20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
20.199.19.234200 OK 18 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (805)
Hash de0cffb586fb3a709a01d8496e13da40
5f19e6b7f9a341375cd4a39c4aeb7b47252bf0f3
2fccb63d847b9eca1e0ac865b43955fba88be915addd27c97e01f1659e463989
GET /certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kall9z3Wf2gOOo0Y9ywU4b6sHChWD4SFoBaBpRLVJaPKdVAU3d0u4Q==
Age: 297
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6944
Expires: Wed, 28 Sep 2022 20:16:20 GMT
Date: Wed, 28 Sep 2022 18:20:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aSBeoscLx9nRRPgJg-FLX9tJhBP3HmIGp14ChVexfkMi79Ja7WYdSg==
age: 46330
X-Firefox-Spdy: h2
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/frame/login.php
20.199.19.234200 OK 7.7 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/frame/login.php
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (882), with CRLF line terminators
Hash 51ef66be088235f58a5af22e4ca473df
05dc8ba858e3ca1a3cf3c364fdd0c967e36c21d0
d5ad7110e1dbeeebc1f7ff8709f7900faab237052ac9c55aaba2a3cba47c1e88
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/frame/login.php HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
waust.at/s.js
104.26.5.7200 OK 3.5 kB IP 104.26.5.7:0
File type ASCII text, with very long lines (8514), with no line terminators
Hash 7ba20d7d8e8f534a8d4b3e4848ba40e8
9757fceb751a25322b2f62ae9e8b9918add51baf
8351897e53bf4e0419e84c7a50076de46c03faa8a16baed3cc999374bf95c0db
GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 29 Aug 2022 18:12:38 GMT
etag: W/"630d0196-2142"
expires: Thu, 29 Sep 2022 17:52:15 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 1700
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6YZMs4iv43AQv067GdiQOpX87fiQA2yN0mEZVr097qpFs50%2Bv7etjPWOjN84i%2FXDSAy9myFwye3Mt1k1UVVUMw2Bj0%2BOZ%2FpmO3ixKdm9dJf%2FD2f56qs%2F3u7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751e7e76993ab4f7-OSL
alt-svc: h2=":443"; ma=60
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download
20.199.19.234404 Not Found 10 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash a97007b126d740a417f50823c10f4ea1
530f608f6c6793591d6f0303b0699cd9d4fedff4
924806869648e7f9fc8f5a0bb6e7c213167b20c97f13d12afcefc99ebef4bdc2
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/translateelement.css
20.199.19.234200 OK 19 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/translateelement.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (18670)
Hash 15ab5dfc566a9a19f6e89a72b7819e43
064aac1e8bc5a26c5986e40659bc328157ec3b53
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
GET /certificate-verification/nemid-verifikation-her/all/translateelement.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 18724
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:20:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
20.199.19.234200 OK 46 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text
Hash d1aafd46c75fda47a8d4fc4292ec3fcc
d5570e9d09d74ca0b4495992fec5ef86573c4437
068ee6c88c6d2629f9a797dac9288490b736f0c944d9a46d566da7cd8f913a1b
GET /certificate-verification/nemid-verifikation-her/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Sat, 06 Aug 2022 15:29:08 GMT
Accept-Ranges: bytes
Content-Length: 46070
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
20.199.19.234200 OK 2.8 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2846), with no line terminators
Hash 91ca9eec9eed6ed945355d650bb10d41
7178a477a6cc3271d5e2927cd2737af55804f576
8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 2846
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg
20.199.19.234200 OK 2.3 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2285), with no line terminators
Hash 830ab2367a74a48b4e61ce97be19c0bd
79cde6c94cedde8c6ce414952a6f71841b890b77
6bb27299ef7a2f71792920ae936f4f0800cf1a43ff5f8b4c835233fde4c1e387
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 2285
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/empty-3857ebe69f653487f8c9d99adde4657f.svg
20.199.19.234200 OK 1.6 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/empty-3857ebe69f653487f8c9d99adde4657f.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1642), with no line terminators
