Report - bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et

Report Overview

Submitted URL
bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
IP
162.213.249.169
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-04 01:14:43
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.142.194
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	25 kB	104.18.10.207
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	30 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
bth89825552012022.fuettertdasnetz.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	423 kB	162.213.249.169
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	31 kB	142.250.74.74
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	37 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et	Swedbank, AB
2022-12-03	medium	bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et	Swedbank, AB

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	84 kB	2023-03-07	2024-05-04
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-04 23:37:16 Times Seen14010 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js	23 kB	2023-03-07	2024-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:39 Last Seen2024-05-04 00:49:25 Times Seen784 Hash 9346ec27896981bc4c0b146cf327727a 21486194baa22eb1155fe98bf7af6314e7773cc7 50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js	91 kB	2023-03-07	2024-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-05-04 05:46:04 Times Seen1999 Hash a34f78c3aecd182144818eb4b7303fda 6fca78dac2797c02d86a4bf6514eda398b7dbe62 c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-04
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-04 20:22:07 Times Seen138672 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et	2.1 kB	2023-03-08	2024-02-11
Pretty URL bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et IP 162.213.249.169 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:43:21 Last Seen2024-02-11 12:26:54 Times Seen7 Hash 14e11c275979854dc27d79f0e97e8a4d 5a220f3c5263a5837965f19fc71f96bdc84b9416 35baad82b949df3022bc89c453cba75b54a19ee6b405d4dd6bf17f7fd7483761 Loading...

	bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et	690 B	2023-03-07	2024-04-22
Pretty URL bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et IP 162.213.249.169 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:38 Last Seen2024-04-22 14:29:13 Times Seen685 Hash 211419315eb4ab00915d6cb7561fd54d 1045495c66f37f45120fcd33adeed7b9e7ea19b7 23e329136b8c1126121c5bee19e209427e65ed0adbfce2f77f3417d74d4f5faa Loading...

HTTP Transactions (44)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7854
Expires: Sun, 04 Dec 2022 03:25:26 GMT
Date: Sun, 04 Dec 2022 01:14:32 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4354
Cache-Control: max-age=124154
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:14:32 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:43:46 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Sun, 04 Dec 2022 01:59:06 GMT
Date: Sun, 04 Dec 2022 01:14:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 00:20:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3271
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /i8jJZ+x3fexrAt/1hjPzOqVqvb83lpF5w7G0W6w5ES4/tfA9iIOJXQp6Rgx4zWTfcjC+D16DVc=
x-amz-request-id: MZGS1QX9KQP5AK94
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 00:46:46 GMT
age: 1666
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et

162.213.249.169

301 Moved Permanently

162 B

URL HTTP/1.1
bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
openphish	Swedbank, AB

HTTP Headers

GET /ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 01:14:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Strict-Transport-Security: max-age=31536000

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 01:11:19 GMT
cache-control: public,max-age=3600
age: 193
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc06a0adb4196777c96f69e9897d7aac
ffa3105af865e523007635432c22326354c25f5f
6bbda2b657b1bfac63cdef78d49327c8bb28f6f51a4fcd79dba1d5985f9fcf5d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BBDA2B657B1BFAC63CDEF78D49327C8BB28F6F51A4FCD79DBA1D5985F9FCF5D"
Last-Modified: Sat, 03 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Sun, 04 Dec 2022 07:14:08 GMT
Date: Sun, 04 Dec 2022 01:14:33 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4341
Cache-Control: max-age=119079
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:14:33 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:19:12 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.162.142.194

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.142.194:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mUwXSgP3W/yTeTmlrRouOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AVkUVABJ1oUZUi6B5nOelpp4cm8=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:14 GMT
expires: Wed, 29 Nov 2023 23:44:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 351020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:14:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js

104.17.25.14

200 OK

6.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (22932)
Size
6.6 kB (6638 bytes)
Hash
98267eb1c2251a157d2c8cc35554cbb1
2d48ff0923aa3e11eb82a97b9405e2d22372eb83
29cf98e3dce604e2bdb2bdf8074ffc5eeae988ab825da4af0bcd7547211d1004

