| www.123taxi.be/wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684 | 172.67.162.93 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.123taxi.be/wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684 IP172.67.162.93:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Navy Federal Credit Union | |
GET /wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684 HTTP/1.1
Host: www.123taxi.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 05:21:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 09 Dec 2022 06:21:53 GMT
Location: https://www.123taxi.be/wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDhoVJJQ3Us82pJMdR4BQuKEcms4bj%2B0ilhxkXNNcUBlEmbzkyUqsn8pm5WK6yBLvimtB4Ug6mcvRC%2F%2FrDlg%2FG4gw6L3djCpajg784q73vqwLUKwMTsJ2Loq1HC5FjbaGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b4cc44ee8b4ff-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf2acd891dc6eb1f09f57a2b086791781 1e2088306501a61edcca1ade62c4d54f23b3b083 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Fri, 09 Dec 2022 06:02:35 GMT
Date: Fri, 09 Dec 2022 05:21:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash388f6fea5bafa378266622b72311a6ee 447f102dc12172ce1ba44c5e94e1d7bb49d43372 a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19428
Expires: Fri, 09 Dec 2022 10:45:41 GMT
Date: Fri, 09 Dec 2022 05:21:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4ee537977be9c03702f8ffe0025bf1fe 21637881c4aa34c4add703f8bff4eff573159f45 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Fri, 09 Dec 2022 10:38:27 GMT
Date: Fri, 09 Dec 2022 05:21:53 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 05:08:17 GMT
content-type: application/json
age: 816
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash622c98d270cb76baf88bd00df0c5c273 c14a6f06c00ca70afe469af07784fb45e5af2acc 3c76a39cfbae535d433964ac0f54b5ed684818867929457b47a3b26537a36d28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3C76A39CFBAE535D433964AC0F54B5ED684818867929457B47A3B26537A36D28"
Last-Modified: Wed, 07 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3742
Expires: Fri, 09 Dec 2022 06:24:15 GMT
Date: Fri, 09 Dec 2022 05:21:53 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X3AJSqteC37BfgScS3ad0QxIA8fC5E/sdLCetQxidR/UQSRC09JIM/4NztG5P0WJg6uvzuF/3NU=
x-amz-request-id: WJVDR21FJVHFVNW8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 04:48:11 GMT
age: 2022
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 05:21:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash622c98d270cb76baf88bd00df0c5c273 c14a6f06c00ca70afe469af07784fb45e5af2acc 3c76a39cfbae535d433964ac0f54b5ed684818867929457b47a3b26537a36d28
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3C76A39CFBAE535D433964AC0F54B5ED684818867929457B47A3B26537A36D28"
Last-Modified: Wed, 07 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3742
Expires: Fri, 09 Dec 2022 06:24:15 GMT
Date: Fri, 09 Dec 2022 05:21:53 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashd61883097c47c0fcb4a15cafc5bdbdfc 54411aba43093cafd1cb2acea7c2b4c69184611f 0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:21:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6b8313f9e33695225653527e2d423cd7 f93d3c7e748b85edc6f0209e73813f13e5bf2070 9fbcb6376f48faf9fab6fada8876197456bb8c5c1c0b5c34b25dcfe323e18354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6292
Cache-Control: max-age=164544
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:21:54 GMT
