ranama.mojweb.com.hr/comsx
178.218.162.211301 Moved Permanently 242 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4f3697fae277f6e5489d9d445f7481a1
3ec3fc31b5bd8c9d89564b3eab4db9d8471cc7d6
ac08d7eec40de2890a9caf62542bf29fcdeb9c0166e593e7d8173bd531051724
Analyzer Verdict Alert openphish Comcast Corporation
fortinet Phishing
GET /comsx HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 14:38:56 GMT
Server: Apache
Location: http://ranama.mojweb.com.hr/comsx/
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: PH_HPXY_CHECK=s1; path=/
Cache-control: private
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7481
Expires: Tue, 08 Nov 2022 16:43:38 GMT
Date: Tue, 08 Nov 2022 14:38:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5204
Cache-Control: max-age=163138
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:57 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:57:55 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10614
Expires: Tue, 08 Nov 2022 17:35:51 GMT
Date: Tue, 08 Nov 2022 14:38:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UNAm2n9tA0mrxT8L+NGhNhsB5dtscRWCqr5ZRVAevfR0cmeHuMnBRpziJR1uCoRs1rXvR9d6ipE=
x-amz-request-id: YHS6QV853P91BMKN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 13:48:32 GMT
age: 3025
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 14:38:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ranama.mojweb.com.hr/comsx/
178.218.162.211200 OK 33 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6168)
Hash ba8ec113806cb0e79bae3434e6238213
0cd3f198873e6a0f9be82a9acfe07d4f7b041734
648daef874b30314788fc6c81e4472a77f329d1e49f0e0e45dac11fc59697f18
Analyzer Verdict Alert fortinet Phishing
GET /comsx/ HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PH_HPXY_CHECK=s1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:08:04 GMT
Accept-Ranges: bytes
Content-Length: 33432
Content-Type: text/html
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/event
178.218.162.211200 OK 191 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/event
IP 178.218.162.211:0
File type ASCII text, with no line terminators
Hash 2d5d169b7afabb783f8994c576f005cb
d3c1f326303b3cd98f892a5ab28cea82222d058b
384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/event HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 191
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
178.218.162.211200 OK 51 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
IP 178.218.162.211:0
File type ASCII text, with very long lines (50848), with no line terminators
Hash 46ad0dca51a657b2f6d4302e8af335ac
56f30d2a99c33270a368df39b0fac6a6321f72f4
7744a06830d6b63ba7fc3b5f7649f8f06959e3c31118cf324d3e36e5433915ed
GET /comsx/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 50848
Content-Type: text/css
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/rta.js
178.218.162.211200 OK 168 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/rta.js
IP 178.218.162.211:0
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash cf8059bd98746a031879c027d0675200
5b36326aeac50dd7fbf8a910775b32beccc12d5a
00fb70d9832d4974eacda5d97b5ede63153bebe471109491dc6807db6ceca3a7
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 168
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/segments.js
178.218.162.211200 OK 39 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/segments.js
IP 178.218.162.211:0
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 39
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/data.json
178.218.162.211200 OK 295 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/data.json
IP 178.218.162.211:0
Hash c4e699111d8c5ee41a03610b94ff02d5
7b4ec667ab9d73b69d752931fa675eca988ac1be
f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 295
Content-Type: application/json
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js
178.218.162.211200 OK 2.7 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403)
Hash 026533413b3d09d51db59238995299c1
8299098d71a0d18d7bf7279f0d71bed0345c0ec2
62079f9953d5a6dc3240039aa842881f9171f4c3f2bc664629aaf5f2c537214c
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 2727
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
178.218.162.211200 OK 18 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
IP 178.218.162.211:0
File type ASCII text, with very long lines (815), with CRLF line terminators
Hash 4ff1cfd3240ea3e8eed8d96e31152dc2
97ed8e13c3b52da3ea4865af48b219c8e540e5ac