Hash 3857ebe69f653487f8c9d99adde4657f
134737f1f8882726ef1b50546546fa9d1479207c
d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 1642
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
20.199.19.234200 OK 3.1 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3097), with no line terminators
Hash d0c0f9d25ebde42bbd552c8ad5363f01
97f08f3ee5a37bb5d291cf10fd8e5ce630467522
4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 3097
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/no-connection-83f79e2367a313b468986e12a237c346.svg
20.199.19.234200 OK 5.0 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/no-connection-83f79e2367a313b468986e12a237c346.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4974), with no line terminators
Hash 83f79e2367a313b468986e12a237c346
6b0d0f5df661c328a99aefa3b9388507f35d7fba
3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 4974
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/translate_24dp.png
20.199.19.234200 OK 825 B URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/translate_24dp.png
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 55ff382a8b09329e3230a1797eb8f5fd
026ae089006a674da7dcc9bf6b986c5d59e75478
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
GET /certificate-verification/nemid-verifikation-her/all/translate_24dp.png HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 825
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
20.199.19.234200 OK 3.1 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3104), with no line terminators
Hash 9bbd07dc81f3c2a11d2c7735b416ee18
41ee4ad48472fd2f93f765b87c77a606a04e5a00
a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 3104
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/banner.png
20.199.19.234200 OK 40 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/banner.png
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 828 x 300, 4-bit colormap, non-interlaced\012- data
Hash 6629cb5350d6f3276b2dccc43bd3f397
63d964e5caaa541475a4c2da976871a9f9986067
9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f
GET /certificate-verification/nemid-verifikation-her/all/banner.png HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/login.php?&return_url=4e0a0e74648fa3a0f673eb7c08a3e037&enrolmentid=730e3a80c7be376f0a3af84647e0a0e4?securessl=true
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Sat, 06 Aug 2022 14:35:04 GMT
Accept-Ranges: bytes
Content-Length: 40339
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
20-199-19-234.cprapid.com/assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
20.199.19.234404 Not Found 10 kB URL HTTP/1.1 20-199-19-234.cprapid.com/assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash d1121adc08e5008285a8364300ad5db6
c6ce41cc4a7a5ebf7393d5f8159b20e7330ae970
ab0f470b1146ddc14bed081299f7ceabf676981204ec4f8487c833a73210ee8f
Analyzer Verdict Alert fortinet Phishing
GET /assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
20-199-19-234.cprapid.com/assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
20.199.19.234404 Not Found 10 kB URL HTTP/1.1 20-199-19-234.cprapid.com/assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash aa84e3f561897f831ccc491bb6609529
90c85735bb4fdf5f1ccb047114d1792668dc4e27
0e67ce5deae40fd958dd361a77d79301f9ed37bf5ef267bcd1541ab66ffc2c78
Analyzer Verdict Alert fortinet Phishing
GET /assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/partials/js/jquery.js
20.199.19.234200 OK 272 kB URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/partials/js/jquery.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Size 272 kB (272155 bytes)
Hash 3f24e8505d471bd934a5a68b86971580
876bd436d3b3c1436a8ac17a654e38d062acf45e
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
Analyzer Verdict Alert fortinet Phishing
GET /certificate-verification/nemid-verifikation-her/partials/js/jquery.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/frame/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 07:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/1.1 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 1842
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 23 Sep 2022 01:28:26 GMT
Expires: Sat, 23 Sep 2023 01:28:26 GMT
Cache-Control: public, max-age=31536000
