20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
20.199.19.234200 OK 18 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (805)
Hash d9e70e4acb8f278a8b81b17f3b1a1c79
68931319020c381975c585b53f759384deb1e436
58eff4cc067495e9cc077556ba032ff5b59dea89611879571c496d60c6a3d3e6
GET /Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:46 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 08:49:13 GMT
Expires: Wed, 12 Oct 2022 09:32:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BmRBX1-JjRFgLBVnaWurVSnhaR50R1pqHC9rbDZgcV4WJg0aI9mU6Q==
Age: 1893
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7540
Expires: Wed, 12 Oct 2022 11:26:26 GMT
Date: Wed, 12 Oct 2022 09:20:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf115053c2c98937c2d3c1bba367d815
dfcf225bde5123f0476e6b319823136fa77537f6
e5748cb4844096548cf4c2d8d5bee9e245035c4632ae1a59bfd3b2d99bd4cd9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5748CB4844096548CF4C2D8D5BEE9E245035C4632AE1A59BFD3B2D99BD4CD9B"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2634
Expires: Wed, 12 Oct 2022 10:04:40 GMT
Date: Wed, 12 Oct 2022 09:20:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6bDj2fki+AdxfOp3aPCdIyeuRRDkXjMcrSJ4Bn84vnNnNRCiBrIKBXpwmAGqq79GdKH9nbxmVhQ=
x-amz-request-id: Q0CEKTM6J3X0K6AQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 08:33:16 GMT
age: 2850
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
waust.at/s.js
104.26.5.7200 OK 3.5 kB IP 104.26.5.7:0
File type ASCII text, with very long lines (8514), with no line terminators
Hash 7ba20d7d8e8f534a8d4b3e4848ba40e8
9757fceb751a25322b2f62ae9e8b9918add51baf
8351897e53bf4e0419e84c7a50076de46c03faa8a16baed3cc999374bf95c0db
GET /s.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 29 Aug 2022 18:12:58 GMT
etag: W/"630d01aa-2142"
expires: Thu, 13 Oct 2022 08:34:49 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2758
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvcnM95y6IovZTUnFHqa8djZmyxvfF4QsVttFOOsvmm9YGgfgwVzHk%2F4vEOS8tXjLTf0JW9v4v7aKOqbT3gwQoapxTxyMH5AdAFMd8pOGzqQfS1PC8BZL3h4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758ec2f5ef4c1c02-OSL
alt-svc: h2=":443"; ma=60
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/frame/login.php
20.199.19.234200 OK 7.7 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/frame/login.php
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (882), with CRLF line terminators
Hash 51ef66be088235f58a5af22e4ca473df
05dc8ba858e3ca1a3cf3c364fdd0c967e36c21d0
d5ad7110e1dbeeebc1f7ff8709f7900faab237052ac9c55aaba2a3cba47c1e88
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/frame/login.php HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 09:20:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download
20.199.19.234404 Not Found 315 B URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/scripts-6db7f1f3edd0e72b01f4957bf91c3b91.js.download HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 404 Not Found
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/translateelement.css
20.199.19.234200 OK 19 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/translateelement.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (18670)
Hash 15ab5dfc566a9a19f6e89a72b7819e43
064aac1e8bc5a26c5986e40659bc328157ec3b53
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
GET /Afslut/procedure/nem/lD/all/translateelement.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 18724
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
20.199.19.234200 OK 46 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text
Hash d1aafd46c75fda47a8d4fc4292ec3fcc
d5570e9d09d74ca0b4495992fec5ef86573c4437
068ee6c88c6d2629f9a797dac9288490b736f0c944d9a46d566da7cd8f913a1b
GET /Afslut/procedure/nem/lD/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Sat, 06 Aug 2022 15:29:08 GMT
Accept-Ranges: bytes
Content-Length: 46070
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
20.199.19.234200 OK 3.1 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3097), with no line terminators
Hash d0c0f9d25ebde42bbd552c8ad5363f01
97f08f3ee5a37bb5d291cf10fd8e5ce630467522
4f98589b5ad297e797fc12ed5b90a5e9244a17dbc34c5cee66e01ae8c1455d2c
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/cancel-d0c0f9d25ebde42bbd552c8ad5363f01.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 3097
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
20.199.19.234200 OK 2.8 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2846), with no line terminators
Hash 91ca9eec9eed6ed945355d650bb10d41
7178a477a6cc3271d5e2927cd2737af55804f576
8a22f5ea2bc34877a3334b91210c881523678eec1e915cf6a4ee261ba58121b1
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/technical-error-91ca9eec9eed6ed945355d650bb10d41.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 2846
