r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6904
Expires: Tue, 13 Dec 2022 02:08:28 GMT
Date: Tue, 13 Dec 2022 00:13:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12934
Expires: Tue, 13 Dec 2022 03:48:58 GMT
Date: Tue, 13 Dec 2022 00:13:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 23:33:43 GMT
content-type: application/json
age: 2381
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10291
Expires: Tue, 13 Dec 2022 03:04:55 GMT
Date: Tue, 13 Dec 2022 00:13:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wiDytNPzbaqOPgrmVTsg3v5+CGxJ+A3PquofNWz8JtF46pRAcOcxsT1CQSWAyou2xM7XPVu8V3E=
x-amz-request-id: VRP5VBR8A21S7Z96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 23:49:48 GMT
age: 1416
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:13:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 23:33:17 GMT
age: 2407
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ee19f96e42a0eca99d00c8d91f977c35
3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9
6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6050
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:13:24 GMT
Etag: "6396ef2b-1d7"
Last-Modified: Mon, 12 Dec 2022 22:32:34 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PzJU0qO4hidhe018nxsJNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yUKhCUwuCsxzNhFCSZsO0WRmcXI=
mylovesay.com/hna/
200 OK 67 kB IP
ASN #133199 SonderCloud Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (63603), with CRLF line terminators
Hash 930dd86394c8ae3079e70d69b88dad33
0522146e60a6afed5c3b917e192bb962b239ad76
268688692bdb8d23f470ac1a5a5a3c40fa0476eb73cc86a7811186b95db8990e
Analyzer Verdict Alert openphish Deutsche Postbank AG
phishtank Other
fortinet Phishing
GET /hna/ HTTP/1.1
Host: mylovesay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 00:10:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash ee4497b3e9c1ef871e4904b42fd73e3c
6307571139b7f442a8e9a0162268163b91ef34d9
805744943e4f4df07f51c90fec39b1eccc22c916e34d1b7d91dd9918f4eec08c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1256
Cache-Control: max-age=114300
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:13:26 GMT
Etag: "6396da3a-1d7"
Expires: Wed, 14 Dec 2022 07:58:26 GMT
Last-Modified: Mon, 12 Dec 2022 07:37:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ee4497b3e9c1ef871e4904b42fd73e3c
6307571139b7f442a8e9a0162268163b91ef34d9
805744943e4f4df07f51c90fec39b1eccc22c916e34d1b7d91dd9918f4eec08c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1256
Cache-Control: max-age=114300
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:13:26 GMT
Etag: "6396da3a-1d7"
Expires: Wed, 14 Dec 2022 07:58:26 GMT
Last-Modified: Mon, 12 Dec 2022 07:37:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ee4497b3e9c1ef871e4904b42fd73e3c
6307571139b7f442a8e9a0162268163b91ef34d9
805744943e4f4df07f51c90fec39b1eccc22c916e34d1b7d91dd9918f4eec08c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2027
Cache-Control: max-age=115071
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:13:26 GMT
Etag: "6396da3a-1d7"
Expires: Wed, 14 Dec 2022 08:11:17 GMT
Last-Modified: Mon, 12 Dec 2022 07:37:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
mylovesay.com/hna/q.png
200 OK 2.0 kB IP
ASN #133199 SonderCloud Limited
File type PNG image data, 67 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 92378455a1d2885e0dabc8011bf72ac7
09894f9a199afa66bf416cfc00733cceb9188413
8585fbb474eab0cfeab726efe23bfdb22420133d829d384f6110e9a91def26f7
GET /hna/q.png HTTP/1.1
Host: mylovesay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mylovesay.com/hna/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 00:10:33 GMT
Content-Type: image/png
Content-Length: 1978
Last-Modified: Mon, 12 Dec 2022 09:14:57 GMT
Connection: keep-alive
ETag: "6396f111-7ba"
Accept-Ranges: bytes
mylovesay.com/hna/info.png
200 OK 974 B URL HTTP/1.1 mylovesay.com/hna/info.png
IP
ASN #133199 SonderCloud Limited
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash df910c06b933074ad9498a1b856a75c2
a3c9e06faca32be47f26abbad781ddc886344a7c
9138fd329fa6dc68ee7973ff2048042396ff8fa418f4a5ae736eaeee4b443e06
GET /hna/info.png HTTP/1.1
Host: mylovesay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mylovesay.com/hna/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 00:10:33 GMT
