fc623f56a91c4a91c0fb6637a92aadb064117e6116
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0BC935F0D67F7C5AAD533FC623F56A91C4A91C0FB6637A92AADB064117E6116"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Fri, 09 Dec 2022 13:23:03 GMT
Date: Fri, 09 Dec 2022 12:40:47 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 41 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 482cc4ee150f3c4accded9ef0aee9764
bfcc10908756428c721c3505111aab34bde2cce1
14887be6d6f4bd017a82ad26798bc609d2fee076f1a596627304181a1bc3118c
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: uydxdg0HzP3E40VVVdwxmXOMC-zar6EGg-GssoHS1nfoQV1n8GbzPQ==
content-encoding: gzip
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:36:24 GMT
age: 425
content-type: application/json
content-length: 40865
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12188
Expires: Fri, 09 Dec 2022 16:03:55 GMT
Date: Fri, 09 Dec 2022 12:40:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5xZnBfh6S66Q2CNj4aYzXjIHKfjpQZ99Ik0p0jbrRswIRr3w5oBxY88Y1OaEAKfGeRdV6+VsZwI=
x-amz-request-id: H082NP0SB3Q18H4W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 11:42:46 GMT
age: 3481
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2802
Expires: Fri, 09 Dec 2022 13:27:29 GMT
Date: Fri, 09 Dec 2022 12:40:47 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 12:40:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 12:08:18 GMT
content-type: application/json
age: 1949
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73ce9e8b1d0bf68e58d9331578dfe852
3f3acbba803a5a7f9bbc27cb6aea618dc2a04638
f134d48e874d84cf16b84b6ad0be89825446aac4884ade5ddee70b5bcb14a05c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2368
Cache-Control: max-age=107639
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:40:47 GMT
Etag: "63922506-1d7"
Expires: Sat, 10 Dec 2022 18:34:46 GMT
Last-Modified: Thu, 08 Dec 2022 17:55:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 08 Dec 2022 13:51:25 GMT
Age: 82162
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 12:07:45 GMT
age: 1982
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.43.92.228200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.43.92.228:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Fri, 09 Dec 2022 12:40:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2302
Cache-Control: max-age=162270
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:40:47 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:45:17 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qCihBG0yXi8x2EkOwOL2Hg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kw+IJKYDnvm0ZKOXqR9GUc7ik2E=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670576234720%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670576234720%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash 1c0f6a359d310561e262123d492276da
e49e42a8f7000ec1f9b451514ccec117d9d41883
c8b3fd3c2ce7146768cd9efe7dd52c40a479a0ebbdc0ef3d37c149a6f16ea207
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670576234720%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Fri, 09 Dec 2022 12:01:59 GMT
age: 2329
last-modified: Fri, 09 Dec 2022 08:57:14 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22
35.241.9.150200 OK 8.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (8322), with no line terminators
Hash 7124adf8e0faebbc77b775185aaf3b33
aacce2c95e9e0c77a0d356fd948b3298937ef6c3
eec0a6dea45d80964aa28968deac9c4cc4190f7aeb28205a8448304499cc9c88
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1670524641328&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 8322
via: 1.1 google
date: Fri, 09 Dec 2022 12:24:45 GMT
age: 963
last-modified: Thu, 08 Dec 2022 18:37:21 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: XkDPtktwuY3pxSUUSl0zH/rbgyA0R6R2bN8XRbLSeBEZwiDsA3C8MnwT+rHNw7tpuRlFsARbJCKYVgKCFErp8Q==
x-amz-request-id: EGCEKRQCW8K1BRZM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 11:50:14 GMT
age: 3034
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670555205967&_since=%221666279968541%22
35.241.9.150200 OK 54 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670555205967&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (54177), with no line terminators
