secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
155.94.169.251301 Moved Permanently 360 B URL HTTP/1.1 secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 10b704ba3aeea40fcc669e4bbbaf1bda
2dcc6f508f88dced11112ccb38697d919010f835
01b40490d392c3100ed410d9a282e2d2fb958062a5c80998fba9d4420ac28174
Analyzer Verdict Alert quad9 Sinkholed
GET /all/login.php?idsmt=10123005600&nextfunck=10130550000 HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Dec 2022 09:56:06 GMT
Server: Apache
Location: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Content-Length: 360
Connection: close
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15501
Expires: Thu, 22 Dec 2022 14:14:27 GMT
Date: Thu, 22 Dec 2022 09:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04c14564c7083355371e41c5a09acada
ea488e34661be5420c798c7e26f193b4dee7bb37
d7e5c37d8e6cbed236670d050f84f288539642f7a41a54b0abd39357f7c42232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E5C37D8E6CBED236670D050F84F288539642F7A41A54B0ABD39357F7C42232"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13793
Expires: Thu, 22 Dec 2022 13:45:59 GMT
Date: Thu, 22 Dec 2022 09:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f4b32de26d9af2cba6afcdcf716d3fb8
644ead4436a8f2fc1f0dd25e4484b64f6ed63347
525123034cb53d750d5ebd487015911452d2cd3c34301e6628f2f52f3f0bfc88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "525123034CB53D750D5EBD487015911452D2CD3C34301E6628F2F52F3F0BFC88"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4358
Expires: Thu, 22 Dec 2022 11:08:44 GMT
Date: Thu, 22 Dec 2022 09:56:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 09:46:01 GMT
content-type: application/json
age: 605
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KUtOUwx/L4T5s6q0kGH1ZPogZWOvMJzdeEdR79fLjdWEYw6xMMyzMGqxp3CjP+3BP1i6aAdsN0E=
x-amz-request-id: YMAK2WDJW4E6573Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 09:55:44 GMT
age: 22
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 09:56:06 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50577e948864555add7d9997843028d0
cdfb4a2a71d57c995539728d4010c6202e5c5b74
827adcae0945a7fefe25fbdc301c868a2ad024f38a19b1cc91c694c3a9f741d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "827ADCAE0945A7FEFE25FBDC301C868A2AD024F38A19B1CC91C694C3A9F741D6"
Last-Modified: Thu, 22 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Dec 2022 15:56:06 GMT
Date: Thu, 22 Dec 2022 09:56:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 09:08:02 GMT
age: 2884
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
155.94.169.251200 OK 4.9 kB URL HTTP/2 secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1313)
Hash baab97fdd469f5fd65a9e2a8a45a1132
d7a2d6e8c8a69741c6ad3e56c2c6e9c095bd6c3f
736197d5c24935fc11669d3f68693f679851323c17f963cfe3b12f20d43bbf93
Analyzer Verdict Alert quad9 Sinkholed
GET /all/login.php?idsmt=10123005600&nextfunck=10130550000 HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:06 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-length: 4922
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 181
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 09:56:07 GMT
Etag: "63a2ccaa-1d7"
Last-Modified: Thu, 22 Dec 2022 09:53:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
secure02echase.com/all/mds-chase-icons.css
155.94.169.251200 OK 4.8 kB URL HTTP/2 secure02echase.com/all/mds-chase-icons.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (25162), with no line terminators
Hash 746d858117ccf6e4d25bd417f8b80766
15c9b2be76b2ea3af4e96154fd86f9a5b40358ce
ea31d1feb9fc21b2fbddded636f94a0c8d919e5d9f4f05aedfa5803fe754c060
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/mds-chase-icons.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:30 GMT
etag: "624a-5ef6a04d20d80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4824
content-type: text/css
X-Firefox-Spdy: h2
secure02echase.com/all/mds-chase-icons-1.css
155.94.169.251200 OK 5.1 kB URL HTTP/2 secure02echase.com/all/mds-chase-icons-1.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (327), with CRLF, LF line terminators
Hash 5f9fc1570d61e6b29db49ed10dd943bc