Content-Type: image/png
Content-Length: 974
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Mon, 12 Dec 2022 09:14:57 GMT
ETag: "3ce-5ef9defe7a959"
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 54e5161db823875726ec0c25f2e85c0f
e3e39c82a1fd98b586d44e390711032df1aa663d
998fd834678ff1090e6d7931fb18bd8c8f881af3c4a0315099a04fab4655f85e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158032
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:13:26 GMT
Etag: "639789f6-1d7"
Expires: Wed, 14 Dec 2022 20:07:18 GMT
Last-Modified: Mon, 12 Dec 2022 20:07:18 GMT
Server: nginx
Content-Length: 471
www.postbank.de/dam/postbank/bilder/iob5/login-alte-anmeldung.jpg
200 OK 16 kB URL HTTP/2 www.postbank.de/dam/postbank/bilder/iob5/login-alte-anmeldung.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x666, components 3\012- data
Hash 71d7f159b3c4e1fb3b7e59ad8c956207
96294325a7ae20f048a3407f96afad53c0d77680
2afc1ff4a798ce317d694abd9ecb5dc5f7e1211f80e3864902c0f6da65746c14
GET /dam/postbank/bilder/iob5/login-alte-anmeldung.jpg HTTP/1.1
Host: www.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15471
date: Tue, 13 Dec 2022 00:13:26 GMT
server: Apache
x-dispatcher: dispatcher2eucentral1
x-dispatcher-version: 1.4.25
x-vhost: postbank
vary: Host
last-modified: Tue, 20 Oct 2020 14:38:35 GMT
etag: "3c6f-5b21b2f8a30c0"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-credentials: true
content-disposition: inline
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eHW7vKwVRyQThgnSduKCYW_0UhI13I8YMHkrZiNf6U2dPw72HC21OA==
X-Firefox-Spdy: h2
www.postbank.de/dam/postbank/bilder/iob5/sicherheitshinweis.jpg
200 OK 116 kB URL HTTP/2 www.postbank.de/dam/postbank/bilder/iob5/sicherheitshinweis.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1374x610, components 3\012- data
Size 116 kB (115626 bytes)
Hash 6fff8c1d662e9fd475d8f0907ab0f23b
0d6b947c37a47ef640bcd29439a72354cd87f857
b6fee381207d08fa8d029741f93662cf29622bb040a5d875bab0d68a1e93e6df
GET /dam/postbank/bilder/iob5/sicherheitshinweis.jpg HTTP/1.1
Host: www.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 115626
date: Tue, 13 Dec 2022 00:13:26 GMT
server: Apache
x-dispatcher: dispatcher2eucentral1
x-dispatcher-version: 1.4.25
x-vhost: postbank
vary: Host
last-modified: Wed, 06 Apr 2022 14:11:27 GMT
etag: "1c3aa-5dbfcefebc1c0"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-credentials: true
content-disposition: inline
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pGh4671tizrfdKBgs29qLxg31PZcmDATXu7648bbmPF4WPsLfdEHCQ==
X-Firefox-Spdy: h2
meine.postbank.de/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/logo.svg
200 OK 1.4 kB URL HTTP/1.1 meine.postbank.de/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/logo.svg
IP
ASN #8373 Deutsche Bank AG
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2718), with no line terminators
Hash 7462d969be66b1ad161c5c3d988143a1
34e9234a0bcc0b7483b87d07219cf17a9596a85d
63f690ae3a6386bffa31c3e5c864f92e330534c92754b331053054eb6d366ec0
GET /bundles/@pbs/patternlib_pb/lib/runtime/assets/images/logo.svg HTTP/1.1
Host: meine.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 00:13:26 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: origin
X-Frame-Options: deny
Content-Security-Policy: default-src 'self'; connect-src 'self' https://bankapi-public.postbank.de https://bankapi.postbank.de https://smoke-api.postbank.de https://smoke-api-public.postbank.de https://www.postbank.de https://collect.tealiumiq.com https://collect-eu-central-1.tealiumiq.com https://visitor-service-eu-central-1.tealiumiq.com https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com; img-src 'self' https://www.postbank.de https://tp.postbank.de https://meine.postbank.de https://smoke-meine.postbank.de https://anlagemanager.postbank.de https://smoke-anlagemanager.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org data: blob:; script-src 'self' https://pb.media01.eu https://tags.tiqcdn.com https://www.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com *.usercentrics.eu 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org 'unsafe-inline'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload;
Vary: Accept-Encoding
Last-Modified: Wed, 19 Oct 2022 13:30:37 GMT
ETag: "568-5eb6336c93940"
Accept-Ranges: bytes
Content-Length: 1384
