r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13613
Expires: Fri, 09 Dec 2022 06:02:14 GMT
Date: Fri, 09 Dec 2022 02:15:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11884
Expires: Fri, 09 Dec 2022 05:33:25 GMT
Date: Fri, 09 Dec 2022 02:15:21 GMT
Connection: keep-alive
uthapatak.com/telekom/ios/oauth2/index.php
162.241.85.230200 OK 4.0 kB URL HTTP/1.1 uthapatak.com/telekom/ios/oauth2/index.php
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (894)
Hash d5d1fe31a4ca654e0fd2907691b4d975
e1f1b406ef032e72985c6e5b9124e354505c8f86
7f4b232693a819b3450e7d22528700dfef487e2f10b41867ba4d1d511ccf68f1
Analyzer Verdict Alert openphish Deutsche Telekom
fortinet Phishing
GET /telekom/ios/oauth2/index.php HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:17 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 3959
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6; path=/
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 02:08:16 GMT
content-type: application/json
age: 425
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10967
Expires: Fri, 09 Dec 2022 05:18:08 GMT
Date: Fri, 09 Dec 2022 02:15:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Znm6kOwNLKVGkSO4NQar3UPav2D8eEjdIiP3DiDhzP8pf9lr/tjvn/hlkH/HBRnb6lFV62/v2q8=
x-amz-request-id: K02FEKQ23078BDFK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 01:50:03 GMT
age: 1518
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 02:15:21 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
uthapatak.com/telekom/ios/static/factorx/css/login-24.05.1.css
162.241.85.230200 OK 5.0 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/css/login-24.05.1.css
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18251)
Hash 92b887e9c5d831f6d78bcc76a76e5283
47d51da9dcfa8d03e368fa327757e62927fe42c5
6a2fe57c91bebc4c329a40f7b66d6d5240da02ec89110b603e0092eea38db577
GET /telekom/ios/static/factorx/css/login-24.05.1.css HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4965
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 02:07:59 GMT
age: 442
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
uthapatak.com/telekom/ios/static/factorx/css/components.min.css
162.241.85.230200 OK 26 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/css/components.min.css
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65442)
Hash f705ef45900da1020a4616c016f65405
e561577d58ada68d73a7d6c70b27d78135e2bcff
e605b7a280ff604da092bb225ba87a7d2329cbdc20635da91a507076c266c4e6
GET /telekom/ios/static/factorx/css/components.min.css HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css
uthapatak.com/telekom/ios/static/factorx/js/jquery-matchheight-0.7.2.min.js
162.241.85.230200 OK 1.5 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/js/jquery-matchheight-0.7.2.min.js
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3284)
Hash 706053e9f4042ee76be1beb7033aecc6
e8a57bdc2a74a5b79baa0b26dda948931c331cc8
b839da54aa9e85dd39c4cb254bf4f9af6989f10ca6752dbbd0e35720a30c3be2
Analyzer Verdict Alert fortinet Phishing
GET /telekom/ios/static/factorx/js/jquery-matchheight-0.7.2.min.js HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1464
Content-Type: application/javascript
uthapatak.com/telekom/ios/static/factorx/js/login.js
162.241.85.230200 OK 4.9 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/js/login.js
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f7e3f1f645e2f3240f48f531f3cace7e
6b1f9e094b0e423a38a0432bf7f4a07eef62074d
41dec8d82179a8ef12b652476504de01223b07db01b7169040bd342278ba8caf
Analyzer Verdict Alert fortinet Phishing
GET /telekom/ios/static/factorx/js/login.js HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4940
Content-Type: application/javascript
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 97a4bd679323a05cfd94853ac6ce4041
93c21b6abc0ebd4889ae1d693dd32e0bcfc767ed
8a9179e5d9a4b6a74b283d217ee7c6ba1e335eb548b90fe2b42fbaa4933dfab5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:14:39 GMT
Expires: Tue, 13 Dec 2022 13:14:38 GMT
Etag: "93c21b6abc0ebd4889ae1d693dd32e0bcfc767ed"
Cache-Control: max-age=384556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776a3b886c19b511-OSL