HTTP Headers

GET /ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 6638
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-5a1e"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2017889
expires: Fri, 24 Nov 2023 01:14:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1zl1SYJajU1BMGv%2FGUaECpBsNeuQ21xzzxLWoBuh6LHbtDGfUVovDKXGeBBkbdq9Aock40QAAlK6ArVwJMucJVCSmfHE3Q3SAbfqo84WV1utHzoIj7zCny1Hcg4tc9j8UckZSwB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7740af9d791bb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.6.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Size
28 kB (28293 bytes)
Hash
376cb54be32e88dbcc32af9e94c471d6
3ecf4db76b7ec4bc1cc358ce6d6670c600b4d83a
5e89e8ec277a3e7c3ad2ab9511057270256b5c7a82b5c9f572a1df7b428f146f

HTTP Headers

GET /ajax/libs/jquery/1.6.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 28293
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-164ce"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2384094
expires: Fri, 24 Nov 2023 01:14:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOcBX9oO37%2BRqNYpC%2FjvlyAgRbLce0BOBED3ETar%2FHkECx1FW835%2FIpHy3csPNlFnocAFhKvuspLD2t1uq04ZhIZMW4JC7p9sHo2%2FMpHarsO3kGofrQqcMyjhEG3NgxLwXBFb5D2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7740af9d691ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: max-age=111451
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:14:34 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 08:12:05 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: max-age=111451
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:14:34 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 08:12:05 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278

bth89825552012022.fuettertdasnetz.de/ee/login/assets/login-widget.css

162.213.249.169

200 OK

895 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/login-widget.css
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
895 B (895 bytes)
Hash
c804005924c34bf950f792e54154fe54
4f406a9da4049d3907b74614bf9ef502b2627541
e43c3a16d58868a6b1368bb229cf51521c366479bd165edbe55df964acdbc8a6

HTTP Headers

GET /ee/login/assets/login-widget.css HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/css
content-length: 895
last-modified: Tue, 29 Nov 2022 19:08:00 GMT
etag: "63865890-37f"
expires: Sun, 04 Dec 2022 13:14:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/Roboto-Bold.woff2

162.213.249.169

404 Not Found

146 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/Roboto-Bold.woff2
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /ee/login/assets/Roboto-Bold.woff2 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/Roboto-Medium.woff2

162.213.249.169

200 OK

67 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/Roboto-Medium.woff2
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 66640, version 1.0\012- data
Size
67 kB (66640 bytes)
Hash
9e041c73a86f1bc901f875049fc6c0a5
21ba4a454ba4c2e32938354c3fd06b9c9bd7c8a9
51ed2f9923ac080b1f7578e9b311a8745f7bfed5362894a9eee1d818b6b33d15

HTTP Headers

GET /ee/login/assets/Roboto-Medium.woff2 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: font/woff2
content-length: 66640
last-modified: Tue, 29 Nov 2022 19:16:18 GMT
etag: "63865a82-10450"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/SwedbankHeadline-Black.woff2

162.213.249.169

200 OK

34 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/SwedbankHeadline-Black.woff2
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 33732, version 2.19660\012- data
Size
34 kB (33732 bytes)
Hash
094bcdb18a66c2b0d7657cb60651ae01
4ba005afcc16cbce6b52307968a36ec3620e7537
93786f3e8ad5430e301df31fd7acfce14cd930a48591dff27a9eca0062be7d07

HTTP Headers

GET /ee/login/assets/SwedbankHeadline-Black.woff2 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: font/woff2
content-length: 33732
last-modified: Tue, 29 Nov 2022 19:16:20 GMT
etag: "63865a84-83c4"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/SwedbankHeadline-Bold.woff2

162.213.249.169

200 OK

39 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/SwedbankHeadline-Bold.woff2
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 38700, version 1.-19662\012- data
Size
39 kB (38700 bytes)
Hash
5a3e669f0e7f4717e86a09819f7399dd
a0cf59c064d90f80b546ef019a40c3d77d86abe4
04248571113a6ab544ba1cf7d2474212807dbc0e0a0b58edc1deaacd258ab667