Cache-Control: private, max-age=15552000, must-revalidate
Expires: Sun, 11 Jun 2023 00:13:26 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization
Content-Encoding: gzip
Keep-Alive: timeout=10, max=489
Connection: Keep-Alive
Content-Type: image/svg+xml
www.postbank.de/dam/postbank/bilder/iob5/etf-aktion-amundi-login.jpg
200 OK 119 kB URL HTTP/2 www.postbank.de/dam/postbank/bilder/iob5/etf-aktion-amundi-login.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, comment: "LEADTOOLS v20.0", baseline, precision 8, 1080x666, components 3\012- data
Size 119 kB (118978 bytes)
Hash a8de7d1a6b51a8ac5dca9b70c3ebdacf
f0462adb9750ff92efd81b0fcdee360c7e2ef0f2
11151f99de80860674a82be41de717f97a0c5ae053f0f0cd362b820808eb42c0
GET /dam/postbank/bilder/iob5/etf-aktion-amundi-login.jpg HTTP/1.1
Host: www.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 118978
date: Tue, 13 Dec 2022 00:13:26 GMT
server: Apache
x-dispatcher: dispatcher3eucentral1
x-dispatcher-version: 1.4.25
x-vhost: postbank
vary: Host
last-modified: Tue, 15 Mar 2022 13:33:03 GMT
etag: "1d0c2-5da41d61541c0"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-credentials: true
content-disposition: inline
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h0rVEDPmrn4iQNXED5m2cQpADDoKb8fIsvEEcyD5N4_V1T8yGFw6mg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2448
Expires: Tue, 13 Dec 2022 00:54:14 GMT
Date: Tue, 13 Dec 2022 00:13:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2448
Expires: Tue, 13 Dec 2022 00:54:14 GMT
Date: Tue, 13 Dec 2022 00:13:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61696fbb8743437b191c7141bc43228f
9f3da5618cd81d8b94b89a38860b5ea0e677b181
e299f7842035dfae92b63c388613da806030c9e70f6344dd0c8e9176baa2a671
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 062761c0-29aa-44d6-9a3f-213766ba615c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctmEtE00oAMF4Cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eea1d-7f38911c00fdffac25cdf642;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:07:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HHqgpbW7ZHxByKQTHklq6VVOKkidvdpt-XgqeFIHVYXbJ66nhu19yw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 23:15:56 GMT
age: 3450
etag: "9f3da5618cd81d8b94b89a38860b5ea0e677b181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BouIqIrg_vfxBH0weDXiqoEBcSV8_d4qDVB3Er5PeIrZz249iHdqGQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 08:18:10 GMT
age: 57316
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 54e5161db823875726ec0c25f2e85c0f
e3e39c82a1fd98b586d44e390711032df1aa663d
998fd834678ff1090e6d7931fb18bd8c8f881af3c4a0315099a04fab4655f85e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158032
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:13:26 GMT
Etag: "639789f6-1d7"
Expires: Wed, 14 Dec 2022 20:07:18 GMT
Last-Modified: Mon, 12 Dec 2022 20:07:18 GMT
Server: nginx
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: viqtSt0N4FbMvP-u-vlA4Y8SfzIafFu_4XhqXSKrbItp7gkJDp5PKA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:36:04 GMT
age: 5842
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703d359edb819eaefc6ccae224bbde15
4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8
0452d24052bef979fd13f1a0fefb4c7803ff91c5afa3c871f85b73eb08f15489
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12144
x-amzn-requestid: 0d00ec22-808c-4f60-98b1-87eef4aad829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6n0yFORIAMFskA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394201e-58f1a5c87fc341bf56fa9d68;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:58:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sW4dQXExyH6JvbdtSgIPJUiifHh-VfbfcG5hKMaJ4tZA3pO-fobF6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 04:10:33 GMT
age: 72173
etag: "4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1abb84e01b1e6e8d13317083770e9e25
8e034ed23b8d40406fd43f74f0af5f7278d1465e
5238283f759fdf48354b5372bf87c9cc1d5db2dd319db54ac0e09f1e6ac32cbc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12449
x-amzn-requestid: 992fe7fc-089b-4cc8-bb4f-0636b96d5f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8I9UFlAoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394bb88-0cf5980b3772bc313c547db9;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 17:02:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4rBy--_A54HSE60mv10Fk2gLZKcNiENqjs3i9-e1DjtW6n3Q97MlwA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:22:37 GMT