c1d1eb4e35d0cfa8617262918737bcb8804dd0720cdca026da2087166ac7ba71
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 17478
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/11648.js
178.218.162.211200 OK 26 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/11648.js
IP 178.218.162.211:0
File type HTML document text\012- C source, ASCII text, with very long lines (25399)
Hash 04873a9ac5cdc1c90fcfb18a21e04136
2703ddd39416a70ada985452107e5b543ee89a0a
d7e781eaa55fbe21f653b0d2b807adc6af016ba9170ccd35fd44b3176786c80c
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/11648.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 25508
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/150582-10.js
178.218.162.211200 OK 898 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/150582-10.js
IP 178.218.162.211:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (728)
Hash 5de2cd9adefd2a264bc1e881d19827f0
07046ae6c3a9449fd68bd4e0a4f59e7626f30854
af216babd9b5c43a2e6cdedc5d7497f154b3055216272d4a53af26be49bcd53f
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/150582-10.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 898
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/150582-15.js
178.218.162.211200 OK 3.0 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/150582-15.js
IP 178.218.162.211:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2808)
Hash 3884f03746032fe3fb6b327134090769
b2e5801b7814f320f0364ab04d98f16e429a987d
c7b6ae528e00b64960dd07aa40cd199c946f089e789df34e47c1de507879302b
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/150582-15.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 2978
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js
178.218.162.211200 OK 1.4 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433)
Hash db5bdae32033752bd8574dc96ee4c96c
59c8ea77207eff9f8dbf9b6cbf156c6329cbf931
853efa16d425ff8c75c2bd4c74459ef9b555ceaae1a22d4aae0c36f95cad4351
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 1420
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/asc.txt
178.218.162.211200 OK 17 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/asc.txt
IP 178.218.162.211:0
File type ASCII text, with no line terminators
Hash 92ecce91e58ca501e89410701805ffd2
fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 17
Content-Type: text/plain
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
178.218.162.211200 OK 3.9 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
IP 178.218.162.211:0
File type ASCII text, with very long lines (3906), with no line terminators
Hash b9e47f9f8aac844ec80a9ba6ff6e7a74
cbf073ac21eaa5de906e1fcce023c64c3829c648
aef3124abf7a9f765f36093acf39e804987e52e1a1c241700441949ea52a7673
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 3906
Content-Type: application/javascript
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=4715
date: Tue, 08 Nov 2022 14:38:57 GMT
X-Firefox-Spdy: h2
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 434559fa7a68d200ad219099be488358
1dff3dfe091132e1f612e061cdc64d432226c5bf
ae18dac5597ac90f611e2ee4b1bd7c69861d5bffe22ec475b9902b89bd4f6d79
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2333
Cache-Control: max-age=89683
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:57 GMT
Etag: "63691c37-1d7"
Expires: Wed, 09 Nov 2022 15:33:40 GMT
Last-Modified: Mon, 07 Nov 2022 14:54:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
us-ads.openx.net/w/1.0/jstag
34.98.64.218200 OK 18 kB URL HTTP/2 us-ads.openx.net/w/1.0/jstag
IP 34.98.64.218:0
File type ASCII text, with very long lines (12594)
Hash 7fa4d3ec7fbf2ceeb4321f23a306a28c
a8ca3516f46e169d649d359c49de81f449e9aab5
f5046a9313e8d007e0c83b51156a0df8c320f835211681eb66e86efd42545bfb
GET /w/1.0/jstag HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Tue, 08 Nov 2022 15:38:57 GMT
date: Tue, 08 Nov 2022 14:38:57 GMT
content-type: text/javascript
content-length: 18070
content-encoding: gzip
cache-control: max-age=3600
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js
178.218.162.211200 OK 83 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js
IP 178.218.162.211:0
File type ASCII text, with very long lines (707), with CRLF line terminators
Hash e97a8791094937eca04430b8fd76550b
69fac7a4b26fdd0e5ea9c7b679435c80857efb1f
0d511486e7d3d6543bce126133d47c2805c5e4f0ff4c6d6eefabd5d6e678bf99
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 82832