Etag: "63928d1e-1d7"
Expires: Sun, 11 Dec 2022 03:04:18 GMT
Last-Modified: Fri, 09 Dec 2022 01:19:26 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI | 104.88.20.141 | 200 OK | 74 kB |
URL HTTP/1.1my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI IP104.88.20.141:0
File typeASCII text, with very long lines (65536), with no line terminators Hash44ddbd92b72584c7537465582c612a06 de24ca8ebebf5d2ece2085c576af5356620e5284 293b77be3223ec009ccd9f5146f6bb6fb75e6d3d0c7176f353448895071e50e4
GET /kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.123taxi.be/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 05 Dec 2022 18:22:40 GMT
ETag: "cfa67fe64baa6b7ad45ce09b137d4cda798867d7b0a74e48d015f278b6060cfd"
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 05:21:54 GMT
Content-Length: 74057
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad; path=/; Secure; SameSite=None; Domain=.navyfederal.org
_abck=95250E0997A934545215AEBA8A7F973C~-1~YAAQPDIQYBKBI3qEAQAAlTlV9QkQEuHBKdTsre2rVgNL+LX6lganW0tv2TW6/e6EpR6DNSX3KFMVsHzUg5fl1qDW14Zvdopg19W8Rb2lXb3tjGlkuK48Ksbg2/MGV1PbpWdhnoBQ2QKPFYkMOsJeMzyzENcHfOHkiGjw75MSP4AhqsNNhrWcUEZlPvqNBf7kQQ5T8Q6P6Qi9TKuoyPLec3VNmDQ9FtacyTooLAMO8qmlrNqihr+wXw4J2IZQE7xq8/VPwFMWL//kd6ALrEweoG3QhjqGxDU6553pFauKK4NdYq0a0/zElC/dlyh5yZRPx4fXVUr5dGUbbhTqn2J5h/sRmXhYVZfvko2rw9I/Ew83cxlL0+OnF3J7x00Bsoty2oM=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Sat, 09 Dec 2023 05:21:54 GMT; Max-Age=31536000; Secure
bm_sz=6ABD667B6D7E409785DA4A39F91F14C2~YAAQPDIQYBOBI3qEAQAAlTlV9RLYK0Kx3znJ7Fv3+LUG2Ms4i3VnHBkaL9NkbWF6jwkUB3tq+q88Mv/FvXBSIP9ni1GO0X6QvK5FXMFpbuHWsVJnhCmVqbqNa7l2IhSoA7u4SzQ5gMWH6HC59WaAGfUayy2vHhReBvnwIsPXhkqbf8ewvteSesiMoyFXVIcUVc4Z6rLSBckx5yJh3GcL1DbmDHWP60Ds8va8bJHuhBNwiCbn6jnJEq3PkLCHi6cjCOZROw+OS6J8b/LDZjV3I1lJfLFf0itrHOLN3LpmNnTtlRceD93VMQ==~3682625~3556400; Domain=.navyfederal.org; Path=/; Expires=Fri, 09 Dec 2022 09:21:54 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashd61883097c47c0fcb4a15cafc5bdbdfc 54411aba43093cafd1cb2acea7c2b4c69184611f 0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:21:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 05:07:55 GMT
age: 839
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 12 kB |
IP93.184.220.29:0
Hashda5d414d3778ef003b60fa5ba18de2ff 9ff2ab6b04defab304d5d80af06d11c3bdac29d8 701a74a6c328dfd73c5cfd19aa9dff2a6cc90462f955312daed8025b5d74534b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2364
Cache-Control: max-age=102262
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:21:54 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:46:16 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.43.58.150 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.43.58.150:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4OcF8Uyhk825PLXaB2SFJw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HXm2rbO1GMbIDucsm3WrMMhqlxw=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3529
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 05:21:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3529
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 05:21:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 05:21:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 05:21:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Fri, 09 Dec 2022 06:20:44 GMT
Date: Fri, 09 Dec 2022 05:21:56 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg | 34.120.237.76 | 200 OK | 49 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg IP34.120.237.76:0