Hash 51dd1a8142bda3ce0c91374fa8cec43d
028b81fe59cefc6c64114e981303547e99e342d3
9f811627ef4ec8c36621b617fce062cd431d6670bd20a6b8d988621be97df108
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1670555205967&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 54177
via: 1.1 google
date: Fri, 09 Dec 2022 11:43:36 GMT
age: 3432
last-modified: Fri, 09 Dec 2022 03:06:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash a4052b022cb93eb55aabe7cb67679df3
901bc58019c1c287782342cfcb9ad01ba4fa8657
959141ba846caac38284518837678def1e8c7d372a3b946a6c3e85ae5bfed470
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Fri, 09 Dec 2022 12:35:36 GMT
age: 312
last-modified: Thu, 08 Dec 2022 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1681), with no line terminators
Hash 2340af2b6492b7d56b14a1d3276a7140
2e9ac7d9cf1dda477e24841874ceac7258c9e0b8
a49e7182487992abba172f758b9ae8129931086af51f3caa29731d29d4b7ba40
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1669904594434&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1681
via: 1.1 google
date: Fri, 09 Dec 2022 11:42:07 GMT
age: 3521
last-modified: Thu, 08 Dec 2022 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash fc59df2a1ddb194b9927e1bd05da82a5
54ae083c87343de5c5082cd16f6e4ec8e45769bc
cb645a2b572db86fddd92d7b4f54c55f1cb6ecada044fff5b5aea30e7df875f4
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Fri, 09 Dec 2022 12:08:14 GMT
age: 1954
last-modified: Wed, 07 Dec 2022 15:06:39 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22
35.241.9.150200 OK 54 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (53768), with no line terminators
Hash 420d2a8a87862ec8fb8678a2ec713b1b
ad55178f6765ac90ef6e073ba30d9d5508b6ce15
f923b4f7170196fa90968f69c3e8e8c18020e643dd6f9002817742cf6651ba8d
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1670371273925&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 53768
via: 1.1 google
date: Fri, 09 Dec 2022 12:07:49 GMT
age: 1979
last-modified: Wed, 07 Dec 2022 00:01:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 730583ac85dd27656bad88150567d34a
c05375ce2016cc335fffbfc76974348032951545
07ef5576f95557ec9f756e4ddfba277e3308d897c86ad5bc9dcd6e8e7270fb26
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Fri, 09 Dec 2022 12:08:47 GMT
age: 1922
last-modified: Mon, 05 Dec 2022 16:36:54 GMT
etag: "1670258214122"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 53a3f7b3b704cfaf73db62670e538a5b
f92fbcd2c053cc26fe81474c19bfcf3fd94e901e
d5a8da9110e55a35fc8d1f47cd54e84ab99f26d25bd1a4325bdff8bfa76c0ac7
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Fri, 09 Dec 2022 12:35:36 GMT
age: 313
last-modified: Mon, 05 Dec 2022 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3930
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:40:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3930
Expires: Fri, 09 Dec 2022 13:46:19 GMT
Date: Fri, 09 Dec 2022 12:40:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 30721
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kTEbkncBnAJmQE8cdAqvDtejiwaetpRBsVcpLXy1h52lO4iUkzmOGA==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 16:28:48 GMT
age: 72721
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 32343
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 32782
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 30822
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 70785
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
perfectwoodart.com/baroleb/
188.114.97.1200 OK 2.6 kB URL HTTP/1.1 perfectwoodart.com/baroleb/
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (407)
Hash 77b45ba8e072d6e95efdc44bd8a863c3
f6b687cd932ebda8ae0c9ff7b2c998855b867d1e
faf2f79dfe9098f7b181f9ced5e64813008bfcb36c33958f36dde8a628905717
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/ HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANPIoqdVHM8agUSBP6%2FI%2F7qsTmVgiBdPyttx3ZuoljXQI295hGqvBbKegujETWq8%2FWhq812tBrnjPmEHnULwejfhG%2B8gJzRajCZNE3vbZuSnHxU5Apqdf5P280svFzZzsNE%2Bsjo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfaebaa11c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/fonts/myriad/force-myriad.css
188.114.97.1200 OK 73 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/fonts/myriad/force-myriad.css
IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash 86e39d18ad56dfd9a5073dc21adebb8e
8f5b2197c71c0b02744d73305054176ebb85edcd
bf0996904ed1127f779958bc0c7a999d6b51a057a1c1a124b5805ca72f349dff
GET /baroleb/front/login/fonts/myriad/force-myriad.css HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=121
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sq9hhbLmc2WVEjVbYp2FPB1aw4%2BjazWl1LHDzBoTw43AoG456x94MqQ1Iwo6YFSt7WSB4nAWh0kbNZI3wyjNNdZjR5bN2xVbUB6iM5IRi%2FNvYsGpxZgC%2BCQkmaCOBYUjkVlFwU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc37a1e1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/senses2-styling.css
188.114.97.1200 OK 1.9 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/senses2-styling.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (7423), with no line terminators
Hash 6884f5a9b707a1632c091a49d5abddfd
4307d72546230cb66ed899d1e5837d4ea83df6c0
91c01f53ee23291d5cdd196b349e232528c792b52aa387bfba8d787222ae66f9
GET /baroleb/front/login/senses2-styling.css HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=9373
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJukAXTvbCW%2BAIgF9AGc7zDp0TiP85sTuPiICMLwXSNbPyRHw0cy8n%2FWLLjc6xHM2DjbepbquE92brlK82o55GmQ5Eepc78oAw6aDyzWMoNa1R8MoUmi4CgA0hlJVLAmBv1lUGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc37c74b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/x12.js
188.114.97.1200 OK 13 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/x12.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (43784), with no line terminators
Hash c348050de8aaff1ae79cfae4c8998f30
7d997bfe372aee46684dbe6786f27f3dccf4409d
e1279537ec1173fcd877fb528040f882db041741c63e9a8d8475257817077e2d
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/x12.js HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=43799
Last-Modified: Tue, 06 Oct 2015 11:12:18 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BRAEb3JqcU5n6E5jHgFTOyl217asgf7sRnld3hUYFKct4%2BBhRocCV%2BMV%2Bpjh10OTN2NY%2BqL2m73s9k8tWXpCo6fJfU%2BVf%2F8KTwxvSx2%2F%2BZwvXXxTviylWWVyhyMTPvw4uQXTHE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc38f2cb503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/www-extension.css
188.114.97.1200 OK 5.0 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/www-extension.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (28668), with no line terminators
Hash 6c14d8b2e616c3edebf1c158305eebb4
8bcdd053b068d829dbeafe9641021dc6b560e21a
a8b128cd05763e57654422666dda3711bfcb80a5f78218000b946df1564bbde3
GET /baroleb/front/login/www-extension.css HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=29375
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSxZq33X8nvax1fq%2FWyYbj7gmrT%2F%2FAULMk%2BhCYOQPXEdMiF46ZkPCuTeFdpdYcACD%2FVofVuxhn7sNtc3dJxKUMJ%2BEyBKOs2v0gKv0XAyI8LLtmpAv6DMB0Bdl%2Fw2De%2FblrdNfCE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc37b7db500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/fonts/myriad/default.css
188.114.97.1200 OK 1.3 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/fonts/myriad/default.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (3743)
Hash 2835e38d1459c83ac4e474756ae505d1
a7d9040e1ac40c867e561b4aed7bb8249870266c
256ac77553ddd8c79e7208319cfe349595f8bd29d691b61e744dd5ab2ff581d3
GET /baroleb/front/login/fonts/myriad/default.css HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=4614
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61guWZzjDuhP8g1u6SRFdV5C7Z5dvXQetdAbaIijwTT1GUVB9ITycGutA12bbQw8%2BYqYL%2FBndHKkWgaxHmPA%2FASRsfSZcj2KHCx5zm4nXMDGiqLq9ioP4J6J%2B9kWqkqenggnNAk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc37ed2b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/rass-proto.css
188.114.97.1200 OK 58 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/rass-proto.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d983a30edfc36cbd9c723406cf502b96
ef099c5b245a80f7b7202d273735932beae39935
8eea8bc7730c788d6e05ca12fe5df0d60351dc8cee36c3c229bbc1f1d5bb9856
GET /baroleb/front/login/rass-proto.css HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=127381