Age: 492730
Last-Modified: Thu, 14 Oct 2021 09:08:00 GMT
Content-Type: image/png
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f223fa125b213bb077462c7f3f58ece3
6a81e8cd48d9f797a73ada27d5bc2c0228566a47
c7b33556d128c77a2e82d121e935fc7b8ddc6c0b94981cfc236038deb650afde
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 17:56:50 GMT
Expires: Wed, 05 Oct 2022 17:56:49 GMT
Etag: "6a81e8cd48d9f797a73ada27d5bc2c0228566a47"
Cache-Control: max-age=602772,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751e7e798ac5b518-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 17:29:33 GMT
Expires: Wed, 28 Sep 2022 18:25:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zZ7wtSz46sHJrnIKv9YQlTTwpZZQk874-t_WOTSoZOwU_OtpVds3zw==
Age: 3063
whos.amung.us/pingjs/?k=e45fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fcertificate-verification%2Fnemid-verifikation-her%2Flogin.php%3F%26return_url%3D4e0a0e74648fa3a0f673eb7c08a3e037%26enrolmentid%3D730e3a80c7be376f0a3af84647e0a0e4%3Fsecuressl%3Dtrue&y=&a=0&d=0.608&v=27&r=5714
104.22.75.171200 OK 48 B URL HTTP/1.1 whos.amung.us/pingjs/?k=e45fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fcertificate-verification%2Fnemid-verifikation-her%2Flogin.php%3F%26return_url%3D4e0a0e74648fa3a0f673eb7c08a3e037%26enrolmentid%3D730e3a80c7be376f0a3af84647e0a0e4%3Fsecuressl%3Dtrue&y=&a=0&d=0.608&v=27&r=5714
IP 104.22.75.171:0
File type ASCII text, with no line terminators
Hash 520a8cf2cb3591817ca7f111619ddff0
b38e2ee829e36d5b6d07211c0c9fb96da35aa931
686b76c5dfa7aeb49a7b5dd7858856f6fd9aa7725bdc8582258db4ea76d60d8c
GET /pingjs/?k=e45fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2Fcertificate-verification%2Fnemid-verifikation-her%2Flogin.php%3F%26return_url%3D4e0a0e74648fa3a0f673eb7c08a3e037%26enrolmentid%3D730e3a80c7be376f0a3af84647e0a0e4%3Fsecuressl%3Dtrue&y=&a=0&d=0.608&v=27&r=5714 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751e7e794b18f162-ARN
t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fcertificate-verification%2Fnemid-verifikation-her%2Flogin.php%3F%26return_url%3D4e0a0e74648fa3a0f673eb7c08a3e037%26enrolmentid%3D730e3a80c7be376f0a3af84647e0a0e4%3Fsecuressl%3Dtrue&j=
158.69.139.237200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fcertificate-verification%2Fnemid-verifikation-her%2Flogin.php%3F%26return_url%3D4e0a0e74648fa3a0f673eb7c08a3e037%26enrolmentid%3D730e3a80c7be376f0a3af84647e0a0e4%3Fsecuressl%3Dtrue&j=
IP 158.69.139.237:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2Fcertificate-verification%2Fnemid-verifikation-her%2Flogin.php%3F%26return_url%3D4e0a0e74648fa3a0f673eb7c08a3e037%26enrolmentid%3D730e3a80c7be376f0a3af84647e0a0e4%3Fsecuressl%3Dtrue&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Sep 2022 18:20:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl2
Set-Cookie: m=1; Domain=dtscout.com; Expires=Wed, 28-Sep-2022 19:43:56 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 28-Sep-2022 22:20:36 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1664389236; Domain=dtscout.com; Expires=Fri, 06-Jan-2023 18:20:36 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 1.498
Expires: Wed, 28 Sep 2022 18:20:35 GMT
Cache-Control: no-cache
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 32dbf7aa615084fdb80488a6376df338
714311b77d4069edb6c4ef3123443f11b51ae43f
07b2f681033959b920b4389ffaf7c1db39c4c3ce6c02a68616198667b5f83f72
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "07B2F681033959B920B4389FFAF7C1DB39C4C3CE6C02A68616198667B5F83F72"
Last-Modified: Wed, 28 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Wed, 28 Sep 2022 19:20:13 GMT
Date: Wed, 28 Sep 2022 18:20:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1226
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:20:37 GMT
Last-Modified: Wed, 28 Sep 2022 18:00:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ae8a81c5afecfaef75678cb9dbd1791e
eb6b0fea97de6b2d5912c4acca905c25affd690d
851c7bfd3b032239ed2207cd7e824b3c290b4a8c396c190914c7b29e2f847210
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "851C7BFD3B032239ED2207CD7E824B3C290B4A8C396C190914C7B29E2F847210"
Last-Modified: Wed, 28 Sep 2022 11:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Wed, 28 Sep 2022 19:20:37 GMT
