direct-credit-suisse-e1f47.firebaseapp.com/login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed
199.36.158.100301 Moved Permanently 0 B URL HTTP/1.1 direct-credit-suisse-e1f47.firebaseapp.com/login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed
IP 199.36.158.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed HTTP/1.1
Host: direct-credit-suisse-e1f47.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://direct-credit-suisse-e1f47.firebaseapp.com/login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed
Accept-Ranges: bytes
Date: Thu, 01 Dec 2022 23:52:00 GMT
X-Served-By: cache-bma1648-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1669938720.461921,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3779
Expires: Fri, 02 Dec 2022 00:54:59 GMT
Date: Thu, 01 Dec 2022 23:52:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4860
Cache-Control: max-age=129612
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:00 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:52:12 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7303
Expires: Fri, 02 Dec 2022 01:53:43 GMT
Date: Thu, 01 Dec 2022 23:52:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 23:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1930
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z2nILS+CN9MDvboG1PkV2foQQPObBLfI992m3b+BgvxwV3FzxG0dOpn3WhlADFri3SKvi4+wsFg=
x-amz-request-id: 902WNQKJWRKM77B2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 23:45:51 GMT
age: 369
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
direct-credit-suisse-e1f47.firebaseapp.com/login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed
199.36.158.100200 OK 12 kB URL HTTP/2 direct-credit-suisse-e1f47.firebaseapp.com/login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (425)
Hash 7cb8d73e19d7446fd17f544b5f9b0947
0862b1572838126d418e90d566b20b8b1937aadd
a417d25c6f9941b543f633db2f88d566fedbdb1fec81004d7dc4d3e799a3b766
Analyzer Verdict Alert quad9 Sinkholed
GET /login.html?session=oV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr&auth=fa1fc0dc-cefb-4310-8474-3091e026cfed HTTP/1.1
Host: direct-credit-suisse-e1f47.firebaseapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "27e7c5e87bb488c134e0854afb387cd728a0d7b7d2c7ccd1fb53a7e77e3e6e9d-br"
last-modified: Wed, 30 Nov 2022 20:23:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Thu, 01 Dec 2022 23:52:00 GMT
x-served-by: cache-bma1640-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669938721.688885,VS0,VE67
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12160
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/xv7Q07ZM-NY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/xv7Q07ZM-NY
IP 142.250.74.131:0
Hash 24baf0f90a2d38da67f729438a429ea3
f96d64781680e388ad1fb40648cf7b501b0437c9
c23109a8729b793fe14db59f9ecb3461cbd550e1e57482653ceef6f1112030be
POST /s/gts1d4int/xv7Q07ZM-NY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 23:52:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 06fc2114946e9805db925bf54fbb908b
2214214619ca63b6cdfad39a231a4aaba6c682c4
884ffbd3c4b70a88cd6b7fb2602b6693e8c1657c8a52a424d46db9e0c671251a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4764
Cache-Control: max-age=145349
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "6388c04a-118"
Expires: Sat, 03 Dec 2022 16:14:30 GMT
Last-Modified: Thu, 01 Dec 2022 14:55:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/6.1.1/firebase-auth.js
142.250.74.35200 OK 51 kB URL HTTP/2 www.gstatic.com/firebasejs/6.1.1/firebase-auth.js
IP 142.250.74.35:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 99217f8b4bd38b686c487c355cea9de9
f62878357f16df9f909958ac4540d28116dc5d55
92fa6342aed2bfff5bb56e122e07a00048e7cb3e341a696e3cffca83733ec430
GET /firebasejs/6.1.1/firebase-auth.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 51196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 05:54:22 GMT
expires: Sun, 26 Nov 2023 05:54:22 GMT
cache-control: public, max-age=31536000
age: 496659
last-modified: Thu, 06 Jun 2019 21:07:48 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/7.3.0/firebase-analytics.js