3cc1cc1433e4c359cb516c9306ed72d237457c1b
ee561e0d62b0f6ac01b9e882373429be1c68eb945ac26b874950f1e96363c46d
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/mds-chase-icons-1.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:35 GMT
etag: "7cee-5ef6a051e58c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5091
content-type: text/css
X-Firefox-Spdy: h2
secure02echase.com/all/iconfont.css
155.94.169.251200 OK 326 B URL HTTP/2 secure02echase.com/all/iconfont.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
Hash 451ebb08d01e77241a07e3f5f1c96880
5109626cc1ca8535661170b9f0da099e1c3ab0cb
4d40c2b6deedcdaed7e3129bcd279b0b68a4618187c9972cc28f161d50cfe8d3
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/iconfont.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:24 GMT
etag: "2fe-5ef6a04768000-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 326
content-type: text/css
X-Firefox-Spdy: h2
secure02echase.com/all/layer.css
155.94.169.251200 OK 2.8 kB URL HTTP/2 secure02echase.com/all/layer.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (14271), with no line terminators
Hash 6497813545cf90650ae10de86c63d726
c85b41a63fb9c30662fd8562e1b5e904861efd32
b10eff28060fadecc17553df8fc74874fa5aa42d95c2c1942f0b4297e59bea01
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/layer.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 21:35:15 GMT
etag: "37bf-5ef6bede06ac0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2789
content-type: text/css
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.50.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.50.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EsDUmdmKD9/oTH+MSHYRvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YIiLOe9lObqXTU5kVraweCw4ItA=
secure02echase.com/all/logon.css
155.94.169.251200 OK 23 kB URL HTTP/2 secure02echase.com/all/logon.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with CRLF line terminators
Hash cb11fd10805d563bb0708ecb938214ed
69f707a0c5531d1233acba8817aea3e5b78c94a7
ebe2797059f6398129f7b9b9fd0f8db3154ee3c0fdb60fbb5da5ea5804d1a5f4
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/logon.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:29 GMT
etag: "3095a-5ef6a04c2cb40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 23418
content-type: text/css
X-Firefox-Spdy: h2
secure02echase.com/all/PayPay1_files/layui.js
155.94.169.251404 Not Found 265 B URL HTTP/2 secure02echase.com/all/PayPay1_files/layui.js
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cc7fdf1f691155bec9545e6a2f7265c4
ebd78248b41a725fe49de5f662a4322758bb41a7
cb69619ab2398895bd9f826eec6eb28f314e3451daa6d81ad636da011393c58b
Analyzer Verdict Alert quad9 Sinkholed
GET /all/PayPay1_files/layui.js HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
content-length: 265
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
secure02echase.com/all/blue-ui.css
155.94.169.251200 OK 60 kB URL HTTP/2 secure02echase.com/all/blue-ui.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ffe91b86c1c270edcc00506104e1312
8ecebc81d51669d21fbf6fa801b667dbce4e73dc
780749cc8798da1b6249680bc5dd9f64b95f70d142f764ee839766227dd9b95c
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/blue-ui.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:46 GMT
etag: "7c888-5ef6a05c63180-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 60518
content-type: text/css
X-Firefox-Spdy: h2
secure02echase.com/js/bootstrap.min.js
155.94.169.251200 OK 15 kB URL HTTP/2 secure02echase.com/js/bootstrap.min.js
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (59893)
Hash f236cc80370139ed4d1587ef5ff6296f
dd802df8719dd40d40d191cd7d6630524d17813d
0340a26dbf5e696d2177ae3e33cfbc23ea745f09086939c751563f444e84b310
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Tue, 14 Sep 2021 12:56:19 GMT
etag: "eb0e-5cbf41b98a2c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14890
content-type: application/javascript
X-Firefox-Spdy: h2
secure02echase.com/all/PayPay1_files/jquery.mask.js
155.94.169.251200 OK 5.4 kB URL HTTP/2 secure02echase.com/all/PayPay1_files/jquery.mask.js