uthapatak.com/telekom/ios/static/factorx/js/jquery-3.2.1.min.js
162.241.85.230200 OK 38 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/js/jquery-3.2.1.min.js
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32058)
Hash 158ed1f63711a0812b7c2b396cbaa6e7
1a6fe374f9c4963adc88db33dd128d324fceb9f2
811e8097bc41bb848b417ed7626ec9f8f8d8b682c664f8f2890ed4b57371e60b
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Telekom
fortinet Phishing
GET /telekom/ios/static/factorx/js/jquery-3.2.1.min.js HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
uthapatak.com/telekom/ios/static/factorx/js/components.min.js
162.241.85.230200 OK 31 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/js/components.min.js
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32048)
Hash df1ddb3f868e4feb9e1cf140613986ea
97635fe738ba98a556e20291662ccf69c7414b21
c2dcee51974e74f76eb3d181b339c8980a76951144e82f2a52a87d09abce7fa5
Analyzer Verdict Alert fortinet Phishing
GET /telekom/ios/static/factorx/js/components.min.js HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:21 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
xdn-ttp.de/lns/import-event-0746?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff
80.82.200.32302 Found 0 B URL HTTP/1.1 xdn-ttp.de/lns/import-event-0746?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff
IP 80.82.200.32:0
ASN #48173 The Unbelievable Machine Company GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Telekom
GET /lns/import-event-0746?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff HTTP/1.1
Host: xdn-ttp.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 02:15:22 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Location: https://lns-ev.xplosion.de/xdn-import/import-event?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff&partner=0746
Content-Length: 0
Server: Jetty(9.4.48.v20220622)
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4382
Cache-Control: max-age=115472
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 02:15:22 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:19:54 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
uthapatak.com/telekom/ios/static/factorx/images/services.png
162.241.85.230200 OK 23 kB URL HTTP/1.1 uthapatak.com/telekom/ios/static/factorx/images/services.png
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 270 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 70e3abc323721940a3fde12ec5a337cb
cd37490fee37309e370e0a4d73a29eac2b49d007
14977cb7057352ad7715b93dec52f4993fc16980836d03b64f79566e8c9bec22
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Telekom
GET /telekom/ios/static/factorx/images/services.png HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:22 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 19:06:57 GMT
Accept-Ranges: bytes
Content-Length: 22647
Content-Type: image/png
ocsp.telesec.de/ocspr
80.158.59.63200 OK 1.5 kB IP 80.158.59.63:0
ASN #6878 T-Systems International GmbH
Hash 8f032d19c20add458aed9dea0b1a393c
396721dfd7c9448e0637482db646aac5e93d27d9
466731d0c4e72a8aa849dd9df9ee056cc17c8e0b45193000cffa5c4062753a7f
POST /ocspr HTTP/1.1
Host: ocsp.telesec.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:22 GMT
Server: Apache
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: application/ocsp-response
Content-Length: 1479
Connection: close
ocsp.telesec.de/ocspr
80.158.59.63200 OK 1.5 kB IP 80.158.59.63:0
ASN #6878 T-Systems International GmbH
Hash 8f032d19c20add458aed9dea0b1a393c
396721dfd7c9448e0637482db646aac5e93d27d9
466731d0c4e72a8aa849dd9df9ee056cc17c8e0b45193000cffa5c4062753a7f
POST /ocspr HTTP/1.1
Host: ocsp.telesec.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:22 GMT
Server: Apache
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: application/ocsp-response
Content-Length: 1479
Connection: close
ocsp.telesec.de/ocspr
80.158.59.63200 OK 1.5 kB IP 80.158.59.63:0
ASN #6878 T-Systems International GmbH
Hash 8f032d19c20add458aed9dea0b1a393c
396721dfd7c9448e0637482db646aac5e93d27d9
466731d0c4e72a8aa849dd9df9ee056cc17c8e0b45193000cffa5c4062753a7f
POST /ocspr HTTP/1.1
Host: ocsp.telesec.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:22 GMT