142.250.74.35200 OK 7.0 kB URL HTTP/2 www.gstatic.com/firebasejs/7.3.0/firebase-analytics.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (21419)
Hash d846a2e20e468143b8c1d16506676f61
3b7b9b23d118e5fa829b4590dac114729067583b
7ef679e5249b1294f6f4ba12fd2a71001aa3b78944c0c5408fd75cf65d55eb5d
GET /firebasejs/7.3.0/firebase-analytics.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6955
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:34:48 GMT
expires: Fri, 01 Dec 2023 08:34:48 GMT
cache-control: public, max-age=31536000
age: 55033
last-modified: Thu, 07 Nov 2019 23:11:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/7.3.0/firebase-app.js
142.250.74.35200 OK 4.1 kB URL HTTP/2 www.gstatic.com/firebasejs/7.3.0/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (12024)
Hash 28c636c993e7e1c9f91062a5ae7e9ad3
77a3eeb7ae16a6296a41bcba68edd9cec7132c0d
549e9eefe09d5f2579ce3e80b0eab78da68113d741c9c78ec82511999d3a97cb
GET /firebasejs/7.3.0/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 4111
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 14:26:42 GMT
expires: Tue, 28 Nov 2023 14:26:42 GMT
cache-control: public, max-age=31536000
age: 293119
last-modified: Thu, 07 Nov 2019 23:11:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js
151.101.65.229200 OK 669 B URL HTTP/2 cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (1366), with no line terminators
Hash 410a517cf9f3478998f3b01bbcb6fdc9
f3374770c11535a58ef6ac7ff44fea0c2e6f9d35
37ffa90fc1782840938551dbc7a8366efa13f68af2c289e68765a89d8d1c3e48
GET /npm/uuid@latest/dist/umd/uuidv4.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 8.3.2
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 23:52:01 GMT
age: 4411
x-served-by: cache-fra19158-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 669
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:52:01 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669938721.dop208.sk1.t,1669938721.cds228.sk1.hn,1669938721.cds210.sk1.c
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/6.1.1/firebase-database.js
142.250.74.35200 OK 48 kB URL HTTP/2 www.gstatic.com/firebasejs/6.1.1/firebase-database.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5bfd3a1d2d4c274f1cd3a7b8c59af760
2b0ccd97366bd4d62c246d56c301f30893f2d8e7
5ed649d66a13882552107974d1591bd60f9799111e60adb56d8e720ed39ddff6
GET /firebasejs/6.1.1/firebase-database.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 47735
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:45:39 GMT
expires: Wed, 29 Nov 2023 14:45:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Jun 2019 21:07:48 GMT
content-type: text/javascript; charset=UTF-8
age: 205582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 76309e3d4a405429fb0d1ed04670034e
a3f8ccac7900fc7015f8327083c587da66337a89
efb37c98b5eaf52948484015c6b057632f63f1f16f4f28bc2b765eeff0638c5c
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:52:01 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F8CDCA1D97FAEECF22F696F3FD2E4A127EE692DF"
Expires: Fri, 02 Dec 2022 11:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2316
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772fbbef4c821bfa-OSL
unpkg.com/axios@1.2.0/dist/axios.min.js
104.16.123.175200 OK 50 kB URL HTTP/2 unpkg.com/axios@1.2.0/dist/axios.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (29551)
Hash b91067f51c02b8a6beb9665401f045ba
18e3845bb75cd7d5a916dd41d0dd853c297adc86
8b9d8aa50e5f194481adf3d3a2d23a007cf7382ab4add02bdf25f97c36bd810e
GET /axios@1.2.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 23:52:01 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7396-Wc6sdIzlj1RsovoMRKQah8UZFhA"
via: 1.1 fly.io
fly-request-id: 01GJGC0D1SRCGJTEVMAF435H8Z-ams
cf-cache-status: HIT
age: 794459
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772fbbef6dda0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 23:11:15 GMT
cache-control: public,max-age=3600
age: 2446
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8zRofmzdPas
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8zRofmzdPas
IP 142.250.74.131:0
Hash 928787913d912ccfb57b94ff920ddd6f
a16f49efe281fae7790855d5dbb935bdd6aa4375
a98416339a34e7ea0631466b676dc11ef24f47044b5b2d1d5d703e6bf71e5300