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiGFxz9zs82jELnpKEa%2FWJCtgFZZ%2Fkfb%2FsUkxkD964kyWwT%2FglAL7ULeS%2BSw4HGxI%2F8PP7DXMEjLx87N8vuMIvo%2BMW7XHf6XoA%2FWloUP07w9UN17pcdg7XPndIaQ15KOSWyHQkM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc37de7fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/brwcook.js
188.114.97.1200 OK 722 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/brwcook.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (426)
Hash 70c5b99057765a88c7129bdc71c774d3
1a1d53de3581a6ebd8f2426ab5ade4e646110d54
90b6045a7a8f28ef55a0ad9ffb00343d8a8b76385db6a555e92d354bb0ed838c
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/brwcook.js HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=2045
Last-Modified: Tue, 28 Apr 2020 16:15:10 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5D4xbXrIwMfIvpTGveJlwVTaHM%2FRv7v8cGV2t3XBeUjM2J0ms%2B%2BucOL8WhZ%2FRCEVgr2v9Bqdxmt0hAjEjiNCyRgTYj9mFtCKn3oVBIAD5TFJU1xaio42y1VT52el7BQ2TC0Bws%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc39a4b1c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/rass-proto.js
188.114.97.1200 OK 8.9 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/rass-proto.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (3344)
Hash 4dcce28657033928dbf58bad3d68f88d
e81d58703129c1365240fd4240d869aa642d85fb
0782cfbc0d012c6c1d6bb63b22c2b84ebfa8fda9c229c8c797ecfe946a8248e9
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/rass-proto.js HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=61008
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2B1PV5iCRMsZTXnLumZcXReHO9Obho8FAPRW%2Bn0D%2BbTuSf80t49rc5%2B%2FKTIiFOr7KjbIQcxKz8NsrIbegUYOY1glHgClgijcXv17afqE058GZ1dtbwLq0VPWEakdcGNSr2E2770%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc3bbbbb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/brwfunc.js
188.114.97.1200 OK 5.2 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/brwfunc.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (15077), with no line terminators
Hash a384bf155daecf341488b5cfe16069e2
3f6ce6ae57b150b372c4e18e454110fc24040014
bacf8df14d535533a3ad0faa2529db8840c0f570bb26b0fb736ff77434003036
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/brwfunc.js HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Last-Modified: Thu, 17 Oct 2019 08:20:26 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6F5yyR9DPVbbAlpl1DinMnJ8AF36XuaR2%2FCUq%2BiKXhP5Mo%2BIyjKkdoCNtKZPd5EJVeFyfYcrvd1Gwac1%2Bg3mHwaQCHrXN%2Bs9mX2%2FT2DA3BryYvvgtGXfjRO6zrMPc%2FbIgw2z7A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc3ac92b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/device.min.js
188.114.97.1200 OK 1.1 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/device.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (3272)
Hash 1a057aabbdc509bca8d632d370bd4034
134fb2227fbd34ee4095efad018565e32ced7f40
8a4ade44776fdac7de16083402e9d9a13a88f5c9a8cc05bb2b50f09cc891c98e
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/device.min.js HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:15:12 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3FgA0vKF4VVR0l2Rvs2ldqnzAkSHmcYallLVRURF%2BWgQ7i0vHiS6NtebS0nc4YdsmjNNjDd2jMW4DtNp5nmYEwUAlvmYXDehRA1o0qB5jvWZwNXvdOxvSFshW2xdu8SCB98AkU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc3af60b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/images/rabobank_logo.png
188.114.97.1404 Not Found 238 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/rabobank_logo.png
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /baroleb/front/login/images/rabobank_logo.png HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x36ClZkXrNfSzBMBeWUbCtKWhoRd9Efx3oIehMAFA3aW3hvTbCJHoODvGK0vNBOcRT1VUlnITAebucWkxl82qrtUDR%2B3LUdbCkj8b8cjkLb7fxlhWt9oFWRPCybHCTb2kBWqOT8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776dcfc3ef35b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/images/grayed-out-vc-nl.png
188.114.97.1200 OK 15 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/grayed-out-vc-nl.png
IP 188.114.97.1:0
File type PNG image data, 315 x 315, 8-bit/color RGBA, non-interlaced\012- data
Hash 106423b2ca130a77c97219c12727f5ec
886366d9c42fe58114c04ec4e59701b7c30ae92c
cf59560647e49f765aa01b63bff1950159fc806bc2e82bb6154393f6502a18e1
GET /baroleb/front/login/images/grayed-out-vc-nl.png HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: image/png