Server: Apache
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: application/ocsp-response
Content-Length: 1479
Connection: close
ocsp.telesec.de/ocspr
80.158.59.63200 OK 1.5 kB IP 80.158.59.63:0
ASN #6878 T-Systems International GmbH
Hash 8f032d19c20add458aed9dea0b1a393c
396721dfd7c9448e0637482db646aac5e93d27d9
466731d0c4e72a8aa849dd9df9ee056cc17c8e0b45193000cffa5c4062753a7f
POST /ocspr HTTP/1.1
Host: ocsp.telesec.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 02:15:22 GMT
Server: Apache
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: application/ocsp-response
Content-Length: 1479
Connection: close
accounts.login.idm.telekom.com/static/factorx/images/data_protection.svg
62.157.140.200200 OK 673 B URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/images/data_protection.svg
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash ba732830349cf7e4d2bfbbdf64db1466
35c2682d012268440adda739df7f32a0f5985c0f
53637a2d4745687c07969427a743c6b9207b3ba6e261fa19a61cccaab46eb316
GET /static/factorx/images/data_protection.svg HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 06:16:22 GMT
accept-ranges: bytes
content-length: 673
cache-control: public
expires: Fri, 09 Dec 2022 03:15:22 GMT
sh: 111d007b5fbc0de380d01f5690ba5809
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cWaVJIAxXZxqzhUyjCL4+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0kznPAGfQoV2J+srlJYOV1stzq0=
accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-ultra.woff
62.157.140.200200 OK 53 kB URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-ultra.woff
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type Web Open Font Format, TrueType, length 53428, version 1.0\012- data
Hash 5c389a411627b7bedab70df1ef5e0ca2
9cd8f2eb2d2467258f17f51a10cd62dafb3bd9c6
3b6317d7c6288f6380f182e8bdc16b4cea82df91bc0f0209dfbce457b3e16910
GET /static/factorx/fonts/telegroteskscreen-ultra.woff HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uthapatak.com
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 05:40:33 GMT
accept-ranges: bytes
content-length: 53428
cache-control: public
expires: Fri, 16 Dec 2022 02:15:22 GMT
access-control-allow-origin: http://uthapatak.com
sh: 93af4dd1b134b2f36da439adedb1c728
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-woff
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-regular.woff
62.157.140.200200 OK 55 kB URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-regular.woff
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type Web Open Font Format, TrueType, length 54684, version 1.0\012- data
Hash 179dec2b30e30c5b09f10478ae273639
1fe138b840993579f42929090c7df61de1a63566
b80effdb6b1baee7ad8a926a027a9f085d0b91a1b52e3a8cf34e9a6b087aad97
GET /static/factorx/fonts/telegroteskscreen-regular.woff HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uthapatak.com
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 05:40:33 GMT
accept-ranges: bytes
content-length: 54684
cache-control: public
expires: Fri, 16 Dec 2022 02:15:22 GMT
access-control-allow-origin: http://uthapatak.com
sh: 93af4dd1b134b2f36da439adedb1c728
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-woff
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
accounts.login.idm.telekom.com/static/factorx/fonts/teleicon-ui.woff
62.157.140.200200 OK 2.7 kB URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/fonts/teleicon-ui.woff
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type Web Open Font Format, TrueType, length 2736, version 0.0\012- data
Hash 0902a6d34545258aa8a18f304ebae9ba
e0da40bd3f6723cea9cf0554fe6761378353ba48
3cf35b128c4c5dcd9bb0a12bcc009f2e46e382edec4737360a623d0052a6fe34
GET /static/factorx/fonts/teleicon-ui.woff HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uthapatak.com
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 05:40:33 GMT
accept-ranges: bytes
content-length: 2736
cache-control: public
expires: Fri, 16 Dec 2022 02:15:22 GMT
access-control-allow-origin: http://uthapatak.com
sh: 93af4dd1b134b2f36da439adedb1c728
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-woff
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-bold.woff