Hash4274726271fd7a3257093605880fc155 96e39d75689c50686651579d1c7890f85397914a bd131257a4b8c963ad4d991e65e15eeedd849f7ba1b7a2cb12fe8d7ab98cb8e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: dfcef102-5fc6-4a59-bb21-ff0532c9fdda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlg4GtVIAMFdTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb605-0c2f58da0ae148fb4d698ecc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jQs6m8oGHeWNYbOnPM34f-YW75VuH0yNWU-TzoDMOkYcwGa9BfqBhA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:22 GMT
age: 27034
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8546542f00ea29ef4df6ab8d3c7c2164 5c8ffe91490006a9890188b53f875568c2b6bd8f 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7DwFYUoAI9x-ruRySpsSAXQZnxrXxUACrXp568TGZ2JSppZ1UC0uWg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:09:44 GMT
age: 79932
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp | 34.120.237.76 | 200 OK | 6.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp IP34.120.237.76:0
Hash410fb1083544975e99ba88bf69997d33 353ac4c44f12a4cf050d2ce8845b75282a311001 8373f5cf69fe3abc8e9cde57979ff672bbc48fb13fdccb9d310cacd7a2fe6207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8DqbjuQMX0JOMpduQ1-wy_B1a957NXgsAHrZc1OwUzsmqJRKfkEpoA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:06 GMT
age: 27170
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg | 34.120.237.76 | 200 OK | 4.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash44ed82780732ed682ee46b2df52b3ca2 0b3fe77e142178561b28c93b94b1aea2e1c395a5 383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0hIxbSpQqCv6Ud-7HmBaRxkFrdLYrV-Lr2u3nIzd8jPXpQ8E7ahp1g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 65028
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb1a13d12c326848d5b7adeb2562a35a5 d795c519ea637a213aab1d80daaf44ce5ad19069 f7b99c93b99268e1b2fa438d493cf23cd75a98833710ddd22b5278a76e9f019a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 05f49b7c-7c76-4df4-8258-c270078d8fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctl_TH-KoAMFkWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9fb-1971e1e0359763a96b4d320b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:06:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BEsmH1BkWu_c_-qHStWD1CT1Lx1AZVcw9tnLcoGZCmnjwFWdtB7BRA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:39:43 GMT
age: 67333
etag: "d795c519ea637a213aab1d80daaf44ce5ad19069"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfba9a3854df65740512f96efe7442e58 8fbff7725c842d70e047c635a725723a9dc9c55a 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 27032
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI | 104.88.20.141 | 201 Created | 38 kB |
URL HTTP/1.1my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI IP104.88.20.141:0
Hash80e52cd59cdea93661085a66d3b970ce 4dea8886be689e64d11c0970784af5836618baab ed09f0a19b21ca7deaaf9104957242f3110911fb37dc9ff186b7fc74df7fc9ea
POST /kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2338
Origin: https://www.123taxi.be
Connection: keep-alive
Referer: https://www.123taxi.be/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 18
Date: Fri, 09 Dec 2022 05:22:00 GMT
Connection: keep-alive
Content-Type: application/json
Strict-Transport-Security: max-age=31536000
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