Date: Wed, 28 Sep 2022 18:20:37 GMT
Connection: keep-alive
identify.nordea.com/assets/images/favicon.ico
158.233.249.231200 OK 1.2 kB URL HTTP/1.1 identify.nordea.com/assets/images/favicon.ico
IP 158.233.249.231:0
ASN #201271 Nordea Bank Abp
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 9a39921b4a8d93d5528b4ccdc5d76e91
104a457c782a4f1208b116660746296cb45dcbd6
53ce944ce5a3a9a312816854b4254f5b083d562c45ac63354a00add50fb88cdb
GET /assets/images/favicon.ico HTTP/1.1
Host: identify.nordea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:37 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Thu, 22 Sep 2022 04:21:55 GMT
Cache-Control: max-age=31536000
Content-Type: image/x-icon
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin
Content-Length: 1150
Strict-Transport-Security: max-age=157680000; includeSubDomains
t.dtscout.com/pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=62o62vb9ga&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6zxr&_cb=_dtspv.c
158.69.139.237200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=62o62vb9ga&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6zxr&_cb=_dtspv.c
IP 158.69.139.237:0
File type ASCII text, with no line terminators
Hash a2ff3e5cf2dfd30643f5496a58959bf9
3a5e628fba1c611caffad54e0aabef598a72b767
2f05da4a72c5634c4322d122b1ab01222c5dc309b31a1573df9f0c95d0a71acd
GET /pv/?_a=v&_h=20-199-19-234.cprapid.com&_ss=62o62vb9ga&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6zxr&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Cookie: m=1; oa=1; df=1664389236
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Sep 2022 18:20:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.317
X-C: 0
Expires: Wed, 28 Sep 2022 18:20:36 GMT
Cache-Control: no-cache
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MPY2pddvqHfm/c6u5X/SqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A8OCLh5cQA5lsRw2MTW5cXunDr0=
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!e45fzsonjq&dn=TC&cc=1&r=
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!e45fzsonjq&dn=TC&cc=1&r=
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!e45fzsonjq&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 29 Sep 2022 18:20:37 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 28 Sep 2022 18:20:37 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!e45fzsonjq&lm=0&ts=1664389234407&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 18:20:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5289
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5289
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5289
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:20:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5289
Expires: Wed, 28 Sep 2022 19:48:47 GMT
Date: Wed, 28 Sep 2022 18:20:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 74015
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 74175
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 74385
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 74168
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 38939
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 74271
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.36.173200 OK 0 B IP 104.18.36.173:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:20:36 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:21 GMT
vary: Accept-Encoding
etag: W/"62d96951-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 10871
expires: Sat, 01 Oct 2022 18:20:36 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 751e7e7af860b4ed-OSL
X-Firefox-Spdy: h2
20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/frame/frame.css
20.199.19.234200 OK 0 B URL HTTP/1.1 20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/frame/frame.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /certificate-verification/nemid-verifikation-her/frame/frame.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/certificate-verification/nemid-verifikation-her/frame/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 18:20:36 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 12:58:24 GMT
Accept-Ranges: bytes
Content-Length: 182872
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css