62.157.140.200200 OK 54 kB URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-bold.woff
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type Web Open Font Format, TrueType, length 53500, version 1.0\012- data
Hash a1f05af86de48779a73dda888042a2ca
3be31c9362c1bd05383d467a182958eaa079691b
dff75c72abbd5b70b8cf2acb31155760116d14517cc89b81d00285da85306497
GET /static/factorx/fonts/telegroteskscreen-bold.woff HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uthapatak.com
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 05:40:33 GMT
accept-ranges: bytes
content-length: 53500
cache-control: public
expires: Fri, 16 Dec 2022 02:15:22 GMT
access-control-allow-origin: http://uthapatak.com
sh: 93af4dd1b134b2f36da439adedb1c728
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-woff
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-thin.woff
62.157.140.200200 OK 58 kB URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/fonts/telegroteskscreen-thin.woff
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type Web Open Font Format, TrueType, length 58248, version 1.0\012- data
Hash 8b89ab4ea001775d72ba921b09ac4b96
f483b6124328aa884413f62396c7a75f18cf7204
3c3cff57406992d5b880806e120965b2a77f6a9ac1bbe7a781bfc9f752b4ab5c
GET /static/factorx/fonts/telegroteskscreen-thin.woff HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uthapatak.com
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 05:40:33 GMT
accept-ranges: bytes
content-length: 58248
cache-control: public
expires: Fri, 16 Dec 2022 02:15:22 GMT
access-control-allow-origin: http://uthapatak.com
sh: 93af4dd1b134b2f36da439adedb1c728
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-woff
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
accounts.login.idm.telekom.com/static/factorx/fonts/teleicon-outline.woff
62.157.140.200200 OK 8.8 kB URL HTTP/2 accounts.login.idm.telekom.com/static/factorx/fonts/teleicon-outline.woff
IP 62.157.140.200:0
ASN #3320 Deutsche Telekom AG
File type Web Open Font Format, TrueType, length 8824, version 2.200\012- data
Hash 5dc5e36d344b5d8876eb73f451d92e01
fd2835b1428970d8df70e0a29aef6417d60fbf7d
01fa42140c7fd1e43496b320027681e75123e8121c4ff52e7a390a4ec37d9379
GET /static/factorx/fonts/teleicon-outline.woff HTTP/1.1
Host: accounts.login.idm.telekom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uthapatak.com
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 05:40:33 GMT
accept-ranges: bytes
content-length: 8824
cache-control: public
expires: Fri, 16 Dec 2022 02:15:22 GMT
access-control-allow-origin: http://uthapatak.com
sh: 93af4dd1b134b2f36da439adedb1c728
p3p: CP="NOI CURa TAIa OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-font-woff
date: Fri, 09 Dec 2022 02:15:22 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6acd4e3e3aacc90d58c8253aa68cc7a9
e200e9ed5830ef3b6f486c9aad7398aa26290bb1
786fb47d24f3a2bc7946fd6ec2da87eba8df4882f20dd5733b458747295274a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "786FB47D24F3A2BC7946FD6EC2DA87EBA8DF4882F20DD5733B458747295274A3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1928
Expires: Fri, 09 Dec 2022 02:47:30 GMT
Date: Fri, 09 Dec 2022 02:15:22 GMT
Connection: keep-alive
pix.telekom.de/196380495960676/wt?p=441,www.telekom.de.privatkunden.login-idm-id,0,0,0,0,0,0,0,0&cg1=www.telekom.de&cg2=login&cg8=privatkunden&cg9=login-idm-id&cp19=653721ea-4998-4e08-8208-8d9e1dedf6ff
185.54.150.52200 OK 43 B URL HTTP/2 pix.telekom.de/196380495960676/wt?p=441,www.telekom.de.privatkunden.login-idm-id,0,0,0,0,0,0,0,0&cg1=www.telekom.de&cg2=login&cg8=privatkunden&cg9=login-idm-id&cp19=653721ea-4998-4e08-8208-8d9e1dedf6ff
IP 185.54.150.52:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /196380495960676/wt?p=441,www.telekom.de.privatkunden.login-idm-id,0,0,0,0,0,0,0,0&cg1=www.telekom.de&cg2=login&cg8=privatkunden&cg9=login-idm-id&cp19=653721ea-4998-4e08-8208-8d9e1dedf6ff HTTP/1.1
Host: pix.telekom.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uthapatak.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
