www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
46.182.4.120200 OK 1.8 kB URL HTTP/1.1 www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
IP 46.182.4.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6b93961fcf4afedb697680d1abf1cf33
025249a0f6d1fc3192abec4f8f4c089a121534cd
b33e199645f50f4a637971e4a59746df19a8b9abf44e731f24d7e78bb9048d5d
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
urlquery suspicious Suspicious - Suspicious JS code
openphish DHL Airways, Inc.
fortinet Phishing
GET /en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1 HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:53:53 GMT
Content-Type: text/html
Content-Length: 1782
Connection: keep-alive
Set-Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465; Path=/; HttpOnly
Last-Modified: Thu, 26 Jan 2023 04:52:31 GMT
ETag: "1f52-5f323843f0158-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5339
Expires: Thu, 02 Feb 2023 22:24:06 GMT
Date: Thu, 02 Feb 2023 20:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3082
Expires: Thu, 02 Feb 2023 21:46:29 GMT
Date: Thu, 02 Feb 2023 20:55:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 20:43:31 GMT
content-type: application/json
age: 696
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7286
Expires: Thu, 02 Feb 2023 22:56:33 GMT
Date: Thu, 02 Feb 2023 20:55:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xdUNDoY/ZJCc+8hDwg4X6tk/CzBPMKTOCxf1Eba1XPfHKR3bPq4Js6Np2j1u4V6i3RKGCd1fgpY=
x-amz-request-id: CADE1MHRDQB1DVPC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 20:23:15 GMT
age: 1912
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndnmag.fr/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 30 Jan 2023 18:43:25 GMT
Expires: Tue, 30 Jan 2024 18:43:25 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 267102
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 20:55:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ndnmag.fr
Connection: keep-alive
Referer: http://www.ndnmag.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 20:55:07 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675371307.dop227.sk1.t,1675371307.cds012.sk1.hn,1675371307.cds208.sk1.c
X-Firefox-Spdy: h2
www.ndnmag.fr/en/dist/jquery-lang.js
46.182.4.120200 OK 7.0 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/jquery-lang.js
IP 46.182.4.120:0
Hash 1c1917fafff89489f105f5d8427e6ef5
f6fb0efe5340fb45aeeb5550c1811e8c46cf79fa
50b74f02b7f4852ea8afdf518a07bb264480821da537d26d5fe7dffd5c62ca2f
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/jquery-lang.js HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:55:54 GMT
Content-Type: application/javascript
Content-Length: 7000
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "6c2d-5f316906e544e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.ndnmag.fr/en/dist/dhl.css
46.182.4.120200 OK 315 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/dhl.css
IP 46.182.4.120:0
File type Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators
Size 315 kB (314756 bytes)
Hash 91bb51af984823aa997a73805a14c17a
3e466647149a7c376f7df1fc9d921571eac24c9d
4ebc8985f17f3baf5683617c7854fd2132e952ca17ca83312685c7eb0e5d7c54
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
GET /en/dist/dhl.css HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:53:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "15b189-5f316906e44ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 20:07:19 GMT
age: 2868
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ndnmag.fr/en/dist/load.php
46.182.4.120200 OK 1.1 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/load.php
IP 46.182.4.120:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 443278ad17f9fe35fcaf6044308d9762
0b1b47ec66fff41259da13c19283b366c6f39e29
0d2d38ee6854230889d7e258fff29e7878cd1407ca222fb4b859863579ab9507
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/load.php HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:54:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1096
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.ndnmag.fr/en/dist/DHL_head.html
46.182.4.120200 OK 3.1 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/DHL_head.html
IP 46.182.4.120:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836)
Hash dbc0ae6b82b4820f8a6407cee9585694
a4692b59fc059903620afcde4bcb79af49c96cfb
3c3acaa1d4052b6e9dd88d80593a36acf431e998de31a450dd9097413fe85d52
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/DHL_head.html HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:53:54 GMT
Content-Type: text/html
Content-Length: 3117
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "2d05-5f316906e44ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.ndnmag.fr/en/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
46.182.4.120200 OK 41 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
IP 46.182.4.120:0
File type Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Hash 03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/dist/dhl.css
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:55:54 GMT
Content-Type: font/woff
Content-Length: 41084
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "a07c-5f316906e44ae"
Accept-Ranges: bytes
www.ndnmag.fr/en/dist/DHL_footer.html
46.182.4.120200 OK 6.1 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/DHL_footer.html
IP 46.182.4.120:0
File type exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591)
Hash 2b27879683c6323bcefdd529317cf67f
b3968065a2a00dd7bad17dedf3b88ca316088ff0
34e03a44283630ddd2b3bc39055e662cccf4cf56862b47f6fad72e1956e8f333
Analyzer Verdict Alert fortinet Phishing
GET /en/dist/DHL_footer.html HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:54:58 GMT
Content-Type: text/html
Content-Length: 6060
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "3c69-5f316906e44ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.ndnmag.fr/en/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
46.182.4.120200 OK 9.3 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
IP 46.182.4.120:0
File type Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Hash 9355df62a665ef9249036bbccad8c54c
6b7779a10187a1a7473f604fbe3db96350868c6a
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/dist/dhl.css
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:55:54 GMT
Content-Type: font/woff
Content-Length: 9316
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "2464-5f316906e544e"
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21061
Expires: Fri, 03 Feb 2023 02:46:09 GMT
Date: Thu, 02 Feb 2023 20:55:08 GMT
Connection: keep-alive
www.ndnmag.fr/en/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
46.182.4.120200 OK 41 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
IP 46.182.4.120:0
File type Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Hash e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/dist/dhl.css