Content-Length: 15354
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umG4FkcJrwZ2B6Xu627HqH%2BROCHgtX8Gandjxa%2FdgE10SP%2FgsquGbAY60CTbk0Db2Jc0%2BP6CI9sP80Oks4%2FaYd%2Fkn2mkBgCjkcXJq%2BT%2BLy7Na2erpUu387REKm5qKoX2PtGYakM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776dcfc3ee30fac8-OSL
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/images/icon_supercirkel_vraagteken.svg
188.114.97.1200 OK 745 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/icon_supercirkel_vraagteken.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 122d750058926438e72a7acdd55852e4
2848318637167ef171f56d7f97f9262b2924d3c7
87cecf1d6e16db203903d2d8f741739c24e8411aae16ccfbe1298f08102cec26
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/images/icon_supercirkel_vraagteken.svg HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/www-extension.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbKdYX7WVuul%2B5JLjCxCjkTzYran2iVuIZ%2FyK6hOoe4bol%2Fsd2OOm0QrH74jlVu0N5JOGstRN2yqKaUyErs3LR7TFxY9DFi%2FrdAWVBCvR0fPutH6uMz8bJfGDbZ3FinoXxwSw84%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc42d5cb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/images/checkbox_off.svg
188.114.97.1200 OK 777 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/checkbox_off.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 1f541ebdb49819aa90100969956c592b
e8a8655c668340c2752ad62341c886766c61bdbe
c5620a34aaf7df5d49271e194aedb2d0dbab2f840c7e2482cb6c42f824549fa8
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/images/checkbox_off.svg HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/www-extension.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLL2U4aJlUh3PLcKIIvjnatMYXmc91amF1EzdjMdfX04M3p84Yx%2B%2Brzv40l6GorphsYg67aL41rcJZ3IHwjbhhYQ69ErI8XpAXAsShuJ5TX8AEdB%2BSa0WA%2B6DgTlk0AC4hcKSOI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc42815b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/fonts/myriad/files/fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2
188.114.97.1200 OK 17 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/fonts/myriad/files/fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 16696, version 1.0\012- data
Hash d30827b823fbcc46ae577287d9958a85
f66f0cb0ca05cfa5b4c96750225478febf1f110a
1a35e85545a55eb7a307543de45c5a73588d63d9b08fd571c22ae6ec1a2f78d9
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/fonts/myriad/files/fd5daa3f-a61a-4aed-93cd-54bc94bb59b6.woff2 HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/fonts/myriad/default.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: font/woff2
Content-Length: 16696
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 21
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYJPJqQwSCon5woj6KeX6h1xZOeAhOThYLHB0At7QJ9vKMw1HaOyQdsluiuodNXiac4Di5fIKf5cePrjw%2FnxS59IfjnG7hRIbSVCnNur00K6JwMiXW4DLuH%2FyP9j22R%2FbxFmr5E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc42afe1c02-OSL
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/images/icon_supercirkel_kruisje.svg
188.114.97.1200 OK 694 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/icon_supercirkel_kruisje.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bfdf66a52946e9b31697164db2b9e7e3
084e042203c0814031ef024519d8ebe22ba7f41d
0edae8852fd4ada5448348c686819be2087841c3c09ccd882fb7ddf1d24ca2aa
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/images/icon_supercirkel_kruisje.svg HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/www-extension.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95yr0MKIMuEGfB9gqK1SxNWMHOsBOpZTrQWXom1VFKYGBeGjPU482a%2Bdb6PvOPzusUazw%2BN%2FuTrdsDucICakKZFjS%2FfSOcBJBnovhFo%2BXne8nisdx36yOQmeDfSF2Vo%2Fd1%2FN%2Bmc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc42c51b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/images/icon_supercirkel_pijl.svg
188.114.97.1200 OK 653 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/icon_supercirkel_pijl.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f55cdf35e02eed74b69c032984dddd4a
8db46b6ae898df6b4e02046f07e89b590612d7a3
c87ebdf954a5e4416910c058e31fb57c72829e689d63b06a773302cee594fc6e