set-cookie: wteid_196380495960676=4167055212200455733; Max-Age=15552000; Expires=Wed, 7 Jun 2023 02:15:22 GMT; Domain=.telekom.de; Path=/; Httponly; Secure; SameSite=None
wtsid_196380495960676=1; Domain=.telekom.de; Path=/; Httponly; Secure; SameSite=None
wt_nbg_Q3=!TglJvHvrlILA63+7MOh2eXQWYSomxta7tRCEG9NcbSLfoGOMuyfQyIRUyOlh6kKkNKUvk9AlCKrfqA==; path=/; Httponly; Secure; SameSite=None
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 09 Dec 2022 02:15:22 GMT
p3p: policyref="https://q3.webtrekk.net/w3c/p3p.xml", CP="NOI DSP IND COM NAV INT"
x-robots-tag: noindex, nofollow, noarchive
content-type: image/gif;charset=UTF-8
content-length: 43
date: Fri, 09 Dec 2022 02:15:21 GMT
server: c51ce410
X-Firefox-Spdy: h2
lns-ev.xplosion.de/xdn-import/import-event?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff&partner=0746
52.51.179.0204 No Content 0 B URL HTTP/1.1 lns-ev.xplosion.de/xdn-import/import-event?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff&partner=0746
IP 52.51.179.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Telekom
GET /xdn-import/import-event?zid=653721ea-4998-4e08-8208-8d9e1dedf6ff&partner=0746 HTTP/1.1
Host: lns-ev.xplosion.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uthapatak.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Date: Fri, 09 Dec 2022 02:15:22 GMT
Server: fasthttp
Connection: keep-alive
uthapatak.com/favicon.ico
162.241.85.230500 Internal Server Error 0 B URL HTTP/1.1 uthapatak.com/favicon.ico
IP 162.241.85.230:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Telekom
GET /favicon.ico HTTP/1.1
Host: uthapatak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uthapatak.com/telekom/ios/oauth2/index.php
Cookie: PHPSESSID=5cac3b941286acf00386c45db33feae6
HTTP/1.1 500 Internal Server Error
Date: Fri, 09 Dec 2022 02:15:19 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: close
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14736
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 02:15:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14736
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 02:15:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14736
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 02:15:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:48:13 GMT
age: 66430
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:39:07 GMT
age: 63376
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 33259
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d1605154a552a8c3165c1358ea2e185
2e677da1f57c112d984180ead80481e8797ff2e8
12b075ad3e786dc68ab3fab1e4ce9d6f7810bdebc7bdafd993e19bc5bc7c0abc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fa81aa5-4138-458e-9bd7-de9d6211763c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: e0d56100-13aa-44e5-ae80-bedfeece87db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwV19EUOIAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900359-5a5402381d61db921a00404d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ET6kgGgWAKa4_CFCgSwnN8m7FnplxP7zOp8lEyodxn5lmlIIHD4vQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:37:30 GMT
age: 77873
etag: "2e677da1f57c112d984180ead80481e8797ff2e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:42:37 GMT
age: 81166
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde6483ed-68c7-4999-8a46-9249a82ae253.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde6483ed-68c7-4999-8a46-9249a82ae253.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f04d1dc05d36822d7368cdb4d19316c9
5c611ceaf8d4c79edfe37a6201d40917cebeda28
a9336a736295e694564259c4806ed96a00d20844f78f2688ed28251e62a71ceb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde6483ed-68c7-4999-8a46-9249a82ae253.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: e8dc7a72-f5b3-48cd-a82d-353bace3ed7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F8GIAMFojw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-4c62a5ea0572081c44fd601c;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iiVTNich5HpqlSgfEWIjQ60wOiemqVrn8OyjLle_xLj8WP0yPsU-dQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:16:45 GMT
age: 79118
etag: "5c611ceaf8d4c79edfe37a6201d40917cebeda28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2