| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1456357aecbd23f21ad98da57e0127eb 7074815b39fa8da9013883971d665e4c1b0797ea f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5157
Expires: Wed, 23 Nov 2022 14:18:03 GMT
Date: Wed, 23 Nov 2022 12:52:06 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash770d09773b5f304acf141fd66a4862b4 5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5 c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3201
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:52:06 GMT
Last-Modified: Wed, 23 Nov 2022 11:58:45 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 12:18:48 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1998
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash054ff0d1a0a43f7cb1d78dbd34e27f99 3caf54f3de1d6a8c6f6454083f8b8e7dec77db54 fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12731
Expires: Wed, 23 Nov 2022 16:24:17 GMT
Date: Wed, 23 Nov 2022 12:52:06 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dQs5g6wi6McuCeIVdkJPUK+oIx4LMRNt9TyD7xci6tt/1XJWbdvrZgJqtczN2Hh33ZcDhEZE3AU=
x-amz-request-id: DN8HZDA2H7A50Z51
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 12:40:00 GMT
age: 726
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:52:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 12:11:11 GMT
cache-control: public,max-age=3600
age: 2455
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hasheb52164d651f5f45416e873aec29eb04 405b29bb7e7cd4367cf82988f8603e53db65f139 ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:52:06 GMT
Last-Modified: Wed, 23 Nov 2022 12:19:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.149.156.115 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.156.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qXFe0QiP0W3J5nhtPy3nNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fqVdAdMyNjyXXKnmVzktt+rbLi4=
|
|
| www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_NDR.docx?zhi-j1yP | 94.100.132.71 | 301 Moved Permanently | 309 B |
URL HTTP/1.1www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_NDR.docx?zhi-j1yP IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash6ecf474c73adf1f16333564f403f528c 196f6711872d38d780f6af272e7c9894d2a32346 18efe3141d7acc005d754a95ad7fbdda9838a563340cf0d28c26d701fa00704e
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /file/Bewerbungsunterlagen_NDR.docx?zhi-j1yP HTTP/1.1
Host: www.wetransfer.safe-browsing.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 309
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Nov 2022 12:52:07 GMT
Location: https://phishing-training.it-seal.de?token=zhi-j1yP
Server: Caddy, gunicorn
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash611d1eca860866489908506a26bd6a2a 5e8c401f098357cd12889a6e507baf7c8a87772a e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Wed, 23 Nov 2022 14:15:29 GMT
Date: Wed, 23 Nov 2022 12:52:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash611d1eca860866489908506a26bd6a2a 5e8c401f098357cd12889a6e507baf7c8a87772a e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Wed, 23 Nov 2022 14:15:29 GMT
Date: Wed, 23 Nov 2022 12:52:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash611d1eca860866489908506a26bd6a2a 5e8c401f098357cd12889a6e507baf7c8a87772a e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Wed, 23 Nov 2022 14:15:29 GMT
Date: Wed, 23 Nov 2022 12:52:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash611d1eca860866489908506a26bd6a2a 5e8c401f098357cd12889a6e507baf7c8a87772a e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5001
Expires: Wed, 23 Nov 2022 14:15:29 GMT
Date: Wed, 23 Nov 2022 12:52:08 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash309227dc1b5f9193c6be8f5a010fa348 dff12e88a784a954012f257d3689862c52251d01 2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 53720
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc8f6118fc03f31862ff68fef8a2b9a7f 318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73 cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:54:28 GMT
age: 53860
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash050f43f830803646a2ece48e01ac8d24 d359314799f8873b35580dd5f8c64b75dfa4ffe3 d4ad8c9e5e1fe428c55c02e567aba32664055f8a881ee6aff8438c3a09124f3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6475
x-amzn-requestid: b3f37508-ce80-4bfd-8f40-d98c1ee57f7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQlaF-9IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e22-42b6d99c69142d1e37161d69;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:02:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QUkCjTAybAgpQQtHzlnzyOGXy7K7mB8G6iap0_OlDkTVGJe_sK3-zQ==
via: 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:43:39 GMT
age: 18509