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/translate_24dp.png
20.199.19.234200 OK 825 B URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/translate_24dp.png
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 55ff382a8b09329e3230a1797eb8f5fd
026ae089006a674da7dcc9bf6b986c5d59e75478
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
GET /Afslut/procedure/nem/lD/all/translate_24dp.png HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 825
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/no-connection-83f79e2367a313b468986e12a237c346.svg
20.199.19.234200 OK 5.0 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/no-connection-83f79e2367a313b468986e12a237c346.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4974), with no line terminators
Hash 83f79e2367a313b468986e12a237c346
6b0d0f5df661c328a99aefa3b9388507f35d7fba
3fc2607b1e133fb89affeca8fa96db25e9af2fa9d2f7960d2a9602df9e96ef72
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/no-connection-83f79e2367a313b468986e12a237c346.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 4974
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg
20.199.19.234200 OK 2.3 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2285), with no line terminators
Hash 830ab2367a74a48b4e61ce97be19c0bd
79cde6c94cedde8c6ce414952a6f71841b890b77
6bb27299ef7a2f71792920ae936f4f0800cf1a43ff5f8b4c835233fde4c1e387
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/nemid-830ab2367a74a48b4e61ce97be19c0bd.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 2285
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
20.199.19.234200 OK 3.1 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3104), with no line terminators
Hash 9bbd07dc81f3c2a11d2c7735b416ee18
41ee4ad48472fd2f93f765b87c77a606a04e5a00
a386a6170805a64ba2e46bcc37c79500b5207bd708b0d1da83cbcbc483e64cb7
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/something-went-wrong-9bbd07dc81f3c2a11d2c7735b416ee18.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 3104
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/empty-3857ebe69f653487f8c9d99adde4657f.svg
20.199.19.234200 OK 1.6 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/empty-3857ebe69f653487f8c9d99adde4657f.svg
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1642), with no line terminators
Hash 3857ebe69f653487f8c9d99adde4657f
134737f1f8882726ef1b50546546fa9d1479207c
d690ce1d3a1304fff86d11c4f38ad540da84949d881ea0c04b49bcc0f13483e0
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/all/empty-3857ebe69f653487f8c9d99adde4657f.svg HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 03:23:30 GMT
Accept-Ranges: bytes
Content-Length: 1642
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/frame/frame.css
20.199.19.234200 OK 183 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/frame/frame.css
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (39666), with CRLF line terminators
Size 183 kB (182872 bytes)
Hash 444760e737685c1ecc7f0b993f67ed65
b0eb98c01f4d33703f7d464e700a970dccc027b1
0a5713e8d7642dfa0d24a22dbc590f1400684909ff46bf429b8328d974a2e7dd
GET /Afslut/procedure/nem/lD/frame/frame.css HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/frame/login.php
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 12:58:24 GMT
Accept-Ranges: bytes
Content-Length: 182872
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/banner.png
20.199.19.234200 OK 40 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/banner.png
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 828 x 300, 4-bit colormap, non-interlaced\012- data
Hash 6629cb5350d6f3276b2dccc43bd3f397
63d964e5caaa541475a4c2da976871a9f9986067
9fc5b5c44107cfc6701be07fa5d5a4d7ab066607dd7ab6e9f396ac709e28424f
GET /Afslut/procedure/nem/lD/all/banner.png HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/login.php?&return_url=c35cdb230e699e883d03ba67179b7dc9&enrolmentID=9cd7b97176ab30d388e996e032bdc53c?securessl=true
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Sat, 06 Aug 2022 14:35:04 GMT
Accept-Ranges: bytes
Content-Length: 40339
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
20-199-19-234.cprapid.com/assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
20.199.19.234404 Not Found 315 B URL HTTP/1.1 20-199-19-234.cprapid.com/assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /assets/b90f1e1b93f3b23dd79e-11eca7aa5a85ec0c6cc3deba794b264e.woff HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
HTTP/1.1 404 Not Found
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20-199-19-234.cprapid.com/assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
20.199.19.234404 Not Found 315 B URL HTTP/1.1 20-199-19-234.cprapid.com/assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /assets/aa1ee103968475b48934-3a4d9a8b6adf39716f28af71fc9b030a.woff HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/all/styles-90d1ba6c2eef1d8f73fc94069cfe444b.css