HTTP Headers

GET /ee/login/assets/SwedbankHeadline-Bold.woff2 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: font/woff2
content-length: 38700
last-modified: Tue, 29 Nov 2022 19:18:20 GMT
etag: "63865afc-972c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/SwedbankSans-Medium.woff

162.213.249.169

200 OK

46 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/SwedbankSans-Medium.woff
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format, TrueType, length 45680, version 1.1\012- data
Size
46 kB (45680 bytes)
Hash
5dae15d9cc72d392e910632905cbb182
866fdab8a85306853bff936b609e2e322e26d6aa
a325b73e569ddfa28c57c2415bbf2c236b359df634173d8ba01ab2d9a40185c8

HTTP Headers

GET /ee/login/assets/SwedbankSans-Medium.woff HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: font/woff
content-length: 45680
last-modified: Tue, 29 Nov 2022 19:18:22 GMT
etag: "63865afe-b270"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/Roboto-Regular.woff2

162.213.249.169

200 OK

66 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/Roboto-Regular.woff2
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 65940, version 1.0\012- data
Size
66 kB (65940 bytes)
Hash
c71e3a4f67bb243b58aab5373c583608
65391fa97c834687690a6c96c5a362da595658d4
eaf1d98eda2e1d659da3a52e20d2100a869c9b2134d948aa47023012a7ed2b49

HTTP Headers

GET /ee/login/assets/Roboto-Regular.woff2 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: font/woff2
content-length: 65940
last-modified: Tue, 29 Nov 2022 19:16:20 GMT
etag: "63865a84-10194"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/swedbank-iconique.woff2

162.213.249.169

200 OK

13 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/swedbank-iconique.woff2
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 12932, version 1.0\012- data
Size
13 kB (12932 bytes)
Hash
b7ad85efc8270e47f90e1e92f2ee9ba1
fe750b01c1705267b9bf64b7ec4917501fc66720
9023f0d1d5f1999063995899e42a6e5a79d123e4435a5010f231bc80e3af0f42

HTTP Headers

GET /ee/login/assets/swedbank-iconique.woff2 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: font/woff2
content-length: 12932
last-modified: Tue, 29 Nov 2022 19:18:24 GMT
etag: "63865b00-3284"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 01:14:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 01:14:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 01:14:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 01:14:34 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 01:14:34 GMT
Connection: keep-alive

bth89825552012022.fuettertdasnetz.de/ee/login/assets/swedbank-4x.png

162.213.249.169

200 OK

53 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/swedbank-4x.png
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 597 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
53 kB (52773 bytes)
Hash
c4f56ebc3ec1c5302070d0161c388ff3
dc09edae224868bc01c50881a0f3d6e30765519e
4e2420e25678434347556c789efb3fc3ec84734fe44dcc33ef645a2cf34ecb91

HTTP Headers

GET /ee/login/assets/swedbank-4x.png HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: image/png
content-length: 52773
last-modified: Tue, 29 Nov 2022 19:14:44 GMT
etag: "63865a24-ce25"
expires: Tue, 03 Jan 2023 01:14:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

24 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48664)
Size
24 kB (23960 bytes)
Hash
385b2c92d4ca7f6792e81d47ff58b93c
7bb78b8f34ad26befa54459c8a2797430fdd02f8
460d118b46fee5c35e9caadfc35e204b4abc6222b19e46e9178008814939d2f9

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 13160221
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7740af9d989ffac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/ie11-closure.css

162.213.249.169

200 OK

17 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/ie11-closure.css
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
17 kB (16819 bytes)
Hash
52ff4917d5945f65b741bf210d07e404
7307181066e24edd4b6b3d3d8ec566b29dfc0176
61ed50f36c699b86fedf9a81088f5c9e4a03b4573e1210b7474fe743b9b17c49

HTTP Headers

GET /ee/login/assets/ie11-closure.css HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 19:07:58 GMT
vary: Accept-Encoding
etag: W/"6386588e-69c"
expires: Sun, 04 Dec 2022 13:14:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9447 bytes)
Hash
95358bd2d700ee56273f5c03bb1b0ec9
3382013402b80585d811e8df916e32c055e559b7
9bdcf882b96fbbac533a799269480cc1af0e1dd891854939e1500adf2a5d1c10

