r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12521
Expires: Mon, 31 Oct 2022 14:46:27 GMT
Date: Mon, 31 Oct 2022 11:17:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6394
Cache-Control: max-age=86393
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 11:17:46 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 11:17:39 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e59d16ee0744a08cb29d0f7e664a3827
f64722982e24ecc948f599edc76e36250ddf5112
2ef6e5bddd86663d50c9c66bc8b46f92534f4d0ef5e490a24fb876355ec006b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EF6E5BDDD86663D50C9C66BC8B46F92534F4D0EF5E490A24FB876355EC006B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9112
Expires: Mon, 31 Oct 2022 13:49:38 GMT
Date: Mon, 31 Oct 2022 11:17:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iUeaSeuiT1X6UuzIZWZnFIuENXVQWd4kYinNDX95m1328Got+fkqnYtX+FfkqEOvyDvyTt6IPP8=
x-amz-request-id: 28YNCGTYE92G94N1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 31 Oct 2022 10:44:53 GMT
age: 1973
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 31 Oct 2022 11:17:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
user.supermana.cn/dp.php
47.96.159.126200 OK 193 B IP 47.96.159.126:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c8b939ad9737ae97f64bd6e78ba08a6d
734bfbd56139e52371855ba244d654c1e8e3b319
0d70a0a67db1b04f824b7395b0f8cbe6372f5fb601767fcd8508206d3d9a9eb0
Analyzer Verdict Alert openphish Nordea Bank
GET /dp.php HTTP/1.1
Host: user.supermana.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 31 Oct 2022 11:17:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f646a3a97223c35e424ccb52d0ff73da
d88c49b4ac278348e6c669792334170911fb43dd
065a4e4db1b5f7d8231afbd3cb75ce74f0a74aee63bc12a79f5a8d050f55a05b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6552
Cache-Control: max-age=167892
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 11:17:47 GMT
Etag: "635f8217-1d7"
Expires: Wed, 02 Nov 2022 09:55:59 GMT
Last-Modified: Mon, 31 Oct 2022 08:06:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
cert.privatkunde.dan.20-4-34-89.cprapid.com/id/home.php?&return_url=35b0bce9d250429df012c0426f88d0bd&enrolmentID=db0d88f6240c210fd924052d9ecb0b53?securessl=true
20.4.34.89200 OK 28 kB URL HTTP/1.1 cert.privatkunde.dan.20-4-34-89.cprapid.com/id/home.php?&return_url=35b0bce9d250429df012c0426f88d0bd&enrolmentID=db0d88f6240c210fd924052d9ecb0b53?securessl=true
IP 20.4.34.89:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11976), with CRLF line terminators
Hash 0e6f2f7dbca294ffeb415692cb52e9fe
68a73d91a81c0a3c45dae6c8f2f8136804e69b8e
a39a9f4def461b78c3c76a4d853c5f56a5379e72855d5b03a54599d49442cc32
GET /id/home.php?&return_url=35b0bce9d250429df012c0426f88d0bd&enrolmentID=db0d88f6240c210fd924052d9ecb0b53?securessl=true HTTP/1.1
Host: cert.privatkunde.dan.20-4-34-89.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://user.supermana.cn/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:17:47 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cert.privatkunde.dan.20-4-34-89.cprapid.com/id/partials/css/main.css
20.4.34.89200 OK 438 kB URL HTTP/1.1 cert.privatkunde.dan.20-4-34-89.cprapid.com/id/partials/css/main.css
IP 20.4.34.89:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (35906)
Size 438 kB (438029 bytes)
Hash bc52cb8c2ba01dd4791c905991186496
f43bb6ef2ca8dc2f1d448a61331d678049912f75
341b6d608d346d2b16e5e710b4595379786d7e59b1c5a78b4d8fc2985bb51aea
GET /id/partials/css/main.css HTTP/1.1
Host: cert.privatkunde.dan.20-4-34-89.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/id/home.php?&return_url=35b0bce9d250429df012c0426f88d0bd&enrolmentID=db0d88f6240c210fd924052d9ecb0b53?securessl=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:17:47 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 23:35:17 GMT
Accept-Ranges: bytes
Content-Length: 438029
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bx0A6So7UR/vNb09UBY0Sw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NPwzd2qNi6VgInW9UAcJK7Lx1UA=
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 91d070979fc0dbb3e015452e88489d82
75804236cff0f75a88329d7d9f65494e72a816f8
89633d493830c5cba2cbc4fa270d4d7ceb0c05380238d480d0cf5563fdac36b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:17:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 05:29:14 GMT
Expires: Sat, 05 Nov 2022 05:29:13 GMT
Etag: "75804236cff0f75a88329d7d9f65494e72a816f8"
Cache-Control: max-age=410485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762bfc7bfeecb506-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash be97b2c7fcc207461c42929b31fe6718
c5a644c6740ba298a10350916abe554513633864
fafaa8ccba844cb7f0cb54c0ee00977de3585405ac873954dfe41d3e9f734bf3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:17:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 30 Oct 2022 05:56:48 GMT
Expires: Sun, 06 Nov 2022 05:56:47 GMT
Etag: "c5a644c6740ba298a10350916abe554513633864"