HTTP/1.1 404 Not Found
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/partials/js/jquery.js
20.199.19.234200 OK 272 kB URL HTTP/1.1 20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/partials/js/jquery.js
IP 20.199.19.234:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Size 272 kB (272155 bytes)
Hash 3f24e8505d471bd934a5a68b86971580
876bd436d3b3c1436a8ac17a654e38d062acf45e
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
Analyzer Verdict Alert fortinet Phishing
GET /Afslut/procedure/nem/lD/partials/js/jquery.js HTTP/1.1
Host: 20-199-19-234.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/Afslut/procedure/nem/lD/frame/login.php
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 07:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/1.1 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 1842
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 07 Oct 2022 01:29:54 GMT
Expires: Sat, 07 Oct 2023 01:29:54 GMT
Cache-Control: public, max-age=31536000
Age: 460253
Last-Modified: Thu, 14 Oct 2021 09:08:00 GMT
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 12 Oct 2022 08:29:41 GMT
Cache-Control: max-age=3600
Expires: Wed, 12 Oct 2022 08:43:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0AKMxt-zcN6r1z7AJYe-5fFjaaxuwIiMmhJvafVqN9aO7bBcmSA2Og==
Age: 3066
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash c981b8706c0b42455526a0401d6bc511
1c5262eb7e8dd1ccadd835e2c7a5b1e2dfa7c2c8
288f3419b74ec7b16cf17810c81ec9ed3ac4bb5a9108fa181f5fae5843ce95f3
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "288F3419B74EC7B16CF17810C81EC9ED3AC4BB5A9108FA181F5FAE5843CE95F3"
Last-Modified: Tue, 11 Oct 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3023
Expires: Wed, 12 Oct 2022 10:11:10 GMT
Date: Wed, 12 Oct 2022 09:20:47 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 8a03233955eb5552da62c7fdc37e147f
7ce6021c84059606d219aade626583e053398e37
94253350dc99ef7856884e04088d8ad78649a43670d24ca3fddbfa70b0db696d
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "94253350DC99EF7856884E04088D8AD78649A43670D24CA3FDDBFA70B0DB696D"
Last-Modified: Tue, 11 Oct 2022 23:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Wed, 12 Oct 2022 10:11:01 GMT
Date: Wed, 12 Oct 2022 09:20:47 GMT
Connection: keep-alive
whos.amung.us/pingjs/?k=c32fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2FAfslut%2Fprocedure%2Fnem%2FlD%2Flogin.php%3F%26return_url%3Dc35cdb230e699e883d03ba67179b7dc9%26enrolmentID%3D9cd7b97176ab30d388e996e032bdc53c%3Fsecuressl%3Dtrue&y=&a=0&d=0.501&v=27&r=1199
104.22.75.171200 OK 48 B URL HTTP/1.1 whos.amung.us/pingjs/?k=c32fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2FAfslut%2Fprocedure%2Fnem%2FlD%2Flogin.php%3F%26return_url%3Dc35cdb230e699e883d03ba67179b7dc9%26enrolmentID%3D9cd7b97176ab30d388e996e032bdc53c%3Fsecuressl%3Dtrue&y=&a=0&d=0.501&v=27&r=1199
IP 104.22.75.171:0
File type ASCII text, with no line terminators
Hash bc685633717be2b0072e330f28f038f5
457ac447afb9533889b7a114f9519b1c60bf86fd
262513e974744eb1f3d8bfe592a6837d8dfaa6340645f8ed248bc89fd9d80d43
GET /pingjs/?k=c32fzsonjq&t=Nordea%20identification&c=s&x=http%3A%2F%2F20-199-19-234.cprapid.com%2FAfslut%2Fprocedure%2Fnem%2FlD%2Flogin.php%3F%26return_url%3Dc35cdb230e699e883d03ba67179b7dc9%26enrolmentID%3D9cd7b97176ab30d388e996e032bdc53c%3Fsecuressl%3Dtrue&y=&a=0&d=0.501&v=27&r=1199 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758ec2f91fa795e4-ARN
identify.nordea.com/assets/images/favicon.ico
158.233.249.230200 OK 1.2 kB URL HTTP/1.1 identify.nordea.com/assets/images/favicon.ico
IP 158.233.249.230:0
ASN #201271 Nordea Bank Abp
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 9a39921b4a8d93d5528b4ccdc5d76e91
104a457c782a4f1208b116660746296cb45dcbd6
53ce944ce5a3a9a312816854b4254f5b083d562c45ac63354a00add50fb88cdb
GET /assets/images/favicon.ico HTTP/1.1
Host: identify.nordea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Thu, 06 Oct 2022 04:23:22 GMT
Cache-Control: max-age=31536000
Content-Type: image/x-icon
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin
Content-Length: 1150
Strict-Transport-Security: max-age=157680000; includeSubDomains
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 34c15fee665f03aab24038618bb2d9a7
6b90ea5a496581b83daf1764938d1db1a5a32bb4
93e99055eb4a94f808eed2fac338d6c480047c30a56498b2a65036a7d5bdea04
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4156
Cache-Control: max-age=86119
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 09:20:47 GMT
Etag: "6345241a-1d7"
Expires: Thu, 13 Oct 2022 09:16:06 GMT
Last-Modified: Tue, 11 Oct 2022 08:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1613b00b1e99819ec6df82091ef17a7f
6f78b90a8f64b882ce87be68f8039cb27e7fcc1a