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with CRLF line terminators
Hash e256bdbd5391190e237de460dcdb7c8e
a5b4bf00dc414f85eb3da248c431e407fcb2cbd0
93c7b7801d4e1d607535244eabe27ad27071436b0a0fa4ad9deacaea97dd8582
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/PayPay1_files/jquery.mask.js HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Mon, 22 Nov 2021 01:18:17 GMT
etag: "51f1-5d1566648e840-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5436
content-type: application/javascript
X-Firefox-Spdy: h2
secure02echase.com/all/bootstrap.min-1.css
155.94.169.251200 OK 19 kB URL HTTP/2 secure02echase.com/all/bootstrap.min-1.css
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (65317)
Hash 682743622842e56d45d8aab4d26a099a
bcd76c4d40138fda784e3fb28c5f37a22d214cc8
6dd1f42f57a7a6f8c1fb1ca262ca8f66ccce0fe536e6a8ba68115710283b8823
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/bootstrap.min-1.css HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Mon, 04 Jul 2022 08:13:14 GMT
etag: "244d3-5e2f64eb6fa80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 19336
content-type: text/css
X-Firefox-Spdy: h2
secure02echase.com/js/jquery-2.0.3.js
155.94.169.251200 OK 73 kB URL HTTP/2 secure02echase.com/js/jquery-2.0.3.js
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
Hash f10ea117b3d55627897986c40bd69ddd
d4a133672db8977f9cf1e89bdc25717ff2d199cb
1c709811b3c93362cc464f22453d968362035b9b1d1f282996f669f490e1112f
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery-2.0.3.js HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:07 GMT
server: Apache
last-modified: Sun, 18 Jul 2021 05:04:04 GMT
etag: "3d45b-5c75ebfe71900-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
secure02echase.com/all/wordmark-white.svg
155.94.169.251200 OK 645 B URL HTTP/2 secure02echase.com/all/wordmark-white.svg
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d9f9bf9d31b5f774a174920f02af0cbd
32207860ceec665b5e3e43cb93964942d8c95494
152fa82655f284db8ec59d3a30631f9ebdb0e2ef44e94801d0a569881f39f956
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/wordmark-white.svg HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/logon.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:08 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:41 GMT
etag: "581-5ef6a0579e640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 645
content-type: image/svg+xml
X-Firefox-Spdy: h2
secure02echase.com/all/background.desktop.night.1.jpeg
155.94.169.251200 OK 251 kB URL HTTP/2 secure02echase.com/all/background.desktop.night.1.jpeg
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 251 kB (250869 bytes)
Hash 72a6492d3f96c760ca98b05b6d5cea1d
64977699bf5674c350bba40bbaa7547826b88bae
38e6598d39689b79c8b1d3ee5f56288db872835c66b19abe44056a13e34c8c64
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/background.desktop.night.1.jpeg HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:08 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:44 GMT
etag: "3d3f5-5ef6a05a7ad00"
accept-ranges: bytes
content-length: 250869
content-type: image/jpeg
X-Firefox-Spdy: h2
secure02echase.com/all/iconfont.woff2
155.94.169.251200 OK 1.8 kB URL HTTP/2 secure02echase.com/all/iconfont.woff2
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type Web Open Font Format (Version 2), TrueType, length 1764, version 1.0\012- data
Hash 149d6919c1eb2599dbd5f575478c8c64
47955ddcc0e6bff243f00130f000cc10c295146d
3b3c06b3c41cff82c5521167409ed14c1c51b1ff356a8665540c92876d248f42
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/iconfont.woff2 HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://secure02echase.com/all/iconfont.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:08 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 19:18:27 GMT
etag: "6e4-5ef6a04a446c0"
accept-ranges: bytes
content-length: 1764
vary: Accept-Encoding
content-type: font/woff2
X-Firefox-Spdy: h2
secure02echase.com/all/dcefont.woff
155.94.169.251200 OK 53 kB URL HTTP/2 secure02echase.com/all/dcefont.woff
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type Web Open Font Format, TrueType, length 52572, version 1.0\012- data