age: 6649
etag: "8e034ed23b8d40406fd43f74f0af5f7278d1465e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab5a208bfde395cefdbf547982544b25
cfdcccc56da544414936b95c888585f6a56833ad
9897cf24a8332e797d33b0493ab8f488d991151d7be621cd5753aa5e3b2c9451
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5922
x-amzn-requestid: 98bd853c-cbe5-4672-9915-6e54978730bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0LzNEO7oAMF-dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918ce1-23b0f17a2e5e95f7707adcaf;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:06:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XqYJM2tgLUzVd5MQ--NIuyahAg3J8DBtWESucvxrrQtSGpN2J1OywQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 23:15:47 GMT
age: 3459
etag: "cfdcccc56da544414936b95c888585f6a56833ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
meine.postbank.de/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/logo-claim.svg
200 OK 1.3 kB URL HTTP/1.1 meine.postbank.de/bundles/@pbs/patternlib_pb/lib/runtime/assets/images/logo-claim.svg
IP
ASN #8373 Deutsche Bank AG
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2317)
Hash d77583cbd1197b6187463e3546012213
2ce5001400fc742fb8c0c83bcb5d17d53289a087
b83d26029ec04b70105d4116b331e4b8ba773f7698a7c7f07966b2b52258cfee
GET /bundles/@pbs/patternlib_pb/lib/runtime/assets/images/logo-claim.svg HTTP/1.1
Host: meine.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 00:13:26 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: origin
X-Frame-Options: deny
Content-Security-Policy: default-src 'self'; connect-src 'self' https://bankapi-public.postbank.de https://bankapi.postbank.de https://smoke-api.postbank.de https://smoke-api-public.postbank.de https://www.postbank.de https://collect.tealiumiq.com https://collect-eu-central-1.tealiumiq.com https://visitor-service-eu-central-1.tealiumiq.com https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com; img-src 'self' https://www.postbank.de https://tp.postbank.de https://meine.postbank.de https://smoke-meine.postbank.de https://anlagemanager.postbank.de https://smoke-anlagemanager.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org data: blob:; script-src 'self' https://pb.media01.eu https://tags.tiqcdn.com https://www.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com *.usercentrics.eu 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org 'unsafe-inline'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload;
Vary: Accept-Encoding
Last-Modified: Wed, 19 Oct 2022 13:30:37 GMT
ETag: "4fd-5eb6336c93940"
Accept-Ranges: bytes
Content-Length: 1277
Cache-Control: private, max-age=15552000, must-revalidate
Expires: Sun, 11 Jun 2023 00:13:26 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization
Content-Encoding: gzip
Keep-Alive: timeout=10, max=475
Connection: Keep-Alive
Content-Type: image/svg+xml
meine.postbank.de/assets/images/favicons/apple-touch-icon.png
200 OK 5.2 kB URL HTTP/1.1 meine.postbank.de/assets/images/favicons/apple-touch-icon.png
IP
ASN #8373 Deutsche Bank AG
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 0bddf20e953d1c21bf018dbe4b1d9851
f936532773127f93421c57d0db0ad2dd6e61c4f2
193666adf1dd29973731f290efc41f08ab468e14597996162a3d793aed8b9584
GET /assets/images/favicons/apple-touch-icon.png HTTP/1.1
Host: meine.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 00:13:26 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: origin
X-Frame-Options: deny
Content-Security-Policy: default-src 'self'; connect-src 'self' https://bankapi-public.postbank.de https://bankapi.postbank.de https://smoke-api.postbank.de https://smoke-api-public.postbank.de https://www.postbank.de https://collect.tealiumiq.com https://collect-eu-central-1.tealiumiq.com https://visitor-service-eu-central-1.tealiumiq.com https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com; img-src 'self' https://www.postbank.de https://tp.postbank.de https://meine.postbank.de https://smoke-meine.postbank.de https://anlagemanager.postbank.de https://smoke-anlagemanager.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org data: blob:; script-src 'self' https://pb.media01.eu https://tags.tiqcdn.com https://www.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com *.usercentrics.eu 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org 'unsafe-inline'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload;