POST /s/gts1d4/8zRofmzdPas HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: max-age=124540
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:27:41 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash f77dd0d4befa95c1c3deea934e4b4289
92b713ab9cb409a4bff1beb666f8fe7efe67546f
306695780d5e8f0b76985102dc2c33e53c9d538ad19a43f490fb99da5edad04c
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3185
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "92b713ab9cb409a4bff1beb666f8fe7efe67546f"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 22:58:56 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1753
www.googletagmanager.com/gtag/js?l=dataLayer
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?l=dataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 7e16e16d676fee31d4cbdd30f21ea21c
1a4bccb2b54a2b09b18fb6849c21828a3f9c5967
310c89896e45d877f26f270dcd3ae6a204bc18bd7d3f3c0f46a95e1c24ff0719
GET /gtag/js?l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 23:52:01 GMT
expires: Thu, 01 Dec 2022 23:52:01 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 22:13:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash f77dd0d4befa95c1c3deea934e4b4289
92b713ab9cb409a4bff1beb666f8fe7efe67546f
306695780d5e8f0b76985102dc2c33e53c9d538ad19a43f490fb99da5edad04c
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3185
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "92b713ab9cb409a4bff1beb666f8fe7efe67546f"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 22:58:56 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1753
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash f77dd0d4befa95c1c3deea934e4b4289
92b713ab9cb409a4bff1beb666f8fe7efe67546f
306695780d5e8f0b76985102dc2c33e53c9d538ad19a43f490fb99da5edad04c
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3185
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "92b713ab9cb409a4bff1beb666f8fe7efe67546f"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 22:58:56 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1753
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash f77dd0d4befa95c1c3deea934e4b4289
92b713ab9cb409a4bff1beb666f8fe7efe67546f
306695780d5e8f0b76985102dc2c33e53c9d538ad19a43f490fb99da5edad04c
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3185
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "92b713ab9cb409a4bff1beb666f8fe7efe67546f"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 22:58:56 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1753
ocsp.pki.goog/s/gts1d4/8zRofmzdPas
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8zRofmzdPas
IP 142.250.74.131:0
Hash 928787913d912ccfb57b94ff920ddd6f
a16f49efe281fae7790855d5dbb935bdd6aa4375
a98416339a34e7ea0631466b676dc11ef24f47044b5b2d1d5d703e6bf71e5300
POST /s/gts1d4/8zRofmzdPas HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4int/5EXjxzFGjgM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/5EXjxzFGjgM
IP 142.250.74.131:0
Hash dded16aba60d219f3431d24598a39fa0
90623342e4adafb8e3f87857dd8c849c90021725
59c9e42c87787b45d8030e78057fc7082ed55f1e7dcde99ec9ffec1c350dbaa6
POST /s/gts1d4int/5EXjxzFGjgM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash 0048fc482bdb389005adf77f191d4546
c1fe2a5920d2122d151d4b8fb59477f06750ce4e
7179c88b5ef6fa60a8fb5b6d0f6580a43551a5f677eb569ad9f21ff85f215ae3
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 892
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "c1fe2a5920d2122d151d4b8fb59477f06750ce4e"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 23:37:09 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1781
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash 0048fc482bdb389005adf77f191d4546
c1fe2a5920d2122d151d4b8fb59477f06750ce4e
7179c88b5ef6fa60a8fb5b6d0f6580a43551a5f677eb569ad9f21ff85f215ae3
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 892
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "c1fe2a5920d2122d151d4b8fb59477f06750ce4e"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 23:37:09 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1781
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qQ5IQZPHOh4UtQU9tTSsag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qwTx4adQ0z5MMEkQVp7wBdkqlVY=