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9447
x-amzn-requestid: 7f33035c-70b3-4efd-9bbe-0975847cb21a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltmLExfoAMFwYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f4-20c26c902a341f7a00b62316;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PpTFuHAWhFD1MhQGFZWYpenveUsGPtRE3GkL0Dy1mSFh-EeDcUKa_w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:16:34 GMT
age: 10680
etag: "3382013402b80585d811e8df916e32c055e559b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9356 bytes)
Hash
591104ff3c76193fe3c24fbbbb332f7d
aa134912d4f5ddfb371c45d9975506246af68400
af0cbb5c37c901019c1e684fe9a019bb7a2fb8359909ab831b7ff86cbc3d0fec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9356
x-amzn-requestid: 13227ea0-07e5-460c-b909-324fd267bb2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_uGThoAMFoug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-6776240c50d737ca55ce3b26;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kKuGnPHBMhIEvx-sTw6nJCiajijgnNmNrW5EEzmNdvVZcDfV_hTJ4A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 04:17:43 GMT
age: 75411
etag: "aa134912d4f5ddfb371c45d9975506246af68400"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 12715
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/layout-box.css

162.213.249.169

200 OK

9.0 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/layout-box.css
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
9.0 kB (8976 bytes)
Hash
8c8fa005a7d66a29cda389d733f4bb63
e3efee17dc1575964ce2d0c559d974f511b1ed4f
23be708e615ed585f961f9b8c3a0b4b6fa67411246d3fe6f3c8f594d410eb595

HTTP Headers

GET /ee/login/assets/layout-box.css HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 19:08:02 GMT
vary: Accept-Encoding
etag: W/"63865892-478"
expires: Sun, 04 Dec 2022 13:14:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/video/background-720.webm

162.213.249.169

404 Not Found

146 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/video/background-720.webm
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /ee/login/assets/video/background-720.webm HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/icon.png

162.213.249.169

200 OK

75 kB

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/icon.png
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (74560 bytes)
Hash
094af8fdfc463b169533bd267199cabd
800797c3ca0fcc7706f63b1fe9a4062d3f329cbd
7615620a64814c2bfd01f25ad320a9240880d9fedadb548925013b923d77ca4e

HTTP Headers

GET /ee/login/assets/icon.png HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: image/png
content-length: 74560
last-modified: Tue, 29 Nov 2022 20:54:38 GMT
etag: "6386718e-12340"
expires: Tue, 03 Jan 2023 01:14:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/video/background-720.ogv

162.213.249.169

404 Not Found

146 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/video/background-720.ogv
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /ee/login/assets/video/background-720.ogv HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 04 Dec 2022 01:14:35 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et

162.213.249.169

200 OK

0 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Swedbank, AB

HTTP Headers

GET /ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/shared-styles.min.css

162.213.249.169

200 OK

0 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/shared-styles.min.css
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ee/login/assets/shared-styles.min.css HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 19:21:16 GMT
vary: Accept-Encoding
etag: W/"63865bac-db7b"
expires: Sun, 04 Dec 2022 13:14:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

bth89825552012022.fuettertdasnetz.de/ee/login/assets/video/background-720.mp4

162.213.249.169

206 Partial Content

0 B

URL HTTP/2
bth89825552012022.fuettertdasnetz.de/ee/login/assets/video/background-720.mp4
IP
162.213.249.169:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ee/login/assets/video/background-720.mp4 HTTP/1.1
Host: bth89825552012022.fuettertdasnetz.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://bth89825552012022.fuettertdasnetz.de/ee/login/oauth.php?authorize_type=code&appidkey=1476be0f71b9a47&country=et
Cookie: PHPSESSID=e2q28nphoiqcqla26ue71jpplm
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
server: nginx
date: Sun, 04 Dec 2022 01:14:34 GMT
content-type: video/mp4
content-length: 2996649
last-modified: Tue, 29 Nov 2022 19:14:46 GMT
etag: "63865a26-2db9a9"
strict-transport-security: max-age=31536000
content-range: bytes 0-2996648/2996649
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (44)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size