Last-Modified: Wed, 19 Oct 2022 13:30:37 GMT
ETag: "1471-5eb6336c93940"
Accept-Ranges: bytes
Content-Length: 5233
Cache-Control: private, max-age=15552000, must-revalidate
Expires: Sun, 11 Jun 2023 00:13:26 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization
Keep-Alive: timeout=10, max=487
Connection: Keep-Alive
Content-Type: image/png
meine.postbank.de/assets/images/favicons/favicon-16x16.png
200 OK 763 B URL HTTP/1.1 meine.postbank.de/assets/images/favicons/favicon-16x16.png
IP
ASN #8373 Deutsche Bank AG
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 7928dcbd4ef94be62d92d6218e8b917d
93768c3b84bc447a0f4b3449f93e386001106431
705e422f4c2ca8ff8521e6ca5bedf071785a13505c4cfe90693f539cead2b1f7
GET /assets/images/favicons/favicon-16x16.png HTTP/1.1
Host: meine.postbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mylovesay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 00:13:26 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: origin
X-Frame-Options: deny
Content-Security-Policy: default-src 'self'; connect-src 'self' https://bankapi-public.postbank.de https://bankapi.postbank.de https://smoke-api.postbank.de https://smoke-api-public.postbank.de https://www.postbank.de https://collect.tealiumiq.com https://collect-eu-central-1.tealiumiq.com https://visitor-service-eu-central-1.tealiumiq.com https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com; img-src 'self' https://www.postbank.de https://tp.postbank.de https://meine.postbank.de https://smoke-meine.postbank.de https://anlagemanager.postbank.de https://smoke-anlagemanager.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org data: blob:; script-src 'self' https://pb.media01.eu https://tags.tiqcdn.com https://www.postbank.de https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org https://assets.adobedtm.com *.usercentrics.eu 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://delivery.1tag.dentsu.de https://cdn.1tag.dentsu.de https://dan.mgr.consensu.org https://cdn.dan.mgr.consensu.org 'unsafe-inline'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload;
Last-Modified: Wed, 19 Oct 2022 13:30:37 GMT
ETag: "2fb-5eb6336c93940"
Accept-Ranges: bytes
Content-Length: 763
Cache-Control: private, max-age=15552000, must-revalidate
Expires: Sun, 11 Jun 2023 00:13:26 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorization
Keep-Alive: timeout=10, max=490
Connection: Keep-Alive
Content-Type: image/png
mylovesay.com/hna/FrutigerLTW02-65Bold.woff2
200 OK 42 kB URL HTTP/1.1 mylovesay.com/hna/FrutigerLTW02-65Bold.woff2
IP
ASN #133199 SonderCloud Limited
File type Web Open Font Format (Version 2), TrueType, length 42008, version 1.0\012- data
Hash 66a825d0bc3b78c378dadbfa19b8ac02
7fb3f4f2d17526585b8440a42eca6d98dbc6ccf6
33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d
Analyzer Verdict Alert fortinet Phishing
GET /hna/FrutigerLTW02-65Bold.woff2 HTTP/1.1
Host: mylovesay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mylovesay.com/hna/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 00:10:34 GMT
Content-Type: application/octet-stream
Content-Length: 42008
Last-Modified: Mon, 12 Dec 2022 09:14:57 GMT
Connection: keep-alive
ETag: "6396f111-a418"
Accept-Ranges: bytes
mylovesay.com/hna/FrutigerLTW02-55Roman.woff2
200 OK 49 kB URL HTTP/1.1 mylovesay.com/hna/FrutigerLTW02-55Roman.woff2
IP
ASN #133199 SonderCloud Limited
File type Web Open Font Format (Version 2), TrueType, length 49372, version 1.0\012- data
Hash f75edc57b3c912b99387c7921e3dfddb
937d62e23c5e4090c6e3cf37536c0df3725c14bb
0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c
Analyzer Verdict Alert fortinet Phishing
GET /hna/FrutigerLTW02-55Roman.woff2 HTTP/1.1
Host: mylovesay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mylovesay.com/hna/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 00:10:34 GMT
Content-Type: application/octet-stream
Content-Length: 49372
Last-Modified: Mon, 12 Dec 2022 09:14:57 GMT
Connection: keep-alive
ETag: "6396f111-c0dc"
Accept-Ranges: bytes
43.242.128.238
185.157.32.20
34.120.237.76
95.101.11.115
93.184.220.29