cpnlify-default-rtdb.firebaseio.com/.ws?v=5
34.120.160.131101 Switching Protocols 0 B URL HTTP/1.1 cpnlify-default-rtdb.firebaseio.com/.ws?v=5
IP 34.120.160.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.ws?v=5 HTTP/1.1
Host: cpnlify-default-rtdb.firebaseio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ybti1Vl4gE34Q+jVuRNtzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 01 Dec 2022 23:52:01 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +H7cB5O7HhNO2Bmfbe+OzIBVVG4=
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.svg
198.240.216.40302 Found 330 B URL HTTP/1.1 direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.svg
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 132a4224dbcbfd8e3b625980b59bd2e4
71ce8e60ecd592f6b0874906bdd817a54d422b75
96e00c04f316994bce509387e29d12d2913ec658d77b33179fda0e707230f296
GET /dn/p/slogin/css/fonts/cs-icon-font-cb.svg HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:01 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check?trg=_RThUg8fAXc6pyxqX5tXEI_u7IZUWyN09MsUETNgXiAgUpdV7K_0IROWuEyr_3Q-wj0UrExNBtAWUfNXwEpDXKSDJz6lZ8wwWtk_uLi4dbNf7Ob-0yrU6Pw3Brza__cE
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SCDID_S=VTB0HJ-DrXenm7yRrIMAbnYFFRZ4PYdzk7mIjK86ABErhYsriDz9dg$$; path=/; Secure; HttpOnly; SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash 0048fc482bdb389005adf77f191d4546
c1fe2a5920d2122d151d4b8fb59477f06750ce4e
7179c88b5ef6fa60a8fb5b6d0f6580a43551a5f677eb569ad9f21ff85f215ae3
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 892
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "c1fe2a5920d2122d151d4b8fb59477f06750ce4e"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 23:37:09 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1781
direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.eot
198.240.216.40302 Found 330 B URL HTTP/1.1 direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.eot
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d36cc26e0c4ad86ac1aae28f8608c2ed
dbb7a9a66a9120ba22d1e725337d5cf875cb94b2
88808cbc7543daafd88e730fe49eca19f729c5f2dda2e4e64c2fc92e0e7471cf
GET /dn/p/slogin/css/fonts/cs-icon-font-cb.eot HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:01 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check?trg=YVbgbLqUaICEJjBEAO_EmrEOt-HEPDUum4EY1gM52-RGUHoJuNaIXpehCjzsIrb-hFkkNazvk0xZii2C3dgLsA3WP8cthOFM8bdK5W7ZUKhKQqXOoLoONVoYfMKgOrS7
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SCDID_S=jlmAuhRCDmID-NEKvKBPEf_k3INXIvEItvLnf4NwGYWTW5CyoWC7KA$$; path=/; Secure; HttpOnly; SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.ttf
198.240.216.40302 Found 330 B URL HTTP/1.1 direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.ttf
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f863e869a37cc28534fb2941757bbace
b486ed81405cd400d31c2ea553093f5f57e34ed4
a40d55e8fb7ae539b40fe6972bcd5168b246fa764e73f8b6c5d7585168408848
GET /dn/p/slogin/css/fonts/cs-icon-font-cb.ttf HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:01 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check?trg=4xbHQT9vZv9NC2MZzLPWdvydBEyBuZswDeDzffS2rKH6VVdUZnLAFvAXNG2b8IR5lyYXLTu92A0xxd8VMgBp1kCMvrgmsmgGFe26HwjJHZREZW9DQDZ01gyQGhl7y3_w
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SCDID_S=z7PtdlKaschR7j-S2_JtbmwRD1j-1CrofFWLFdZdBcrBrZWdnnVzPg$$; path=/; Secure; HttpOnly; SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.quovadisglobal.com/
152.195.38.89200 OK 1.8 kB IP 152.195.38.89:0
Hash 0048fc482bdb389005adf77f191d4546
c1fe2a5920d2122d151d4b8fb59477f06750ce4e
7179c88b5ef6fa60a8fb5b6d0f6580a43551a5f677eb569ad9f21ff85f215ae3
POST / HTTP/1.1
Host: ocsp.quovadisglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 892
Cache-Control: max-age=155519,public,no-transform,must-revalidate
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:01 GMT
Etag: "c1fe2a5920d2122d151d4b8fb59477f06750ce4e"
Expires: Sat, 03 Dec 2022 23:52:00 GMT
Last-Modified: Thu, 01 Dec 2022 23:37:09 GMT
Server: ECAcc (sgb/C77D)
X-Cache: HIT
Content-Length: 1781
direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.woff