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/jquery-1.js
178.218.162.211200 OK 94 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/jquery-1.js
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 25721ced154b3a99e818431446d7506d
3f1b0e9e54af1af2db2c8a639530448723462151
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 94020
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/moatad.js
178.218.162.211200 OK 182 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/moatad.js
IP 178.218.162.211:0
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 182301
Content-Type: application/javascript
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 434559fa7a68d200ad219099be488358
1dff3dfe091132e1f612e061cdc64d432226c5bf
ae18dac5597ac90f611e2ee4b1bd7c69861d5bffe22ec475b9902b89bd4f6d79
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4734
Cache-Control: max-age=92084
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:57 GMT
Etag: "63691c37-1d7"
Expires: Wed, 09 Nov 2022 16:13:41 GMT
Last-Modified: Mon, 07 Nov 2022 14:54:47 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/all.js
178.218.162.211200 OK 199 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/all.js
IP 178.218.162.211:0
File type ASCII text, with very long lines (18053)
Size 199 kB (198957 bytes)
Hash bc6c96975ece396c2410a11de12aa324
dc29df9842c22f28b858e6384b9339e2632ce3fc
1cbf11d576a004a0f2bf7baa71c045dd94d4b0eb3e4c848df0bd75dcb144c5f7
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 198957
Content-Type: application/javascript
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/u.gif
178.218.162.211200 OK 42 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/u.gif
IP 178.218.162.211:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /comsx/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 42
Content-Type: image/gif
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/event.gif
178.218.162.211200 OK 42 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/event.gif
IP 178.218.162.211:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /comsx/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 42
Content-Type: image/gif
us-ads.openx.net/w/1.0/acj?ai=82a85cee-eceb-4eac-a694-84f60bb9a740&o=7085209080&callback=OX_7085209080&ju=http%3A//ranama.mojweb.com.hr/comsx/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1
34.98.64.218200 OK 268 B URL HTTP/2 us-ads.openx.net/w/1.0/acj?ai=82a85cee-eceb-4eac-a694-84f60bb9a740&o=7085209080&callback=OX_7085209080&ju=http%3A//ranama.mojweb.com.hr/comsx/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1
IP 34.98.64.218:0
Hash b60e91b90fa9269ea8d5153884ed0bfb
161d40b0c9a393f709ba21e64a3be593b1cf8085
7dd9616a127c3b679f2d873e3bdd79b05329db19d529ac43421e9a5f4c33f933
GET /w/1.0/acj?ai=82a85cee-eceb-4eac-a694-84f60bb9a740&o=7085209080&callback=OX_7085209080&ju=http%3A//ranama.mojweb.com.hr/comsx/&jr=&auid=538020939&dims=1280x939&adxy=620%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1280x939&ifr=0&tws=1280x939&vmt=1&sd=1&mt=1 HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 08 Nov 2022 14:38:57 GMT
content-type: application/json
content-length: 268
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/seal.png
178.218.162.211200 OK 3.1 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/seal.png
IP 178.218.162.211:0
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash be19bc645a5d70db58e4317fb1f7f791
8c38f471f3e6d17af148acaab219db7e3e4a8d23
6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
GET /comsx/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 3091
Content-Type: image/png
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/moatad_002.js
178.218.162.211200 OK 315 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/moatad_002.js
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 182301
Content-Type: application/javascript
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
3.69.65.249307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 3.69.65.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 08 Nov 2022 14:38:57 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-636a6a01-755a894d19f5f3a423b4108b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5732
Cache-Control: max-age=158600