4ea23fab720956fb67aaeb51649f0bb1e0c0bced60b58c8640d402ad5ce86fae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 12 Oct 2022 09:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 09 Oct 2022 05:56:49 GMT
Expires: Sun, 16 Oct 2022 05:56:48 GMT
Etag: "6f78b90a8f64b882ce87be68f8039cb27e7fcc1a"
Cache-Control: max-age=332760,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758ec2f79dcc1c12-OSL
t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2FAfslut%2Fprocedure%2Fnem%2FlD%2Flogin.php%3F%26return_url%3Dc35cdb230e699e883d03ba67179b7dc9%26enrolmentID%3D9cd7b97176ab30d388e996e032bdc53c%3Fsecuressl%3Dtrue&j=
51.89.99.21200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2FAfslut%2Fprocedure%2Fnem%2FlD%2Flogin.php%3F%26return_url%3Dc35cdb230e699e883d03ba67179b7dc9%26enrolmentID%3D9cd7b97176ab30d388e996e032bdc53c%3Fsecuressl%3Dtrue&j=
IP 51.89.99.21:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=http%3A%2F%2F20-199-19-234.cprapid.com%2FAfslut%2Fprocedure%2Fnem%2FlD%2Flogin.php%3F%26return_url%3Dc35cdb230e699e883d03ba67179b7dc9%26enrolmentID%3D9cd7b97176ab30d388e996e032bdc53c%3Fsecuressl%3Dtrue&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Cookie: df=1665551276
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 12 Oct 2022 09:20:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: ger1
Set-Cookie: m=1; Domain=dtscout.com; Expires=Wed, 12-Oct-2022 10:44:07 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 12-Oct-2022 13:20:47 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
X-T: 0.781
Expires: Wed, 12 Oct 2022 09:20:46 GMT
Cache-Control: no-cache
t.dtscout.com/pv/?_a=v&_h=20-199-19-234.cprapid.com&_s=1&_ss=28cdb4cr7q&_pv=1&_ls=0&_cc=no&_pl=d&_b=firefox%4096&_cbid=7eli&_cb=_dtspv.c
51.89.99.21200 OK 0 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=20-199-19-234.cprapid.com&_s=1&_ss=28cdb4cr7q&_pv=1&_ls=0&_cc=no&_pl=d&_b=firefox%4096&_cbid=7eli&_cb=_dtspv.c
IP 51.89.99.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv/?_a=v&_h=20-199-19-234.cprapid.com&_s=1&_ss=28cdb4cr7q&_pv=1&_ls=0&_cc=no&_pl=d&_b=firefox%4096&_cbid=7eli&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Cookie: df=1665551276; m=1; oa=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 12 Oct 2022 09:20:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.138
X-C: 0
Expires: Wed, 12 Oct 2022 09:20:47 GMT
Cache-Control: no-cache
cdn.tynt.com/tc.js
104.18.18.39200 OK 6.7 kB IP 104.18.18.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 12 Oct 2022 09:20:47 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 151215
expires: Sat, 15 Oct 2022 09:20:47 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 758ec2faafbe1c16-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0&t=Nordea%20identification
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0&t=Nordea%20identification
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 12 Oct 2022 09:20:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!c32fzsonjq&dn=TC&cc=1&r=
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!c32fzsonjq&dn=TC&cc=1&r=
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!c32fzsonjq&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 13 Oct 2022 09:20:48 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 12 Oct 2022 09:20:47 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0&t=Nordea%20identification
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0&t=Nordea%20identification
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0&t=Nordea%20identification HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 12 Oct 2022 09:20:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 12 Oct 2022 09:20:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RQyjHB0FES15lsYDV/3D5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 15EzlbqUga0rCdavoBBx/pT3LHo=
ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 12 Oct 2022 09:20:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 12 Oct 2022 09:20:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!c32fzsonjq&lm=0&ts=1665566447749&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20-199-19-234.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 12 Oct 2022 09:20:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7707
Expires: Wed, 12 Oct 2022 11:29:16 GMT
Date: Wed, 12 Oct 2022 09:20:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7707
Expires: Wed, 12 Oct 2022 11:29:16 GMT
Date: Wed, 12 Oct 2022 09:20:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7707
Expires: Wed, 12 Oct 2022 11:29:16 GMT
Date: Wed, 12 Oct 2022 09:20:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d2e6a3-fdda-4fcf-8005-616606887def.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d2e6a3-fdda-4fcf-8005-616606887def.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cb1cec13e512112d85f494c2207dad9