198.240.216.40302 Found 330 B URL HTTP/1.1 direct.credit-suisse.com/dn/p/slogin/css/fonts/cs-icon-font-cb.woff
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d10d06ecfc1de60d2be642524385e49
274f57484581c6a21df531b0f83f0c50d403318b
7ff4266597f87a924ef1f8ef11feceed48bc46ed39dea60e0ab3299d137a8513
GET /dn/p/slogin/css/fonts/cs-icon-font-cb.woff HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:01 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check?trg=1ZavVGzFndoLRCuwQNXek02ROe3GJS7HsxM8yYjkN_gEj9whCoI_VAcRU2zlf425NtzbfLINQ0L6nC2I21UVObvcAwsnI2Do-zUY0o8xYCEBo1AfkcMxA02MKbJo536B
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SCDID_S=i1Vne7CP6hflSIba_K9TGnkhZ9f6oxrQMrtFlHfXNHuFLN1j9IjlnQ$$; path=/; Secure; HttpOnly; SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firebaseinstallations.googleapis.com/v1/projects/cpnlify/installations
142.250.74.42200 OK 0 B URL HTTP/2 firebaseinstallations.googleapis.com/v1/projects/cpnlify/installations
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/projects/cpnlify/installations HTTP/1.1
Host: firebaseinstallations.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://direct-credit-suisse-e1f47.firebaseapp.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Thu, 01 Dec 2022 23:52:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
direct.credit-suisse.com/dn/p/slogin/img/cs/favicon-16x16.png
198.240.216.40302 Found 322 B URL HTTP/1.1 direct.credit-suisse.com/dn/p/slogin/img/cs/favicon-16x16.png
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 53e549b96de722f97123008a05e1f7b1
950a10f395a758224e023f9e841a1804fccc3676
cfacf1953f24219e4c5761e34272dab1b2a9c8e5390ec5ba778abeaa9984c01c
GET /dn/p/slogin/img/cs/favicon-16x16.png HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:02 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check?trg=Exl5dYzP3bN7sxvr_nCtX6ioE1aH9KqwiOLv_TT90ZBnFc0w8QNuWQkJKqAv0EfyMZG1-jNACKdNlT6WpldOaE4LGkLIDYQR0gwe10gl0DAUi8iomPGPkw$$
Content-Length: 322
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SCDID_S=Wk8FXssUN_gbNneYLu5GsQqVM5BZnSL7oaja9YxYY8SugZlTa3t6MA$$; path=/; Secure; HttpOnly; SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
direct.credit-suisse.com/dn/p/slogin/img/cs/favicon-194x194.png
198.240.216.40302 Found 330 B URL HTTP/1.1 direct.credit-suisse.com/dn/p/slogin/img/cs/favicon-194x194.png
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ddb64af97d1d51fdc98db7af8e22005
3b92b21d684cae9c25b271b89a7f962ca2993444
a9f080422de8c37b531c35b24c3111e5f373bb5c4ccb2c6daa2801d9882282f2
GET /dn/p/slogin/img/cs/favicon-194x194.png HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:02 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check?trg=KRsieLUbOX9bMvcqMTFlTGFxYymkYojCnQIGrd82dILkFidUMinuogp1CdMjak14d1H1tTpC4UWjsQRdmuv7YtCsXv4TrK_wkiNymDe--BSwCUOWKTNsc9HrYkn3Ntu0
Content-Length: 330
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: SCDID_S=SHXw6QlLkxXcCeUpXgN08WdpPT4WfSaWcZ3RX7KcV-wHYRaUqfIA_w$$; path=/; Secure; HttpOnly; SameSite=Lax
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 23:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
direct.credit-suisse.com/cookie-check?trg=Exl5dYzP3bN7sxvr_nCtX6ioE1aH9KqwiOLv_TT90ZBnFc0w8QNuWQkJKqAv0EfyMZG1-jNACKdNlT6WpldOaE4LGkLIDYQR0gwe10gl0DAUi8iomPGPkw$$
198.240.216.40302 Found 303 B URL HTTP/1.1 direct.credit-suisse.com/cookie-check?trg=Exl5dYzP3bN7sxvr_nCtX6ioE1aH9KqwiOLv_TT90ZBnFc0w8QNuWQkJKqAv0EfyMZG1-jNACKdNlT6WpldOaE4LGkLIDYQR0gwe10gl0DAUi8iomPGPkw$$
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8bf8ef2cacd5877e3e4742a329e9b0e4
c27a6c16f174aa1b2aadc4e165cd677eb263cb5b
9bc0fd3f190e136f8141adeb1257b07092a48564fb2cce16f6c4c2e2734ac25f
GET /cookie-check?trg=Exl5dYzP3bN7sxvr_nCtX6ioE1aH9KqwiOLv_TT90ZBnFc0w8QNuWQkJKqAv0EfyMZG1-jNACKdNlT6WpldOaE4LGkLIDYQR0gwe10gl0DAUi8iomPGPkw$$ HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:02 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusbj4q2mRjisnHADr80JdFSI$
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Cache-Control: no-store, no-cache, must-revalidate
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