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:58 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:42:18 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.41200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.41:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA8BIIAK-10-CBJI; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr+VL5RyNtfSu9DtVM30fCgOHkoI+QTvwtM75DHHe0vCGHL070t8HamM3yHKZiMuZ7tOoDz1RD9f+bSpoiXzSeLsqlSNZOaaDQ=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
3.69.65.249307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 3.69.65.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-636a6a02-512c5ee46ccf931022e254eb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.41200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.41:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.7957882086118632&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA8BIIEC-12-650O; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EjCbPZYCsf1n+9DtVM30fCgOHkoI+QTvwtM75DHHe0vCGHL070t8HamM3yHKZiMuZ7tOoDz1RD9f+bSpoiXzSeLsqlSNZOaaDQ=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads.rubiconproject.com/ad/11648.js
2.21.206.244200 OK 8.9 kB URL HTTP/2 ads.rubiconproject.com/ad/11648.js
IP 2.21.206.244:0
File type C source, ASCII text, with very long lines (26545)
Hash 5aecf12e8c3cb1d14458bc71c6b8cf0c
b0cedce6e8165041981ba59a9b7277053a37ba89
69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa
GET /ad/11648.js HTTP/1.1
Host: ads.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
x-powered-by: PHP/5.3.3
content-encoding: gzip
content-length: 8946
content-type: text/javascript
cache-control: max-age=8898
expires: Tue, 08 Nov 2022 17:07:16 GMT
date: Tue, 08 Nov 2022 14:38:58 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jtIJGfalshEE4Y91T8rKPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wBBxpbK7CHIMwybuQw9JPq97GOU=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89c712ed490a8e622da27ccee0760e9c
dd2288cfac60ea859fb2f93f3a1b9d80414a22c7
5f0087130fa56508b43d08ecbcbec9ade811a376354788a4ad3c64db75617191
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3094
Cache-Control: max-age=127170
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:58 GMT
Etag: "6369abae-1d7"
Expires: Thu, 10 Nov 2022 01:58:28 GMT
Last-Modified: Tue, 08 Nov 2022 01:06:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.1737067268975584&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
213.19.162.51200 OK 147 B URL HTTP/1.1 smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.1737067268975584&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
IP 213.19.162.51:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?&cb=0.1737067268975584&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1 HTTP/1.1
Host: smarttag.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA8BIIL0-1Q-4EEW; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpuvVuCHEFHeu9DtVM30fCgOHkoI+QTvwtM75DHHe0vCGHL070t8HamM3yHKZiMuZ7tOoDz1RD9f+bSpoiXzSeLsqlSNZOaaDQ=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
3.69.65.249307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 3.69.65.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-636a6a02-21c4ff654676c9b50f99d0d6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.41200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.41:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA8BIIN1-1B-GA2V; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpqzoDqeYg90O9DtVM30fCgOHkoI+QTvwtM75DHHe0vCGHL070t8HamM3yHKZiMuZ7tOoDz1RD9f+bSpoiXzSeLsqlSNZOaaDQ=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
3.69.65.249307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 3.69.65.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-636a6a02-346caa653c7bfc620870a4e5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.41200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.41:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.8543055764650065&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 08 Nov 2022 14:38:58 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LA8BIIOW-M-10AH; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qq1scsEt+z5GO9DtVM30fCgOHkoI+QTvwtM75DHHe0vCGHL070t8HamM3yHKZiMuZ7tOoDz1RD9f+bSpoiXzSeLsqlSNZOaaDQ=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 08-Nov-2023 14:38:58 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a598440acf5368cfbfce521d3b8da387
ca8f78858100da2ee2d5f82755a176197458e83f
c65a41fbdc010de13247230d5fb906e9a1d42d0ba0da7ef5abb1df74881497eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3363