etag: "d359314799f8873b35580dd5f8c64b75dfa4ffe3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash03830e3ff377979c234bf37561c54cfd c18884ce9370c97e6b4e12ab0f827d68a1938bfa 5ba8bfc69c7eba42de4a16bf6d1e1e3570cd3918fe15cb8b2d25950ef791ddbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8365
x-amzn-requestid: e6c2ec6e-525e-4b9f-a45d-63076580df5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrpFJ3oAMF4mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee4a-576f678b6e364bca09532010;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 89jqCw8OJIxusDPoTi5-HDxWcgCfNvRrku2VFBLcQbFJwLLaZBpHGA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 13:32:03 GMT
age: 84005
etag: "c18884ce9370c97e6b4e12ab0f827d68a1938bfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc6380f73d47906bd63b9c48137e4df61 94e053461d2db89e9d08321f26a2555ebcd7e0b9 84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 51193
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c463ad-46db-4c1c-a9ef-76d12a5dbcd7.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c463ad-46db-4c1c-a9ef-76d12a5dbcd7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash31e6c88ba7f6e2f34a3f8c0986a5d358 ee9fe28661702bb56a5eae71ab66dda08c87cf50 9fa1bbbe3c52215f34509683ae2c1992f2319e2eef36e93dc1e6a29fe17df39b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c463ad-46db-4c1c-a9ef-76d12a5dbcd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9422
x-amzn-requestid: 54b47f3f-b844-4a49-9f8d-e8e84fb7e368
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1E7dFmUoAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63784eaf-3b5e86df3ff40b13562e2c43;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 03:34:07 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: wWYPC7AC0W8v9d8CnSGCRT3P4kwYa25Ri6NTQHZTME1JChRK4EWoHg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:35 GMT
age: 52713
etag: "ee9fe28661702bb56a5eae71ab66dda08c87cf50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css | 46.165.253.9 | 200 OK | 236 B |
URL HTTP/2cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
Hash5e4bb043b759283363876ab15c299602 df39095fb31b46aeb3d357fbcdda06577ee72fe9 b5d9f71a187ee086d1422a5b20e4496cace40010f0bbd804d4641ffdae5575d3
GET /it-seal/fonts/open-sans/open-sans.css HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: W/"qxdzylq4"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 236
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css | 46.165.253.9 | 200 OK | 163 B |
URL HTTP/2cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
Hashac825df3791896cf70e4f10e70712452 e793692fc74bea3580e490635cc428cc7f9ad1a1 3ebca15ca8eaa75707fd0cc7589cbd32325290769ce2a46f47792149eeb64f3e
GET /it-seal/fonts/courier-prime-sans/courier-prime-sans.css HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: W/"qxdzyl9s"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 163
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/d23f7a3.js | 94.100.132.71 | 200 OK | 81 kB |
URL HTTP/2phishing-training.it-seal.de/_nuxt/d23f7a3.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
Hashc8204412142b1edb6ac92628f571d3a5 38f509cce1b2897e639927beae602074925dd81d 62563abb838169412c054c97017fabeb23ffa3163078552e9f668dea1479849b
GET /_nuxt/d23f7a3.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"21687-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/38ea98a.js | 94.100.132.71 | 200 OK | 48 kB |
URL HTTP/2phishing-training.it-seal.de/_nuxt/38ea98a.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
Hash557f186ea912f753f753996322da6f5e 98168ed2384e810ebb283d89e7c498572e1dd600 3eb1f81b8f51f37885188745a05b89fd9a9501f51a40ffed743158364202e521
GET /_nuxt/38ea98a.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"1518-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Light.woff2 | 46.165.253.9 | 200 OK | 46 kB |
URL HTTP/2cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Light.woff2 IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 45812, version 1.0\012- data Hash559e978f49dc58dbe4213c714d308483 70fbcba4e78b189d7b14a007deb674f68c07949d c42014995e3763f5fd8d42a07ddc4f2d12486017484f2324f3e6afb46029df82
GET /it-seal/fonts/open-sans/OpenSans-Light.woff2 HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://phishing-training.it-seal.de
Connection: keep-alive
Referer: https://cdn.it-seal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://phishing-training.it-seal.de
content-type: font/woff2
etag: "qxdzylzck"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Origin
content-length: 45812
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/AATM/AATM.svg | 46.165.253.9 | 200 OK | 23 kB |
URL HTTP/2cdn.it-seal.de/it-seal/AATM/AATM.svg IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
Hash1761d2d0b4ef19a9d75282c3dced832f 6b2585ee79099b1b5fa78184d278af29d6e40388 400d02b636a197a4412ed638f11c09c9c0589d035258fd7039ac5f42777a9d97
GET /it-seal/AATM/AATM.svg HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: W/"r5na9rgzl"