direct.credit-suisse.com/cookie-check?trg=KRsieLUbOX9bMvcqMTFlTGFxYymkYojCnQIGrd82dILkFidUMinuogp1CdMjak14d1H1tTpC4UWjsQRdmuv7YtCsXv4TrK_wkiNymDe--BSwCUOWKTNsc9HrYkn3Ntu0
198.240.216.40302 Found 303 B URL HTTP/1.1 direct.credit-suisse.com/cookie-check?trg=KRsieLUbOX9bMvcqMTFlTGFxYymkYojCnQIGrd82dILkFidUMinuogp1CdMjak14d1H1tTpC4UWjsQRdmuv7YtCsXv4TrK_wkiNymDe--BSwCUOWKTNsc9HrYkn3Ntu0
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b8907bca9983cbc5c7456a592e9fe7f8
7c7ee275e97af86bf82f30d7820ef69cc81d8e59
15f60888a1720a114fe6076cb45f0d5b54e7ef846207c65274cb33e84ddf5216
GET /cookie-check?trg=KRsieLUbOX9bMvcqMTFlTGFxYymkYojCnQIGrd82dILkFidUMinuogp1CdMjak14d1H1tTpC4UWjsQRdmuv7YtCsXv4TrK_wkiNymDe--BSwCUOWKTNsc9HrYkn3Ntu0 HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 23:52:02 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Location: https://direct.credit-suisse.com/cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusQbswQI-4hLpkI4YcF3z7Qo$
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Cache-Control: no-store, no-cache, must-revalidate
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
direct.credit-suisse.com/cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusbj4q2mRjisnHADr80JdFSI$
198.240.216.40200 OK 1.9 kB URL HTTP/1.1 direct.credit-suisse.com/cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusbj4q2mRjisnHADr80JdFSI$
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash eeaaa1e93f3c6e86f993d32d863873db
41831692622171d761c7c3d17307db8514319bd6
fb91783e513ec5755d75a7b6cadd8c69b3f846415f3b7a0f464539b739565bb3
GET /cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusbj4q2mRjisnHADr80JdFSI$ HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:52:02 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Last-Modified: Wed, 16 Jun 2021 13:25:38 GMT
ETag: "1f2f-5c4e206b91880-gzip"
Accept-Ranges: bytes
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, must-revalidate
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
direct.credit-suisse.com/cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusQbswQI-4hLpkI4YcF3z7Qo$
198.240.216.40200 OK 1.9 kB URL HTTP/1.1 direct.credit-suisse.com/cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusQbswQI-4hLpkI4YcF3z7Qo$
IP 198.240.216.40:0
ASN #8729 Credit Suisse Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash eeaaa1e93f3c6e86f993d32d863873db
41831692622171d761c7c3d17307db8514319bd6
fb91783e513ec5755d75a7b6cadd8c69b3f846415f3b7a0f464539b739565bb3
GET /cookie-check/cs/CookieCheckError.html?trg=CoCXLh_Y4P9Z_XZuLLwuRyy7ts4BUo6j6NERZe0oongWgaZDizjusQbswQI-4hLpkI4YcF3z7Qo$ HTTP/1.1
Host: direct.credit-suisse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 23:52:02 GMT
Server: Credit Suisse Entry Server
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Robots-Tag: all
Content-Security-Policy: default-src dnmb: 'self' *.credit-suisse.com *.employee-shares.com; script-src dnmb: 'self' 'unsafe-inline' 'unsafe-eval' *.credit-suisse.com *.employee-shares.com; style-src 'self' 'unsafe-inline' *.credit-suisse.com *.employee-shares.com; img-src 'self' data: blob: *.credit-suisse.com *.employee-shares.com; connect-src 'self' wss: *.credit-suisse.com *.employee-shares.com; font-src 'self' data: ; worker-src 'self' blob: dnmb:; child-src 'self' data: blob: dnmb:;
Last-Modified: Wed, 16 Jun 2021 13:25:38 GMT
ETag: "1f2f-5c4e206b91880-gzip"
Accept-Ranges: bytes
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: no-store, no-cache, must-revalidate
X-Permitted-Cross-Domain-Policies: none
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
firebaseinstallations.googleapis.com/v1/projects/cpnlify/installations
142.250.74.42200 OK 489 B URL HTTP/2 firebaseinstallations.googleapis.com/v1/projects/cpnlify/installations
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (330)
Hash b2abae91c4e88541dbcfc138a4399f6f
7829b939f15734212e99844206e457d94273b4f0
b7fa0d66fbfeb1615d12831ec9a50e1a051da6fda73ff03e726c7b0f54ceef49
POST /v1/projects/cpnlify/installations HTTP/1.1
Host: firebaseinstallations.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
content-type: application/json
x-goog-api-key: AIzaSyDPEubL0PW1RbCDnHLj0Hm3YtC-91zxGh4