_abck=23B7A3254AACA06BA89ECD36C620DD5B~-1~YAAQPDIQYBSBI3qEAQAAb1JV9QmhTP6ru4+hTSinUnObBcLmAinr2jS2rokOVnzzaUBcSnNlWko78Z0mwY695NCMpkSmJWnyjZYsETTAwpaDvb5HzRi2tGOiehdwLP+227tjCVQib8HVGJXoL+ix1JZn1dHbojC+Omum/URh7cbkXgh7jrortWwSlKX/mzCNsDTazF2F/ZdoqXRNGSj5ArWOSMJx+KeWTAsjcHVgus2hJUAXTcProkhqCY+mm+Wz+UW0+gZEoPsERtWGobay/RvMYB9Wo4XJjqAP/ifAop0Gj5VjVV2Hgay7Icbm1tRuU62Ij7tNaRh0Ij0Kc0B9SHBlM8smEKs93DDTCTCP7EYFsYHEUdCCPzqQWLsYWWq+Wow=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Sat, 09 Dec 2023 05:22:00 GMT; Max-Age=31536000; Secure
bm_sz=88B356C82255D55A2BBF46795CC06539~YAAQPDIQYBWBI3qEAQAAb1JV9RLcm7AkDtdRABvaORgjOOQT7Pd6y3yOQnImWGFBmEvFVCALH6HCDmdBtQr/xmCJ6RuL10JoXCOnk2F1mXDCQ0YN64Rclbbij5eJmwpUhsstbCVGL8vzuCUwZZs5i5yWrfmNoJp1bJgwdbkYo4x6k6I0pyQVBgFo3aOlv9k7VD5PYGrMOC6rgftErx1Ez7WJqsHQjYNl9YKAf2yzx+PWrFxR1fJDbViDaMhl8h2Aip1llTfjGD4oLk/TgWiLyZxUdMK6bDFD1TaNp5uIPG0bUnl9yzfmzQ==~3425334~3552580; Domain=.navyfederal.org; Path=/; Expires=Fri, 09 Dec 2022 09:22:00 GMT; Max-Age=14400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8f6ab0debac98d11413e20fa98ba8286 e63543ba0f3a685edf4d8fee3f587efd5417015f fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8f6ab0debac98d11413e20fa98ba8286 e63543ba0f3a685edf4d8fee3f587efd5417015f fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 | 142.250.74.35 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data Hash7cf79fbd1df848510d7352274efc2401 5540b5a26cc7dfe25294c4eabe011e2c6cd60143 bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.123taxi.be
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:38:22 GMT
expires: Thu, 07 Dec 2023 19:38:22 GMT
cache-control: public, max-age=31536000
age: 121418
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 | 142.250.74.35 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data Hash0ad032b3d07aaf33b160ac4799dda40f 06b931e0d0bf37f5037d9e66d6feedfddd21c0ba c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.123taxi.be
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:49 GMT
expires: Thu, 07 Dec 2023 19:28:49 GMT
cache-control: public, max-age=31536000
age: 121991
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8f6ab0debac98d11413e20fa98ba8286 e63543ba0f3a685edf4d8fee3f587efd5417015f fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 20 kB |
IP93.184.220.29:0
Hash2747b0d8dae47ff805e2e456443f7cf0 948125a5b7222a79eb3e06a06b2c6bf1ec375a4f 34716d605342c277d42b50fd6286a24f2864d7440d913d44da442032322ea410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166837
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:22:00 GMT
Etag: "6392aead-1d7"
Expires: Sun, 11 Dec 2022 03:42:37 GMT
Last-Modified: Fri, 09 Dec 2022 03:42:37 GMT
Server: nginx
Content-Length: 471
|
|
| my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI | 104.88.20.141 | 201 Created | 18 B |
URL HTTP/1.1my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI IP104.88.20.141:0
File typeJSON data\012- , ASCII text, with no line terminators Hashd9e31441c04c32264c6821f4ec958ca5 8516f62844b4264d3ccaab00350323d07b9c50ef fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2222
Origin: https://www.123taxi.be
Connection: keep-alive
Referer: https://www.123taxi.be/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 18
Date: Fri, 09 Dec 2022 05:22:00 GMT
Connection: keep-alive
Content-Type: application/json
Strict-Transport-Security: max-age=31536000
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