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/images/icon_supercirkel_pijl.svg HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/www-extension.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8e%2FGKZ9NXhOJjiXVKdKL%2BO5Z7hqwVr6JhjSGZH6LXNTXQUSoo2E0WpK%2BeqCp7XcNxcHTxs8fpMx0IqHyEm9hNY%2B9%2FTkcTDwYDr6bIk89QN3dBykHtBkepBzOywtcWylDT08XZQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc42fa2b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/fonts/myriad/files/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2
188.114.97.1200 OK 16 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/fonts/myriad/files/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 16376, version 1.0\012- data
Hash 66cc04b61a823c9138869b61b173f21d
7608f8d3ef9e55e0f8284a923dc33bfd961f95b6
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/fonts/myriad/files/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2 HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/fonts/myriad/default.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: font/woff2
Content-Length: 16376
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 21
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1%2FkCdY5oMZ9hr6AmtI%2BpzMNRzl%2Fl8QzRVEYrARp4h27U6sKVXkdGpvmpNETbTVtlb9b0mAH%2Fss1U5OxH%2FDb%2B6uRcmcSU2v17W%2FZYSKAzsucoCjbGOGUeP3krLh0uSicW0TUUVk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc44d78b51d-OSL
alt-svc: h2=":443"; ma=60
perfectwoodart.com/baroleb/front/login/fonts/myriad/files/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2
188.114.97.1200 OK 16 kB URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/fonts/myriad/files/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 16356, version 1.0\012- data
Hash dcb5812d0cda70ffa90ea868e642bef6
716d56c3ba9698291126a80e57ef1b247714702b
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3
Analyzer Verdict Alert fortinet Phishing
GET /baroleb/front/login/fonts/myriad/files/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2 HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/front/login/fonts/myriad/default.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: font/woff2
Content-Length: 16356
Connection: keep-alive
Last-Modified: Tue, 28 Apr 2020 16:04:54 GMT
Vary: User-Agent, Accept-Encoding
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 22
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW02ji%2BtB3DjdPI213l3%2BNClteAKUjwUlSOxp%2BQTJpWlFlo67xKjITBOfhR2udrKtqB7x4HIJuJgBmc9lW6G1163EcKOvjuvsNUsibhhdGC72kqocamZREwPt9RYOmXXYALo%2Bwk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776dcfc43e6bfac8-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b8313f9e33695225653527e2d423cd7
f93d3c7e748b85edc6f0209e73813f13e5bf2070
9fbcb6376f48faf9fab6fada8876197456bb8c5c1c0b5c34b25dcfe323e18354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5739
Cache-Control: max-age=137654
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 12:40:50 GMT
Etag: "63928d1e-1d7"
Expires: Sun, 11 Dec 2022 02:55:04 GMT
Last-Modified: Fri, 09 Dec 2022 01:19:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
perfectwoodart.com/qsl/trans.gif?30010=0f8c5ae3132b41d990a9e6a3abd0c801_1588296122296&40020=%2Fbaroleb%2F&40030=1280&40040=939&40050=1280&40060=1024&40070=Netscape&40080=false&40090=Mozilla&20100=248&40110=831&40120=5.0%20(X11)&20130=9563&20140=146&40150=Linux%20x86_64&40160=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&40170=true&40200=00U1D44V170L1X144V1702HX144W1703XD144U1704X1B44X1705V1N44W170J6X144X1707U1F44U1708Y14N4V170L9U144W1710XH144W1711PV144W1712XB144V171H3U144W171P4Y144W171P5X144X171B6W144W1717U14J4W1718VD144Y17&20210=&30220=Fri%20Dec%2009%202022%2012%3A40%3A49%20GMT%2B0000%20(Coordinated%20Universal%20Time)&20230=False&40250=1.5&40260=en-US&20270=http%3A%2F%2Fperfectwoodart.com%2Fbaroleb%2Ffront%2Flogin%2Fimages%2Frabobank_logo.png|0|0|undefined&20270=http%3A%2F%2Fperfectwoodart.com%2Fbaroleb%2Ffront%2Flogin%2Fimages%2Fgrayed-out-vc-nl.png|250|250|undefined&40280=undefined&30290=6&40300=undefined&99320=false&20310=http%3A&40330=undefined&20350=e%22%05%04%12%11%06%13R1%09%0EF%3A%09%09%5C*%02%19W6HJ%17%11%06%09%5D%3A%09%09%5C&30360=1&20370=%06p&20380=%05r%1B%5BNh&20390=d%20%0E%0FNh%0E_Tv%06%0E%01i%5BUUwV%0F%0BaX%06%0E%26Q%0A%019%0A%03%07%20_%5B%03%07YR%0F%7BUR%04iZU%05zQ%17A%10%1A%20R!