Cache-Control: max-age=498538,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762bfc7eda36b506-OSL
whos.amung.us/pingjs/?k=magua1&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcert.privatkunde.dan.20-4-34-89.cprapid.com%2Fid%2Fhome.php%3F%26return_url%3D35b0bce9d250429df012c0426f88d0bd%26enrolmentID%3Ddb0d88f6240c210fd924052d9ecb0b53%3Fsecuressl%3Dtrue&y=http%3A%2F%2Fuser.supermana.cn%2F&a=0&d=0.465&v=27&r=3778
104.22.75.171200 OK 516 B URL HTTP/2 whos.amung.us/pingjs/?k=magua1&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcert.privatkunde.dan.20-4-34-89.cprapid.com%2Fid%2Fhome.php%3F%26return_url%3D35b0bce9d250429df012c0426f88d0bd%26enrolmentID%3Ddb0d88f6240c210fd924052d9ecb0b53%3Fsecuressl%3Dtrue&y=http%3A%2F%2Fuser.supermana.cn%2F&a=0&d=0.465&v=27&r=3778
IP 104.22.75.171:0
Hash 4f27c563b89cf0b2d4ffbe5fcbb54cb8
7afa77be840a9517c5de8f2a114042f191369753
7bac6faafd6f07ffec83d4b5980fcbaf85a6c455a8ff2e153b756e61c41a6ac6
GET /pingjs/?k=magua1&t=Nordea%20-%20identifikation&c=s&x=https%3A%2F%2Fcert.privatkunde.dan.20-4-34-89.cprapid.com%2Fid%2Fhome.php%3F%26return_url%3D35b0bce9d250429df012c0426f88d0bd%26enrolmentID%3Ddb0d88f6240c210fd924052d9ecb0b53%3Fsecuressl%3Dtrue&y=http%3A%2F%2Fuser.supermana.cn%2F&a=0&d=0.465&v=27&r=3778 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 31 Oct 2022 11:17:48 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 762bfc7e6a3d9903-ARN
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Fcert.privatkunde.dan.20-4-34-89.cprapid.com%2Fid%2Fhome.php%3F%26return_url%3D35b0bce9d250429df012c0426f88d0bd%26enrolmentID%3Ddb0d88f6240c210fd924052d9ecb0b53%3Fsecuressl%3Dtrue&j=http%3A%2F%2Fuser.supermana.cn%2F
158.69.139.237200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Fcert.privatkunde.dan.20-4-34-89.cprapid.com%2Fid%2Fhome.php%3F%26return_url%3D35b0bce9d250429df012c0426f88d0bd%26enrolmentID%3Ddb0d88f6240c210fd924052d9ecb0b53%3Fsecuressl%3Dtrue&j=http%3A%2F%2Fuser.supermana.cn%2F
IP 158.69.139.237:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2Fcert.privatkunde.dan.20-4-34-89.cprapid.com%2Fid%2Fhome.php%3F%26return_url%3D35b0bce9d250429df012c0426f88d0bd%26enrolmentID%3Ddb0d88f6240c210fd924052d9ecb0b53%3Fsecuressl%3Dtrue&j=http%3A%2F%2Fuser.supermana.cn%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 31 Oct 2022 11:17:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl2
Set-Cookie: m=1; Domain=dtscout.com; Expires=Mon, 31-Oct-2022 12:41:08 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Mon, 31-Oct-2022 15:17:48 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1667215068; Domain=dtscout.com; Expires=Wed, 08-Feb-2023 11:17:48 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.842
Expires: Mon, 31 Oct 2022 11:17:47 GMT
Cache-Control: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3581
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:17:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3581
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:17:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3581
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:17:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3581
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:17:48 GMT
Connection: keep-alive
widgets.amung.us/small.js
104.22.75.171200 OK 12 kB URL HTTP/2 widgets.amung.us/small.js
IP 104.22.75.171:0
Hash e107d4f3089cfffcf83f1c7ec0a45a1c
76782e489caf435167407a95dcc8682223d0783c
bf70801a55afc99c838f4fb140488ba146096ddcc34022b410cab976af825fda
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 31 Oct 2022 11:17:47 GMT
content-type: application/x-javascript
last-modified: Sun, 30 Oct 2022 17:31:13 GMT
etag: W/"635eb4e1-2142"
expires: Tue, 01 Nov 2022 10:54:13 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 1414
vary: Accept-Encoding
server: cloudflare
cf-ray: 762bfc7d392c9903-ARN
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb3964a844616e8156299a91f6068d3b
dc8a6f2b451b87f4b8f4573daf9f3587d801e1ed
014216665e0feb6a3f64460d8dd50023d4621e10fd31180d6807c9eda8f57364
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: ede9fc0d-bac4-495c-8ecb-39cae7324858
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aznUqG2RIAMFn3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635e1f50-772b9c7e057f59c46cc7bd6f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 06:53:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: h9FWRKRLJCQT9M7qKj7c7wdASXyF4eaogCiAmea4i3UQlnOugk1qUw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 15:34:37 GMT
age: 70991
etag: "dc8a6f2b451b87f4b8f4573daf9f3587d801e1ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcea499342cb4ca7e3c89244dc8d849
819d9d46a49d75af68dc0cc06b3f5e9f86ec2a23
b62cd13dbfc77ef5eed5e0325d5502b2de6e24dcbe038d05a5611b00ea6105be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4604
x-amzn-requestid: 0c493247-ae7e-4f88-b1e5-4edb7dbed418