Hash 246d7cde27d09b7212e3528b6323cef7
45043cf1de108bb0dd2ecaf98d6467f43c25624d
d53f74cb74bb7738f0fa226ead6ddd70a5de9cc9d6ee48034fc2d1f8204aceb4
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/dcefont.woff HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://secure02echase.com/all/blue-ui.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:08 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 21:48:19 GMT
etag: "cd5c-5ef6c1c9b4ec0"
accept-ranges: bytes
content-length: 52572
vary: Accept-Encoding
content-type: font/woff
X-Firefox-Spdy: h2
secure02echase.com/all/chasefavicon.ico
155.94.169.251200 OK 2.5 kB URL HTTP/2 secure02echase.com/all/chasefavicon.ico
IP 155.94.169.251:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash af845ef020447308e234adc394188b88
aa7d30726dae96bfaa1cc5d346ee972a8a274f65
6c3377e59243258658657f4c0b960e7cfe4ee83b14b08faad40a4cb42d53058a
Analyzer Verdict Alert urlquery phishing Phishing - Chase
quad9 Sinkholed
GET /all/chasefavicon.ico HTTP/1.1
Host: secure02echase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure02echase.com/all/login.php?idsmt=10123005600&nextfunck=10130550000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 09:56:08 GMT
server: Apache
last-modified: Fri, 09 Dec 2022 21:48:17 GMT
etag: "7d26-5ef6c1c7cca40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2460
content-type: image/x-icon
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6337
Expires: Thu, 22 Dec 2022 11:41:45 GMT
Date: Thu, 22 Dec 2022 09:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6337
Expires: Thu, 22 Dec 2022 11:41:45 GMT
Date: Thu, 22 Dec 2022 09:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6337
Expires: Thu, 22 Dec 2022 11:41:45 GMT
Date: Thu, 22 Dec 2022 09:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6337
Expires: Thu, 22 Dec 2022 11:41:45 GMT
Date: Thu, 22 Dec 2022 09:56:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6337
Expires: Thu, 22 Dec 2022 11:41:45 GMT
Date: Thu, 22 Dec 2022 09:56:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d81b288-3215-4c0a-9f38-5509325a16d0.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d81b288-3215-4c0a-9f38-5509325a16d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78d5e2b5232350fed7e8ef1add5ee7c9
22dd32b26881e083c66b511c48cdec4a33f22b34
366034eac74e6066f9b1ef73516ab68928b75ba7fedba1676f7b2fc6f6ce6ab7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d81b288-3215-4c0a-9f38-5509325a16d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4307
x-amzn-requestid: 31763ca5-b9f6-443e-b9ff-182920e22a9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCLGE5CoAMFxsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37d7a-2b2e9aeb17148a4317c96c62;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:41:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LjI28BIECiPSKdciM6NXXml5CBFLvc16KNgj9IBrWkEwaEH8mqJFbA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:57 GMT
etag: "22dd32b26881e083c66b511c48cdec4a33f22b34"
content-type: image/jpeg
age: 43331
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F743a20e0-8fa8-4f0d-a2d1-8daba4b14e8c.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F743a20e0-8fa8-4f0d-a2d1-8daba4b14e8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d38ef34d93be3d43e11e9d64a419a1be
1e5712d83360b5c2073d422ba21160b86b3f55d7
a8017c2122c268d971420a7b79baec22ed16eb5f429829e3b126c581ae4916f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F743a20e0-8fa8-4f0d-a2d1-8daba4b14e8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3778
x-amzn-requestid: 40c9f289-af55-4826-a8de-8a725fa7a8ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_BF0koAMFwpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-6b08a4826a0c265076fe1a1d;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U0NpRoCUvPz216gsM6JzAtJkcJ_uCtnJxk3I27V-1txdRG3VcSp0tQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 22:01:32 GMT
age: 42876
etag: "1e5712d83360b5c2073d422ba21160b86b3f55d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dd6622433d537fbb91a04bd3b57d873
552f216608b819b4f65f0574e421f4a761f0d721