Cache-Control: max-age=102232
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:58 GMT
Etag: "63694937-1d7"
Expires: Wed, 09 Nov 2022 19:02:50 GMT
Last-Modified: Mon, 07 Nov 2022 18:06:47 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
91.228.74.168200 OK 39 B URL HTTP/2 pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
IP 91.228.74.168:0
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
GET /api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 14:38:58 GMT
content-type: application/x-javascript
content-length: 39
cache-control: private, no-transform, must-revalidate, max-age=86400
expires: Wed, 09 Nov 2022 14:38:58 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
set-cookie: mc=636a6a02-ae7e1-f7baf-e6aaa; expires=Sat, 09-Dec-2023 14:38:58 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/static/images/fb-logo-29.png
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/images/fb-logo-29.png
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /static/images/fb-logo-29.png HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/dest5.htm
178.218.162.211200 OK 8.9 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/dest5.htm
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators
Hash d2f6fa6292c62a0b4453c4d7763040e1
a9330f8597c230773f94d5f3b442d0a14e94083f
b8ddbf2a9418fff20f88a0692ce5aa6770edc51280200cdf410fdfb36466794c
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 8948
Content-Type: text/html
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.236.176.210302 Found 0 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.236.176.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Tue, 08 Nov 2022 14:38:58 GMT
content-type: text/plain;charset=utf-8
expires: Mon, 07 Nov 2022 14:38:58 GMT
last-modified: Wed, 09 Nov 2022 14:38:58 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31B535011CA28DA0-400000C7EE47B899[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 07 Nov 2024 14:38:38 GMT;
location: http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&pccr=true&vidn=31B535011CA28DA0-400000C7EE47B899&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
178.218.162.211200 OK 43 kB URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators
Hash fc6f71bf3bb8b37c2e742712f5e9fa31
1985f6685907edd356e999433d688632683297f5
074da691273a060b544115ecc31905c1c260559484b45560f9a299d83ca5d898
Analyzer Verdict Alert fortinet Phishing
GET /comsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 43032
Content-Type: text/html
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&pccr=true&vidn=31B535011CA28DA0-400000C7EE47B899&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
15.236.176.210200 OK 43 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&pccr=true&vidn=31B535011CA28DA0-400000C7EE47B899&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/comcastnetdev/1/H.27.5/s6666168566632?AQB=1&pccr=true&vidn=31B535011CA28DA0-400000C7EE47B899&ndh=1&t=8%2F10%2F2022%2014%3A38%3A55%202%200&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Franama.mojweb.com.hr%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Tue, 08 Nov 2022 14:38:59 GMT
expires: Mon, 07 Nov 2022 14:38:59 GMT
last-modified: Wed, 09 Nov 2022 14:38:59 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31B53501F3F83757-6000119D8E4DAB20[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 07 Nov 2024 14:38:38 GMT;
etag: 3581827361147453440-4619727423658634015
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
178.218.162.211404 Not Found 315 B URL HTTP/1.1 ranama.mojweb.com.hr/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
IP 178.218.162.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: PH_HPXY_CHECK=s1; OX_sd=1; OX_plg=pm
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 14:38:58 GMT
Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
secure-assets.rubiconproject.com/static/psa/blank/1x1.png
2.21.206.244200 OK 155 B URL HTTP/2 secure-assets.rubiconproject.com/static/psa/blank/1x1.png
IP 2.21.206.244:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fed6b76619acefb38a43867d5fbbd65
b4881fe00376089907ce39fb43398fe2b9d55b8a
172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /static/psa/blank/1x1.png HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
accept-ranges: bytes
content-type: image/png
content-encoding: gzip
unused62: 8096267
content-length: 155