_abck=195B686C8DFC386147DC85B91E5CE84F~-1~YAAQPDIQYBaBI3qEAQAAi1RV9QmMuD/0LpnTZjAwzH2iSgqD5a60SwTs2BdD4J8oAWF9iFZU/ep2Ll/QTNxzhWzMVfG7af6e+UI+uKx9YYqs6B2/fh1NFMsVJnSKyUgBFvqSTOCwMmPjfAACvDGD2sBLX+gPF1gqducxJRzlbNOmAOMw0sKT4tk9yZH3Az7ci6tL2x15BQ5tcxcz6pVeITC7wMx3jjG5G+pHJ5LnpRnmnxOSmfoEpfjEuwGlXqmSdouh2D2mJ+RE1FE39aTFGnTwWzTsUML+Cpe3Itu75S33ll5NzlkB272YKzTooeronzMaHBZ0lUAD5a4qLye9+gImE+1lCl6eWj1p5ogm3Xoxb9VzRqxPMbGlupfgbA+K0Jo=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Sat, 09 Dec 2023 05:22:00 GMT; Max-Age=31536000; Secure
bm_sz=1AC3AB1090B2E7CE510D61F0B03FC46D~YAAQPDIQYBeBI3qEAQAAi1RV9RISr+vgWMlLjwoUUHnU16feW+UUJ7qwrVmCarqmrquOoFlo71SlV1FrM4PRts3MkUM4VvSB1l7Rxogbv2dxVCDQmsuz/GLWlm3krmlA/386ZWaNr8qacfgPxuhSlT3h+LjB4tCkmB2ZSIaJ0b7xXdexbSMCC+CKKhe7qYPAsZzcCZr37enxjos5AvbiTP0w2lhbgWhQK4iaUMGQBHcQDU2RouC19BAxI7AKEmdGx7VQsEAV1EvNd4FSSSX50Xqvr9WpBO48MEngsA7Q4MbGGTHIMdNraw==~3425334~3552580; Domain=.navyfederal.org; Path=/; Expires=Fri, 09 Dec 2022 09:22:00 GMT; Max-Age=14400
|
|
| rnemsg.navyfederal.org/ci/pta/logout | 147.154.117.92 | 302 Found | 25 B |
URL HTTP/1.1rnemsg.navyfederal.org/ci/pta/logout IP147.154.117.92:0 ASN#31898 ORACLE-BMC-31898
Hash3f8372f15e761c5f9e4ed6515f744df3 81a6e71371d2a46f6116e045fce6feb258b2d9f3 61c08f21cca5983f6f115bd91b9cc97bd29ef835d1cabed197d79fa7e1e7bd76
GET /ci/pta/logout HTTP/1.1
Host: rnemsg.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.123taxi.be/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 05:22:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
F5_do_compression: yes
Content-Encoding: gzip
RNT-JN-Ext-Machine: 43.4
Strict-Transport-Security: max-age=31536000
Set-Cookie: cp_session=fUcqR9W5qTcWqqaZsq4JxhJi0Ts9h4Mbhb9rbuBaB41NKmZXpDuku5s6Rr87_eQfNgdf7My7d1sN0m_ld3Q3wxy6p6JZTXRM3h5ecWaEkeVWzKVVAeo3PIeMcWZqDXNbdLDUqQ2iDLTKeyhnPXh3L9KTNGFTaCmachldhmmjtcC1Fay7fXEWC4UDBXYmPanhlx9f5ZGQfULG3cgM6bT5LdQ58E_TLbaMQFHgvWa_LQc_qtW88vdrOMN3zf8rvwGb~Hq__hSYzSaZv64MWEVMs3ZZI0vYdfBdLPyyZMzMMyyE7WSBoF3kGNdp1Tsaw3A46pXgvgw4ORyMZpFRMTQS5AqXkEfBq4nQlQQ9XtI3Ycgmjx0BATcR3FcLQf77B1RmCn_M~aMHMAd9n3o2vel_YLcRbSutRMYAImNZLGT2pTPBOTPX_LvkNKa3WOepdvpwqWZ5DWHExWkxsnsz7IlsFgILSBWESjtL1_vC2bYBxVElR_8QF1DWNnrQ!!; path=/; httponly; SameSite=None; Secure
cp_session=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
RNT-JN-Ext-UUID: a0f7d42d-1a7d-4853-9e36-7fbc405ea10e
RNT-Time: D=198230 t=1670563320978039
Location: https://www.navyfederal.org/images/spacer.gif
RNT-Machine: 0.75
|
|
| www.navyfederal.org/images/spacer.gif | 104.110.18.91 | 301 Moved Permanently | 0 B |
URL HTTP/2www.navyfederal.org/images/spacer.gif IP104.110.18.91:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/spacer.gif HTTP/1.1
Host: www.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.123taxi.be/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://web.navyfederal.org/images/spacer.gif
cache-control: max-age=86400
expires: Sat, 10 Dec 2022 05:22:01 GMT
date: Fri, 09 Dec 2022 05:22:01 GMT
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| web.navyfederal.org/images/spacer.gif | 104.110.18.91 | 200 OK | 43 B |
URL HTTP/2web.navyfederal.org/images/spacer.gif IP104.110.18.91:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /images/spacer.gif HTTP/1.1
Host: web.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.123taxi.be/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Sun, 02 Jun 2013 10:22:19 GMT
etag: "2b-4de29390cacc0"