5e9b03133d928378a775ab52ec6e58cd7753aa2975a4966534353c0d6bc46af5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 20d9459a-710b-4fcf-bfce-9f0c5f513740
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEqGPnoAMFcDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12884-4a93ab9047181db109d328e2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qFwWS-f0U1hSbrFFgBiGNzXRvZyvR90n_MI7jfYfWsyv2W6jH8D-9w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 03:23:59 GMT
age: 23529
etag: "552f216608b819b4f65f0574e421f4a761f0d721"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aebfd5a-806b-4e2e-974a-11e1bcbc87f0.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aebfd5a-806b-4e2e-974a-11e1bcbc87f0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9e9d416fa9388713c2bb7f997c50eed
2e19748df20da1a2b4019daa4fc7ce36963fd7ec
2d676d0c23e9f91941e647de1c10f7da417c197db85b92d1f443e4d171648008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aebfd5a-806b-4e2e-974a-11e1bcbc87f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6715
x-amzn-requestid: 0b164971-4278-4b5b-9fe6-e8eb2728817d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCMdHFWIAMF_2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37d82-24149886262fd01b6484ebad;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:41:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k_xUwbjKELrAone9goEZcE2A1-6OhNivC4ww1EUWuBVgJW-2y7_VIw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 21:53:44 GMT
age: 43344
etag: "2e19748df20da1a2b4019daa4fc7ce36963fd7ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd72f58a8fdce6925df77081a95c951b
625acc5e8257f47f745fd5a1b5d43d10f2df0d81
20f5fcc7bd72d44b0fff58e12b4ab025082e55e2d86e2bd48d740f091b84a86a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1aefd95-d51b-4642-ab89-11a7030455cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8860
x-amzn-requestid: 07acc052-7112-4844-8b9b-07ae6d36bde9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dfBrAGUTIAMFzrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a2afdf-5152438d378586f94911a722;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 07:03:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 42te3BPiP1bi8_OjGDaCyB2CmgiKE3K1eRiHM5v0q-LDImFrapUAfA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 07:14:17 GMT
age: 9711
etag: "625acc5e8257f47f745fd5a1b5d43d10f2df0d81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1aa2fe21cd79bf1faaac0272119678d0
d23357441546e2f09f28f23407c81a52c01b9a22
ea050bbd73c13bcbac664baa5ae51a92277e1b1d1b8e7b0a4e18b46b4d20f3e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65e2add8-ea05-4111-9858-24c4f0d437a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8433
x-amzn-requestid: 4fed41bb-f868-49cd-820a-2dadcd2baace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabuOHIBIAMF04w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d98e-46ab81065bf0f6d157b16b13;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: guDXekCSbwPS-EwHHTdEyLjAI0KW3nrOMs3X80AE2TBrL1TsICefPg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 22:09:35 GMT
age: 42393
etag: "d23357441546e2f09f28f23407c81a52c01b9a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01873799-f599-4f82-a53f-277ef7496596.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01873799-f599-4f82-a53f-277ef7496596.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a690552536ccc61e7bec94d9a15042e
413ca0f3801920896cb63f55a2e77ff896b10128
4e5cf75249af308c3fe579c0b11ccb6bd3bfeee1f13229bf709df30afad835ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01873799-f599-4f82-a53f-277ef7496596.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10977
x-amzn-requestid: d4c0e7f1-8056-4a56-b37c-dd36f2b5227c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhBhQFrBIAMFrxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37c6e-2b85071e123524dc6c69bdea;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V5-mY-CnuJztKyXcVEfJj_FPIkG1UCNjhwCpMja_LC4IaJqcK3Tehg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 22:07:35 GMT
age: 42520
etag: "413ca0f3801920896cb63f55a2e77ff896b10128"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2