date: Tue, 08 Nov 2022 14:38:59 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash ccea9da4e6702a2d61eadf269c3c88e0
7e09dadad059db2b7cffbb9bb9f2f6dbd489554c
8ab6fb325d669c41ca23a66d0a78c738869647cb9a19a995a5d5f2fbf0316483
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 9782f8c7dac710a0c5e08ace7ba14427
ETag: "505d03c91169ff4de498e4684df45977"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Tue, 08 Nov 2022 14:56:10 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: zOqdpOZwKi1h6t8mnDyI4A==
X-FB-Debug: GA7IrlrCD/UJQLO/6b+gbgxBaXqGtXwWFwk9q4SywXw7vJZjGHcOKzOgmxmtKU6QXWwMMHQs6Da9g7fPJleCDw==
X-FB-TRIP-ID: 1904183273
Date: Tue, 08 Nov 2022 14:38:59 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1685
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=8668305375&varName=crtg_content
178.250.0.166204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=8668305375&varName=crtg_content
IP 178.250.0.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=8668305375&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Tue, 08 Nov 2022 14:38:59 GMT
strict-transport-security: max-age=31536000; preload;
comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
34.242.116.160302 Found 0 B URL HTTP/1.1 comcastathena.demdex.net/event?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
IP 34.242.116.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-05c906a58.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: http://comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=89472545181227603514119191589164510182; Max-Age=15552000; Expires=Sun, 07 May 2023 14:38:59 GMT; Path=/; Domain=.demdex.net
X-TID: Isrh2YUTShk=
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89d3b51d06a660181b023005fb2396a4
df0483119c2dfc20349c6aa00ddbc399e0ef03f0
51f52c22a57c3fbbdb9411641234063b9c8ce79a61a72fa81e7570ef2171220d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5313
Cache-Control: max-age=148474
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:59 GMT
Etag: "6369f63c-1d7"
Expires: Thu, 10 Nov 2022 07:53:33 GMT
Last-Modified: Tue, 08 Nov 2022 06:25:00 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89d3b51d06a660181b023005fb2396a4
df0483119c2dfc20349c6aa00ddbc399e0ef03f0
51f52c22a57c3fbbdb9411641234063b9c8ce79a61a72fa81e7570ef2171220d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5313
Cache-Control: max-age=148474
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:59 GMT
Etag: "6369f63c-1d7"
Expires: Thu, 10 Nov 2022 07:53:33 GMT
Last-Modified: Tue, 08 Nov 2022 06:25:00 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
Content-Type: text/html; charset="utf-8"
X-FB-Debug: 508NklZ+k4n4HrVrN03isf6lXvHcrWATaIQF0DPrWO5PBj33cpMNGDSCsxS5bN91+IQZyWBsrgq5D401+RTFNA==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Tue, 08 Nov 2022 14:38:59 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
34.242.116.160200 OK 67 B URL HTTP/1.1 comcastathena.demdex.net/firstevent?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
IP 34.242.116.160:0
File type ASCII text, with no line terminators
Hash 5251436e4b1be1bbaea155585536b73f
a86daaa6b14cabb22016b83bc7e24d2312ff3e7a
0a092206e296d91e9ff518beb7e2ca443daa1f3fdb6f6bd8a3ab0bc05d88691e
GET /firstevent?d_nsid=1&d_ld=_ts%3D1667918335935&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1667918335935&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
X-TID: ZNgA96t9TZo=
Content-Length: 67
Connection: keep-alive
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12302 Found 0 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: YTEA7EpN7MrC3KMBiZSPZj/8G0sHJqP+Cmm+84lVvZn/U118bGzKNez8MMi0u5kedpK2Y/KQgU52sMs5QwyA+g==
content-length: 0
priority: u=3,i
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 14:38:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89d3b51d06a660181b023005fb2396a4
df0483119c2dfc20349c6aa00ddbc399e0ef03f0
51f52c22a57c3fbbdb9411641234063b9c8ce79a61a72fa81e7570ef2171220d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5313
Cache-Control: max-age=148474
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 14:38:59 GMT
Etag: "6369f63c-1d7"
Expires: Thu, 10 Nov 2022 07:53:33 GMT
Last-Modified: Tue, 08 Nov 2022 06:25:00 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.12302 Found 0 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: vD1M67EGlvpEQCtqjbY/iuayW/pzXw4EA7LsY/knEeLi1FXeVccT+S6+6RgvoZPLGmxMNsKCxrSbxXHrzdQ/5g==
content-length: 0