%15(Z3%14%01V%2F%14%0EN%19%1D%13_%0A%03%17N%19%1D%13_%01%17%0AA%16%1A%1BK%2F%06%05U-%09%00R%3F%09%07N%0B%0B%0ES%3FW%0D%0A%3B%5D%06RpVX%00%3A%5CVSz%5E%5BSa%0DQVp%06%09Vh%0B_%07r8Z%07%60PU%0EuVY%00jQQK%02%12%1FZ%11%0C%1BK%02%12%1FZ%1A%18%06D%0D%15%17N%2B%20%15p%26%05%19q0%03%1BX-%1B%1FQ7%04%08E%20%08%0FW%24%23%0BR6%15%08%5D%3C%0DGX3%0F%0A%5E%3D%06%1Bd%20%0E%0FNh%0E_Tv%06%0E%01i%5BUUwV%0F%0BaX%06%0E%26Q%0A%019%0A%03%07%20_%5B%03%07YR%0F%7BUR%04iZU%05zQ%17A%10%1A%20R!%15(Z3%14%01V%2F%14%0EN%19%1D%13_%00%03%17N%2B%1D%05Z*%13%17%7B6%04%08P%24%02%05N%3B%09%09T%26%0B%17s6%06%12%5B%26%15%0E%5C%24%3B%04%5E%27%1B%5BT%60%0BRV%26TZ%01j%0AS%06%27%5ER%029Q%02%01%22T%0AP%3CX%04%0FsV4%03mP_%05zQZ%00jZ%5E%01%3F%14%23%40%1F%0D%05E%00%0F%00N%3E%09%0BD%26%1B*G%2C%00.S%3F%1B*G%2C%00%25G%22%14%25%40%24%14%04C%26%039W9%0C%02E%3F%15%19N1%1C%04_1%02%0AV%3D%1A%1B~-%0B%04U%3F%0D%09%17.%02%1F%12%0A%09%09S%2C%0AK%60%3D%09%03R1%1B&20400=%06uP%5B%07%60QQ%03zW%5B%02&20410=&99420=7Cgk2Xhg&10430=
188.114.97.1404 Not Found 238 B URL HTTP/1.1 perfectwoodart.com/qsl/trans.gif?30010=0f8c5ae3132b41d990a9e6a3abd0c801_1588296122296&40020=%2Fbaroleb%2F&40030=1280&40040=939&40050=1280&40060=1024&40070=Netscape&40080=false&40090=Mozilla&20100=248&40110=831&40120=5.0%20(X11)&20130=9563&20140=146&40150=Linux%20x86_64&40160=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&40170=true&40200=00U1D44V170L1X144V1702HX144W1703XD144U1704X1B44X1705V1N44W170J6X144X1707U1F44U1708Y14N4V170L9U144W1710XH144W1711PV144W1712XB144V171H3U144W171P4Y144W171P5X144X171B6W144W1717U14J4W1718VD144Y17&20210=&30220=Fri%20Dec%2009%202022%2012%3A40%3A49%20GMT%2B0000%20(Coordinated%20Universal%20Time)&20230=False&40250=1.5&40260=en-US&20270=http%3A%2F%2Fperfectwoodart.com%2Fbaroleb%2Ffront%2Flogin%2Fimages%2Frabobank_logo.png|0|0|undefined&20270=http%3A%2F%2Fperfectwoodart.com%2Fbaroleb%2Ffront%2Flogin%2Fimages%2Fgrayed-out-vc-nl.png|250|250|undefined&40280=undefined&30290=6&40300=undefined&99320=false&20310=http%3A&40330=undefined&20350=e%22%05%04%12%11%06%13R1%09%0EF%3A%09%09%5C*%02%19W6HJ%17%11%06%09%5D%3A%09%09%5C&30360=1&20370=%06p&20380=%05r%1B%5BNh&20390=d%20%0E%0FNh%0E_Tv%06%0E%01i%5BUUwV%0F%0BaX%06%0E%26Q%0A%019%0A%03%07%20_%5B%03%07YR%0F%7BUR%04iZU%05zQ%17A%10%1A%20R!%15(Z3%14%01V%2F%14%0EN%19%1D%13_%0A%03%17N%19%1D%13_%01%17%0AA%16%1A%1BK%2F%06%05U-%09%00R%3F%09%07N%0B%0B%0ES%3FW%0D%0A%3B%5D%06RpVX%00%3A%5CVSz%5E%5BSa%0DQVp%06%09Vh%0B_%07r8Z%07%60PU%0EuVY%00jQQK%02%12%1FZ%11%0C%1BK%02%12%1FZ%1A%18%06D%0D%15%17N%2B%20%15p%26%05%19q0%03%1BX-%1B%1FQ7%04%08E%20%08%0FW%24%23%0BR6%15%08%5D%3C%0DGX3%0F%0A%5E%3D%06%1Bd%20%0E%0FNh%0E_Tv%06%0E%01i%5BUUwV%0F%0BaX%06%0E%26Q%0A%019%0A%03%07%20_%5B%03%07YR%0F%7BUR%04iZU%05zQ%17A%10%1A%20R!%15(Z3%14%01V%2F%14%0EN%19%1D%13_%00%03%17N%2B%1D%05Z*%13%17%7B6%04%08P%24%02%05N%3B%09%09T%26%0B%17s6%06%12%5B%26%15%0E%5C%24%3B%04%5E%27%1B%5BT%60%0BRV%26TZ%01j%0AS%06%27%5ER%029Q%02%01%22T%0AP%3CX%04%0FsV4%03mP_%05zQZ%00jZ%5E%01%3F%14%23%40%1F%0D%05E%00%0F%00N%3E%09%0BD%26%1B*G%2C%00.S%3F%1B*G%2C%00%25G%22%14%25%40%24%14%04C%26%039W9%0C%02E%3F%15%19N1%1C%04_1%02%0AV%3D%1A%1B~-%0B%04U%3F%0D%09%17.%02%1F%12%0A%09%09S%2C%0AK%60%3D%09%03R1%1B&20400=%06uP%5B%07%60QQ%03zW%5B%02&20410=&99420=7Cgk2Xhg&10430=
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /qsl/trans.gif?30010=0f8c5ae3132b41d990a9e6a3abd0c801_1588296122296&40020=%2Fbaroleb%2F&40030=1280&40040=939&40050=1280&40060=1024&40070=Netscape&40080=false&40090=Mozilla&20100=248&40110=831&40120=5.0%20(X11)&20130=9563&20140=146&40150=Linux%20x86_64&40160=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&40170=true&40200=00U1D44V170L1X144V1702HX144W1703XD144U1704X1B44X1705V1N44W170J6X144X1707U1F44U1708Y14N4V170L9U144W1710XH144W1711PV144W1712XB144V171H3U144W171P4Y144W171P5X144X171B6W144W1717U14J4W1718VD144Y17&20210=&30220=Fri%20Dec%2009%202022%2012%3A40%3A49%20GMT%2B0000%20(Coordinated%20Universal%20Time)&20230=False&40250=1.5&40260=en-US&20270=http%3A%2F%2Fperfectwoodart.com%2Fbaroleb%2Ffront%2Flogin%2Fimages%2Frabobank_logo.png|0|0|undefined&20270=http%3A%2F%2Fperfectwoodart.com%2Fbaroleb%2Ffront%2Flogin%2Fimages%2Fgrayed-out-vc-nl.png|250|250|undefined&40280=undefined&30290=6&40300=undefined&99320=false&20310=http%3A&40330=undefined&20350=e%22%05%04%12%11%06%13R1%09%0EF%3A%09%09%5C*%02%19W6HJ%17%11%06%09%5D%3A%09%09%5C&30360=1&20370=%06p&20380=%05r%1B%5BNh&20390=d%20%0E%0FNh%0E_Tv%06%0E%01i%5BUUwV%0F%0BaX%06%0E%26Q%0A%019%0A%03%07%20_%5B%03%07YR%0F%7BUR%04iZU%05zQ%17A%10%1A%20R!