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Content-Length: 130
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 01 Dec 2022 23:52:02 GMT
server: ESF
cache-control: private
content-length: 489
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://direct-credit-suisse-e1f47.firebaseapp.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-E64ZWXYFD5>m=2oebu0&_p=2043533142&_fid=fLhbkR9ICvdcT8lMKll8VW&cid=2093701930.1669938720&ul=en-us&sr=1280x1024&_s=1&sid=1669938720&sct=1&seg=0&dl=https%3A%2F%2Fdirect-credit-suisse-e1f47.firebaseapp.com%2Flogin.html%3Fsession%3DoV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr%26auth%3Dfa1fc0dc-cefb-4310-8474-3091e026cfed&dt=Login%20-%20Credit%20Suisse%20Direct%20%2F%20CSX&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-E64ZWXYFD5>m=2oebu0&_p=2043533142&_fid=fLhbkR9ICvdcT8lMKll8VW&cid=2093701930.1669938720&ul=en-us&sr=1280x1024&_s=1&sid=1669938720&sct=1&seg=0&dl=https%3A%2F%2Fdirect-credit-suisse-e1f47.firebaseapp.com%2Flogin.html%3Fsession%3DoV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr%26auth%3Dfa1fc0dc-cefb-4310-8474-3091e026cfed&dt=Login%20-%20Credit%20Suisse%20Direct%20%2F%20CSX&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-E64ZWXYFD5>m=2oebu0&_p=2043533142&_fid=fLhbkR9ICvdcT8lMKll8VW&cid=2093701930.1669938720&ul=en-us&sr=1280x1024&_s=1&sid=1669938720&sct=1&seg=0&dl=https%3A%2F%2Fdirect-credit-suisse-e1f47.firebaseapp.com%2Flogin.html%3Fsession%3DoV2ODWiBbBoL4ECl1fbSNPskgW5zSP84WZxa64fhZ3WNEEpMHTqHBpsOw7T4OQwPHHtanvcXhTytGvhUwvIssRczhqCd5kUmJr%26auth%3Dfa1fc0dc-cefb-4310-8474-3091e026cfed&dt=Login%20-%20Credit%20Suisse%20Direct%20%2F%20CSX&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://direct-credit-suisse-e1f47.firebaseapp.com
date: Thu, 01 Dec 2022 23:52:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Fri, 02 Dec 2022 01:36:29 GMT
Date: Thu, 01 Dec 2022 23:52:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5jKfLFWhSvvsiO5WxWbizQhKZdCj1IKR4ijCCZKjUCtni5qQcK5-Zw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:13:23 GMT
age: 70720
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 17nFm7AQdmRYS_af-EJ4XBVw8l3YudcphlpcZMveuVjvjhhYdkAQsw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:33:10 GMT
age: 4733
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nwKxQKsw8g5zCzfMFu_XpOac5rhImez29TKrycGJzozZyHTzoCHASw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:20:06 GMT
age: 5517
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:08:56 GMT
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
age: 6187
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 8236
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16a112f00456d38c4c9e051ccf40e105
8fe32fffe672f0e91ce773af0e4be960f55bad08
43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: npt-A-TEzjd-QRTVhv5FMJhwlYujCRCF7tyYbathxjCdCFFEwh_vEQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:59:42 GMT
age: 67941
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.9.4/firebase.js
142.250.74.35200 OK 0 B URL HTTP/2 www.gstatic.com/firebasejs/5.9.4/firebase.js
IP 142.250.74.35:0
GET /firebasejs/5.9.4/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 215186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 19:13:27 GMT
expires: Sat, 25 Nov 2023 19:13:27 GMT
cache-control: public, max-age=31536000
age: 535114
last-modified: Thu, 11 Apr 2019 22:18:35 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.123.175:0
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 01 Dec 2022 23:52:01 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK81DTC1AEGCJF3JTDTVRJ46-fra
cf-cache-status: HIT
age: 247
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772fbbee9d6e0b3d-OSL
X-Firefox-Spdy: h2
ipinfo.io/json?token=3737089960275b
34.117.59.81200 OK 0 B URL HTTP/2 ipinfo.io/json?token=3737089960275b
IP 34.117.59.81:0
GET /json?token=3737089960275b HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://direct-credit-suisse-e1f47.firebaseapp.com/
Origin: https://direct-credit-suisse-e1f47.firebaseapp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Thu, 01 Dec 2022 23:52:01 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2