b90edfbd7f9f5ee0a4d11597c8a9f79f75ff0efb
78f7e4cc530967e019ba13b85b5ae9350c80d138a5f3727be81a4b72e5e00491
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d2e6a3-fdda-4fcf-8005-616606887def.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9712
x-amzn-requestid: c47fefde-d06c-4c1e-ab92-189808a9b67e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BLOEEsoAMFRyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e247-1dde77920432dd6d0f0736f2;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: huq5TSvB_Bpijd-7dGWX0MSBQCibVRH_w5B53GVY30oAv1TUIU7xJg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:15 GMT
age: 41554
etag: "b90edfbd7f9f5ee0a4d11597c8a9f79f75ff0efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd963da4f-2224-4a6b-870c-5a00d4eeea55.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd963da4f-2224-4a6b-870c-5a00d4eeea55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 695b6d44466cc04c8a285331df94e54d
da11e5b4d9a5f744d41b868ab2b214d4eed5ae61
d4238fc77feff12cc6b2affe91b69cab59d54432d664b2bcd9fda46b229a46c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd963da4f-2224-4a6b-870c-5a00d4eeea55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6391
x-amzn-requestid: e102aa4b-a49b-410a-8e7d-a4b0c199527f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3B7fEIEoAMFi2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e37c-166ba51a39a11397074a990c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:43:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _SU9U-oPxR9eP_v2NEhokLeiaS7pwa-2aoFNCDbD-59eSlCF73r29w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:37 GMT
etag: "da11e5b4d9a5f744d41b868ab2b214d4eed5ae61"
content-type: image/jpeg
age: 41532
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: e0271885-6c76-4a8c-98a2-4df8ee86a688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuA_FmaoAMF3AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344906c-6fe5dce86e61bd8027759559;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ROEKJli245ZEsFkeeHB5X8rleZ5J_guNsrNe50nMZIQO-KFzJsk7Kw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 04:00:27 GMT
age: 19222
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b27843b-6db3-4814-9994-17e045a63aa0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b27843b-6db3-4814-9994-17e045a63aa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11e980738145ef210c79c53661250c69
582b175bb7906f1172f0b57ba35bb2b852354191
f6ca02d3b0be808254383577ebf224ab3ca4b30b7d9444a3e2350bab5f32b4ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b27843b-6db3-4814-9994-17e045a63aa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8672
x-amzn-requestid: 047fc0d0-4b2a-4a36-b8b3-84694166b941
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3AlJGwPIAMFc6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e153-1c4105347211bfc94955ddd4;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U2o0vdvzMkBZ_Ctl5xj2BCBPReopRlewWlkYgywFbavP3sjTf99TxQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 21:48:15 GMT
age: 41554
etag: "582b175bb7906f1172f0b57ba35bb2b852354191"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5d47115d404a4b49a15c5aa29f132c2
22a32b863ce79c6165cc90e998f1498bf9e74fd0
549725a62e4c15820c47249ae933120bbb091a55331be511b486307e33ec59c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50df13c8-d4e3-4d87-8794-332894dfce82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7108
x-amzn-requestid: 9f8e92e1-b64f-46b4-8a87-4d0e5c21bdaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BzOEmzoAMFsoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e347-3ec5e4d50d2e14a17f88a64d;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:42:31 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 07WNuyF4EIA2AAZyB4kU669K49Jzqys2YvkfnzEb2aIn3Dq6K_CT2g==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:12 GMT
age: 40297
etag: "22a32b863ce79c6165cc90e998f1498bf9e74fd0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eda06240feabfa1b019765fe963c2d9c
3bbdd5560213e9b49ab7c079c5f2549d68890720
cd3724bfc1355b419c46df1259bfa40b4b4517a81bd45a4392d34e22c14a3d6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74c4905d-ef25-43db-8882-67009cd34f1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3985
x-amzn-requestid: 6da73a65-c346-4040-9a03-63d5d6845adf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1Cr1HeVoAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634517e5-34af0c8d6dc8218963b7319c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 07:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LAjdvQ29NhOnJjwigVkIjb7vx5tCPJPrHOOPmUD5Vh9N45WN4ZZXCg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 07:45:22 GMT
age: 5727
etag: "3bbdd5560213e9b49ab7c079c5f2549d68890720"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2