%15(Z3%14%01V%2F%14%0EN%19%1D%13_%0A%03%17N%19%1D%13_%01%17%0AA%16%1A%1BK%2F%06%05U-%09%00R%3F%09%07N%0B%0B%0ES%3FW%0D%0A%3B%5D%06RpVX%00%3A%5CVSz%5E%5BSa%0DQVp%06%09Vh%0B_%07r8Z%07%60PU%0EuVY%00jQQK%02%12%1FZ%11%0C%1BK%02%12%1FZ%1A%18%06D%0D%15%17N%2B%20%15p%26%05%19q0%03%1BX-%1B%1FQ7%04%08E%20%08%0FW%24%23%0BR6%15%08%5D%3C%0DGX3%0F%0A%5E%3D%06%1Bd%20%0E%0FNh%0E_Tv%06%0E%01i%5BUUwV%0F%0BaX%06%0E%26Q%0A%019%0A%03%07%20_%5B%03%07YR%0F%7BUR%04iZU%05zQ%17A%10%1A%20R!%15(Z3%14%01V%2F%14%0EN%19%1D%13_%00%03%17N%2B%1D%05Z*%13%17%7B6%04%08P%24%02%05N%3B%09%09T%26%0B%17s6%06%12%5B%26%15%0E%5C%24%3B%04%5E%27%1B%5BT%60%0BRV%26TZ%01j%0AS%06%27%5ER%029Q%02%01%22T%0AP%3CX%04%0FsV4%03mP_%05zQZ%00jZ%5E%01%3F%14%23%40%1F%0D%05E%00%0F%00N%3E%09%0BD%26%1B*G%2C%00.S%3F%1B*G%2C%00%25G%22%14%25%40%24%14%04C%26%039W9%0C%02E%3F%15%19N1%1C%04_1%02%0AV%3D%1A%1B~-%0B%04U%3F%0D%09%17.%02%1F%12%0A%09%09S%2C%0AK%60%3D%09%03R1%1B&20400=%06uP%5B%07%60QQ%03zW%5B%02&20410=&99420=7Cgk2Xhg&10430= HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=1800
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyqGpWJqy50K1Z84NKZorZOcJQlVEfjka%2F7yR%2BvjJs4EHxEkRBCrVcuTgSB8BX2rDt1AOXgqX6WS%2BlxpntsTBZ6UkHMlabLAisUE5M0G0jHCGWgvgb%2Feocxsu8k3dxAHrcCgg2M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776dcfc4bebbfac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
bankieren.rabobank.nl/rabo/sam/staticcontent/vrs_13_6_12_5_202004281602/newdesign/images/rabobank.svg
95.101.10.209404 Not Found 277 B URL HTTP/1.1 bankieren.rabobank.nl/rabo/sam/staticcontent/vrs_13_6_12_5_202004281602/newdesign/images/rabobank.svg
IP 95.101.10.209:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a8af6ab180afbfd7d737257520539dec
f76818ee1b83f3a6c25a1ebed48a86ab628df9f5
a1a8660c4995972d9b67243e5e9e3360652424b776c897e138d1dab4567226fe
GET /rabo/sam/staticcontent/vrs_13_6_12_5_202004281602/newdesign/images/rabobank.svg HTTP/1.1
Host: bankieren.rabobank.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://perfectwoodart.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Apache
Content-Length: 277
Content-Type: text/html; charset=iso-8859-1
X-Frame-Options: SAMEORIGIN
Date: Fri, 09 Dec 2022 12:40:50 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Set-Cookie: BIGipServerpl_bankieren-rabo.rabobank.nl-80=!iCyK6Jfz17pzeZ7jA4pmO9EQrEtox2QAmfUFZsIE4X4QPKyXPOpF0LGP5UP+oZ+541jGY1GOuQf7Tg==; path=/; Httponly; Secure
ak_bmsc=116C77E47EB05D40F1C7B72EA06CBB5D~000000000000000000000000000000~YAAQzQplX51vbHyEAQAAbhfn9hIyecp/W8vc0LE/dKn2+4avsWfSHkqtsxNZdOtOmzeA6QaCpbdrU4diY5YGQEv48MyEPwDi6wAGhlVwk06Z1oDibefdsv1RkJEuFImFu9MGF9zdI42Mgk6duskrfDOPw2kThSh0OaxEGjqFvC82inxYHih77uqMIuHLnclz+K8A5WWJNo48HhWg33S3FZCcX0WdNtQzAyEMTlxvol/081fLPnVRuGwD0KIv0QpympRWIBIZ0eeF+fnndBwEP/Uz7uYAZmc/WRI+bspMKjKPjLjNKZiTm1IemaEkboEWRT4fZB1L9mPtJIzCglCFO/OzefubgSss1jC5vkDhobohawaA3xdHK0MruX6IAlV9; Domain=.rabobank.nl; Path=/; Expires=Fri, 09 Dec 2022 14:40:50 GMT; Max-Age=7200; HttpOnly
perfectwoodart.com/baroleb/front/login/images/favicon.ico
188.114.97.1404 Not Found 238 B URL HTTP/1.1 perfectwoodart.com/baroleb/front/login/images/favicon.ico
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5945c4d5e4298d818d50d70865f2857
f35c3593933af2db1933093809ef78f45b9b7144
d2a3f46998410a6fa09375f2813da63aa04bbc6caae20e770da12530ba881b38
GET /baroleb/front/login/images/favicon.ico HTTP/1.1
Host: perfectwoodart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://perfectwoodart.com/baroleb/
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 12:40:50 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=1800
CF-Cache-Status: HIT
Age: 21
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCyRJQKvRcbddGGwOm%2F5gRVMbypYuH0%2FVQtBIvb7iOcQtKh%2F0xAOGjZhPr27Pu3wHMmN%2B9WHPl8lr5vxAzoe4BXx78G%2FuxJnm0jMOrgkstjdW0kc3qdmrvdxfQSEJ5xSuN5iDdo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776dcfc59f54fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60