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajLO1Gu7IAMFWHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578bf8-282d95bb13a0e224024608bd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iMDP-thn7HuLaQvocbtVTk2slo-zKJ3fqL-EVtuFhxV1fisNq5cBew==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 09:59:37 GMT
age: 4691
etag: "819d9d46a49d75af68dc0cc06b3f5e9f86ec2a23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a5598b5025c779903462274690bb7e3
0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c
9b862b8885ab187323aa8f7fdd7cd712959fd7a0b02f5b74c98896be2c5eccd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9749
x-amzn-requestid: ec256f33-dd6c-42dc-976e-970755bcb610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1oYkGpmoAMFtQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635eedd0-6758a6d921b2dca27986636f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:34:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: S9PTswWNOvdqCk-YlJ3vvNPN8-34Qvhr4evopc1fiTezxEBFIRbugg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:50:43 GMT
age: 48425
etag: "0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75fc75d83e2c8db4b32c5a9fb53b31db
ff724242913f99f4d8d0d68a92b231b490072eab
fae871d41be568efd749a7b76d7d975020231053a0052df967a20b63589715ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10057
x-amzn-requestid: 11e904c9-7f64-460b-ac84-52fac380750b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1py7G2_oAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635ef012-1bbd672d35611b964e43a108;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a3K5kJ50FEOu1DhrLV6FURgIOjy9Gy6rNT-yQS14wMUpIdffGvE-vg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 22:09:38 GMT
age: 47290
etag: "ff724242913f99f4d8d0d68a92b231b490072eab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F452b19fa-f67f-4eac-af53-99ec890a9715.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F452b19fa-f67f-4eac-af53-99ec890a9715.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08b21585aea6b384b764edc2af4d2bb1
bc4996f9922be518f3a2863832bd8289ecd7317d
080687678f72b99b429c1abb023066bb0d96f75592d6cf1711c708fc797d90b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F452b19fa-f67f-4eac-af53-99ec890a9715.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8472
x-amzn-requestid: 288016a7-3516-4568-a137-382f25233fbe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1oYHGgsoAMF-2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635eedcd-6e0681ed61cbb5132106ced8;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:34:05 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 63J0t8sYnHm9fgmCrMIuVoyrQ7XsdIcot5HYcIPE040-Tg0fRVaZkQ==
via: 1.1 94f8839a97f73584e70cc07d9f704d62.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:50:42 GMT
age: 48426
etag: "bc4996f9922be518f3a2863832bd8289ecd7317d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.19.39200 OK 6.8 kB IP 104.18.19.39:0
Hash f6ba0c5ec0b04268701e97459ae2cdc5
28c21dbce9e9e2bf5ebbe8b4a2eec364a687b4ec
ab666a26202bc7370c94920065932d95b50dca3d0d80e48759cfcfbd8bd26f3f
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 31 Oct 2022 11:17:48 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 244594
expires: Thu, 03 Nov 2022 11:17:48 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 762bfc804876b4f4-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F&t=Nordea%20-%20identifikation HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!magua1&dn=TC&cc=1&r=http%3A%2F%2Fuser.supermana.cn%2F
67.202.105.32200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!magua1&dn=TC&cc=1&r=http%3A%2F%2Fuser.supermana.cn%2F
IP 67.202.105.32:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!magua1&dn=TC&cc=1&r=http%3A%2F%2Fuser.supermana.cn%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 01 Nov 2022 11:17:48 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 31 Oct 2022 11:17:48 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0&r=http%3A%2F%2Fuser.supermana.cn%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:48 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:49 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:49 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!magua1&lm=0&ts=1667215063926&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cert.privatkunde.dan.20-4-34-89.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 31 Oct 2022 11:17:49 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cert.privatkunde.dan.20-4-34-89.cprapid.com/id/
20.4.34.89302 Found 0 B URL HTTP/1.1 cert.privatkunde.dan.20-4-34-89.cprapid.com/id/
IP 20.4.34.89:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /id/ HTTP/1.1
Host: cert.privatkunde.dan.20-4-34-89.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://user.supermana.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 31 Oct 2022 11:17:47 GMT
Server: Apache
location: home.php?&return_url=35b0bce9d250429df012c0426f88d0bd&enrolmentID=db0d88f6240c210fd924052d9ecb0b53?securessl=true
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8