accept-ranges: bytes
content-length: 43
cache-control: max-age=7776000
expires: Wed, 19 Oct 2022 10:22:27 GMT
content-type: image/gif
date: Fri, 09 Dec 2022 05:22:01 GMT
X-Firefox-Spdy: h2
|
|
| my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI | 104.88.20.141 | 201 Created | 582 B |
URL HTTP/1.1my.navyfederal.org/kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI IP104.88.20.141:0
Hash7d33e4517417a076f1d7d3a9163c80ce d8a002ca36f2e3928254eb039d4f24151694774a 61ecb69039e3c36fc3a4b5eef2a8cd78a8de555eb181df4db566488c2ea32eee
POST /kUoDOKP2bLJL/2f/SNcTjkuNBg/V3zYLSbtiQ/Bz5ACz8D/aF8NZF/kaOQI HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2346
Origin: https://www.123taxi.be
Connection: keep-alive
Referer: https://www.123taxi.be/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=15~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=cae747ade05e281795af67f85fdab8ad
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 18
Date: Fri, 09 Dec 2022 05:22:01 GMT
Connection: keep-alive
Content-Type: application/json
Strict-Transport-Security: max-age=31536000
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
_abck=0AE901FE398354BBE2E3795C6CC432F3~-1~YAAQPDIQYBiBI3qEAQAAj1ZV9Qk3eLrl+/sJA3i6oZn5TNd5SRcjxFS+cvZ+9SxidVBov8F62/c9UlrQyhiAp1WJJjToVOTdSzZ7JfwMeTSWOQVNXcGI6/9nvNaDo7YBgM8ex+nxxooQUBc27NLiCQZdJxV9qXbP4gLKvyV1qjLGsfWeAzuR4C/eYIDljHRMscvDhpDdzD4KSPge4V/cn/J+JcRUrtVSqg5dcD+6QHlVNvjd6w5oJzihMWYYUOuzdeiSjc4ttjgS0d8zTCpM/HU0jRlxw4IwIQyT+/+4NOgHSaAvtPE1e3ODe6MAyI8uB3bRsytHviKMIPoxDCwt3tbxTS5jK8VfuFw1cHKRJT/2AkLJBLZCGoSbXb3fMAZSB2I=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Sat, 09 Dec 2023 05:22:01 GMT; Max-Age=31536000; Secure
bm_sz=71450E46C81FB4F03024B8CFAB245B3C~YAAQPDIQYBmBI3qEAQAAj1ZV9RK3uZhReUx+NW6rUz0YI8Tnu1npoKMCZ49fGo1/1qfYHOZacPTqo4ZoI6/sQMMUlfMdVA6c3W9HVwKlEJKEdSno/9feWAeyS+Vjde7sZtz9O9jigpeEb0R/mekuAcoLSK5KTViw4OyUqT3t0oby/6YUvBUMSUVZgI6IQW8rsUoxvHHyDjFUD14H9ozCtOkWitl576/z7cPyk4/YYj56M8EDH+B3UvrMFeT5hyoi0+xgivtH7EDbOyy2hGr5UmX+62etNpIo8cHyYUDqWTNW5VJwkZq7+Q==~3617329~4277570; Domain=.navyfederal.org; Path=/; Expires=Fri, 09 Dec 2022 09:22:01 GMT; Max-Age=14400
|
|
| www.123taxi.be/wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684 | 172.67.162.93 | 200 OK | 0 B |
URL HTTP/2www.123taxi.be/wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684 IP172.67.162.93:0
Analyzer | Verdict | Alert | openphish | Navy Federal Credit Union | |
GET /wp-content/plugins/wordpress-seo/vendor_prefixed/wordproof/wordpress-sdk/build/e0f990c5ecd32439dda2e68f20b48e67/login.htm?cmd=login_submit&id=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684&session=1d2e5ad15a6f65e6f7d0ba0e4afc56841d2e5ad15a6f65e6f7d0ba0e4afc5684 HTTP/1.1
Host: www.123taxi.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:21:53 GMT
content-type: text/html
last-modified: Thu, 08 Dec 2022 20:45:25 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sR7JAZEelIz1scf4dCEXAT1CLZqu2JyPQANCxC3OwlL1U%2BvZfNLn4pvqlTmO26f8CDWA9DtKaPrbjwxG2oIGIAHIdxOatSKYevjSKbVXzjEAriYFq9K%2FaLDrwKPNOlddkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b4cc66c3db4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 IP142.250.74.106:0
GET /css?family=Source+Sans+Pro:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.123taxi.be/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 05:21:54 GMT
date: Fri, 09 Dec 2022 05:21:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|