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 14:38:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
31.13.72.36404 Not Found 72 B URL HTTP/2 www.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 31.13.72.36:0
File type HTML document, ASCII text, with no line terminators
Hash 2556c01148fc3cf811a190ae37345224
644567805749ab3ec4df4a00c82b0a4f8566f25d
f65e4cc023578b2bb3522d09231cd56eb84d209b18d501eeebf8a0b098f7635e
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ranama.mojweb.com.hr/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: p8XeVRWzCR00BO98CVuaNPmcfjzru2fGqle8U/CS3qeSFtj77QKKVE5I1lY0VgXHE+yj22kCwmz4SCi484SfSw==
content-length: 72
date: Tue, 08 Nov 2022 14:38:59 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 14:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 14:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 14:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 14:38:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11235
Expires: Tue, 08 Nov 2022 17:46:14 GMT
Date: Tue, 08 Nov 2022 14:38:59 GMT
Connection: keep-alive
login.comcast.net/static/images/global/favicon.ico
76.96.69.84200 OK 1.2 kB URL HTTP/1.1 login.comcast.net/static/images/global/favicon.ico
IP 76.96.69.84:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8591b1e1977be23073d13751a5f203d0
3f549eff3cf641803992d8748202bf0775f4765e
a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /static/images/global/favicon.ico HTTP/1.1
Host: login.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:59 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=479
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 19803
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:01:04 GMT
age: 59875
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wiVqhBy98fSb32WK61Z0nQQH1XMnTnD-XPqmNZkCYqnvMY7dzsSudw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:30 GMT
age: 61109
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:55:45 GMT
age: 60194
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37802736d42529da1237e5d89e253928
6f246d25b36dc880489f3af2ae8767a0f5f2542b
b21622ee7e858a4508096480ec3ffba824e96d469b0fcfa0f6daaabad296fd40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12165
x-amzn-requestid: 7baae03c-2e22-477c-9c14-d21a26469b47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEFHdIAMF_XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-2edb1d9722872b1166a5b085;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1QlljbC_YBobvvYSxTH2jH4a4kZAK8Am-k6CNxJrLIm1TY1gbfP1gg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:12:03 GMT
age: 59216
etag: "6f246d25b36dc880489f3af2ae8767a0f5f2542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22d633d497f2e25eab580a648c05434
8e549621e4182a257895a03db93e786bd86072a5
2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5978
x-amzn-requestid: e4cff3d7-86a7-44a8-8858-7c893c19e76c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAVFHdWIAMFQZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a86-60d1a8250e0017a3574a6642;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:37:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qSguV2gfEtxsoWSMifxQEbIAAqhUDgVom0IWauJEIrFoMA5f17J-GA==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:56:55 GMT
age: 60124
etag: "8e549621e4182a257895a03db93e786bd86072a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/impression.php/f25afe9dc74c398/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/impression.php/f25afe9dc74c398/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
IP 31.13.72.36:0
GET /impression.php/f25afe9dc74c398/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: image/gif
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: UutUk1u7GDV4ha8Ae8jRssHChOZqd+OPbkLZYevQLLfCmNJRD1y/kTDVUOdUK+AT7UHr4jsyBWOwzttct7i1Ww==
date: Tue, 08 Nov 2022 14:38:59 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
178.218.162.211200 OK 0 B URL HTTP/1.1 ranama.mojweb.com.hr/comsx/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
IP 178.218.162.211:0
GET /comsx/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg HTTP/1.1
Host: ranama.mojweb.com.hr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ranama.mojweb.com.hr/comsx/
Cookie: PH_HPXY_CHECK=s1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 14:38:57 GMT
Server: Apache
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
Accept-Ranges: bytes
Content-Length: 35514
Content-Type: image/jpeg