last-modified: Thu, 13 Jan 2022 10:53:51 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/icons/favicon-256x256.png | 46.165.253.9 | 200 OK | 35 kB |
URL HTTP/2cdn.it-seal.de/it-seal/icons/favicon-256x256.png IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typePNG image data, 256 x 256, 8-bit/color RGB, non-interlaced\012- data Hashdcb6dab687da17991edfb820e2484129 7e41f91b1abf22e9d5e9fc9a4f07295dc2a6f8cb 181171e423a46c201e9be2f6114617092f69091dd386fe5ca1b5c17fcef901f4
GET /it-seal/icons/favicon-256x256.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylr1a"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 35038
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/icons/favicon-16x16.png | 46.165.253.9 | 200 OK | 884 B |
URL HTTP/2cdn.it-seal.de/it-seal/icons/favicon-16x16.png IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data Hashaf4c9d7cd828b2f49636b240809bfb83 4ff2b162029537604b6a9334fd93b348c4f60510 bb0c7ac5b45e8a51675486a9318d2dde9c447933a1f95320b951916eb0a7080d
GET /it-seal/icons/favicon-16x16.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylok"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 884
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/en?token=zhi-j1yP | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/en?token=zhi-j1yP IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /en?token=zhi-j1yP HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: i18n_redirected=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 12:52:08 GMT
etag: "46a49-pHUkX3yMsgBRE1vBQWYmHvZV6h0"
server: Caddy
set-cookie: i18n_redirected=en; Path=/; Expires=Thu, 23 Nov 2023 12:52:08 GMT; SameSite=Lax
token=zhi-j1yP; Max-Age=172800; Path=/
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/a393ceb.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/a393ceb.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/a393ceb.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"2e3c2-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/teachable-moment/angelschnur_haken_login.svg | 46.165.253.9 | 200 OK | 0 B |
URL HTTP/2cdn.it-seal.de/teachable-moment/angelschnur_haken_login.svg IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
GET /teachable-moment/angelschnur_haken_login.svg HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: W/"qxdzylcai"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
date: Wed, 23 Nov 2022 12:52:09 GMT
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /vendor/intro.js/minified/intro.min.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"70fe-17583ab8368"
last-modified: Sun, 01 Nov 2020 11:57:37 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/07896ce.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/07896ce.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/07896ce.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"5207-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/?token=zhi-j1yP | 94.100.132.71 | 302 Found | 0 B |
URL HTTP/2phishing-training.it-seal.de/?token=zhi-j1yP IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /?token=zhi-j1yP HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 23 Nov 2022 12:52:08 GMT
location: /en?token=zhi-j1yP
server: Caddy
set-cookie: i18n_redirected=en; Path=/; Expires=Thu, 23 Nov 2023 12:52:08 GMT; SameSite=Lax
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/vendor/intro.js/minified/introjs.min.css | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/vendor/intro.js/minified/introjs.min.css IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /vendor/intro.js/minified/introjs.min.css HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: text/css; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"23d2-17583ab8368"
last-modified: Sun, 01 Nov 2020 11:57:37 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/1217fb2.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/1217fb2.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/1217fb2.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"348c7-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/img/phishing-mail.3825c8d.svg | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/img/phishing-mail.3825c8d.svg IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/img/phishing-mail.3825c8d.svg HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: image/svg+xml
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"997-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/vendor/polyfill.min.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/vendor/polyfill.min.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /vendor/polyfill.min.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=zhi-j1yP
Cookie: i18n_redirected=en; token=zhi-j1yP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 12:52:09 GMT
etag: W/"1333a-181cf16f448"
last-modified: Tue, 05 Jul 2022 15:59:57 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|