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:54:58 GMT
Content-Type: font/woff
Content-Length: 41328
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "a170-5f316906e544e"
Accept-Ranges: bytes
www.ndnmag.fr/en/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
46.182.4.120200 OK 44 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
IP 46.182.4.120:0
File type Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Hash 4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/dist/dhl.css
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:54:58 GMT
Content-Type: font/woff
Content-Length: 44260
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "ace4-5f316906e44ae"
Accept-Ranges: bytes
ipinfo.io/country
34.117.59.81302 Found 72 B IP 34.117.59.81:0
File type ASCII text, with no line terminators
Hash b79f12127b13f3298b65130f55033eea
0c5df3d4734c5d754f78df4dd08f329ce38ab901
76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0
GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ndnmag.fr/
Origin: http://www.ndnmag.fr
Connection: keep-alive
HTTP/1.1 302 Found
access-control-allow-origin: *
location: https://ipinfo.io/country
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
date: Thu, 02 Feb 2023 20:55:08 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
Via: 1.1 google
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 45cde8840977d40f0f2996070c26668b
0a94a7a5d1eb1005bf716bf015e10e5612746059
686387ebebc43961d2fe2847add3afd13e2d92a0d3e672e6cb6245ae50b4ce42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "686387EBEBC43961D2FE2847ADD3AFD13E2D92A0D3E672E6CB6245AE50B4CE42"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12516
Expires: Fri, 03 Feb 2023 00:23:44 GMT
Date: Thu, 02 Feb 2023 20:55:08 GMT
Connection: keep-alive
www.ndnmag.fr/en/dist/favicon.ico
46.182.4.120200 OK 1.2 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/favicon.ico
IP 46.182.4.120:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
GET /en/dist/favicon.ico HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:54:58 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "47e-5f316906e44ae"
Accept-Ranges: bytes
push.services.mozilla.com/
35.162.143.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.143.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gW3FHzwksSgjL9ARBnohQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GT5goE4VTxt0XkmUNQaFrX/W/i4=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 45cde8840977d40f0f2996070c26668b
0a94a7a5d1eb1005bf716bf015e10e5612746059
686387ebebc43961d2fe2847add3afd13e2d92a0d3e672e6cb6245ae50b4ce42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "686387EBEBC43961D2FE2847ADD3AFD13E2D92A0D3E672E6CB6245AE50B4CE42"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12516
Expires: Fri, 03 Feb 2023 00:23:44 GMT
Date: Thu, 02 Feb 2023 20:55:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18071
Expires: Fri, 03 Feb 2023 01:56:20 GMT
Date: Thu, 02 Feb 2023 20:55:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18071
Expires: Fri, 03 Feb 2023 01:56:20 GMT
Date: Thu, 02 Feb 2023 20:55:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18071
Expires: Fri, 03 Feb 2023 01:56:20 GMT
Date: Thu, 02 Feb 2023 20:55:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 83323
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ipinfo.io/country
34.117.59.81429 Too Many Requests 5.0 kB IP 34.117.59.81:0
Hash ab040f62478d46b788e9e670cf649b7d
9882530c639ad296a403f340d1562fd191773960
677e270dae1a01317fc03f1dc21006c41bc596eab626d0beac5ec8cc6a445add
GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://www.ndnmag.fr/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 429 Too Many Requests
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 20:55:08 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 81374
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 81782
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 82531
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 48392
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ndnmag.fr/en/dist/DHL_track.html
46.182.4.120200 OK 2.6 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/DHL_track.html
IP 46.182.4.120:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (356)
Hash 4190a616b637362d5770e5d9371b976e
e473255f06b35e276e2ae9da411d4cb3348b1ffc
a0ab3ac2b56ea3015a0e3f563970ac276fcb835411e4ee37174e2ca2b3d48f4d
Analyzer Verdict Alert fortinet Phishing
GET /en/dist/DHL_track.html HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:55:00 GMT
Content-Type: text/html
Content-Length: 2567
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "1a9d-5f316906e44ae-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.ndnmag.fr/en/dist/jquery.validate.min.js
46.182.4.120200 OK 7.8 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/jquery.validate.min.js
IP 46.182.4.120:0
File type Unicode text, UTF-8 text, with very long lines (24237)
Hash 733b253cf585468481e2a1d19b517fc2
bd1c201faf6ff53a44b19e2ef8f6a18b6a36141b
d88829113f706278062864700f82a7b55756af1c0ba4be724122c78fe3fc37fe
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/jquery.validate.min.js HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:55:00 GMT
Content-Type: application/javascript
Content-Length: 7815
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "5f38-5f316906e63ee-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
151.101.193.229301 Moved Permanently 0 B URL HTTP/1.1 cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 151.101.193.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ndnmag.fr/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Accept-Ranges: bytes
Date: Thu, 02 Feb 2023 20:55:09 GMT
X-Served-By: cache-bma1630-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.ndnmag.fr/en/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
46.182.4.120200 OK 41 kB URL HTTP/1.1 www.ndnmag.fr/en/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
IP 46.182.4.120:0
File type Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Hash 4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/dist/dhl.css
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:55:56 GMT
Content-Type: font/woff
Content-Length: 41352
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "a188-5f316906e544e"
Accept-Ranges: bytes
www.ndnmag.fr/en/dist/langpack/en.json
46.182.4.120200 OK 514 B URL HTTP/1.1 www.ndnmag.fr/en/dist/langpack/en.json
IP 46.182.4.120:0
File type JSON data\012- , ASCII text
Hash e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/langpack/en.json HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 21:55:00 GMT
Content-Type: application/json
Content-Length: 514
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "202-5f316906e63ee"
Accept-Ranges: bytes
www.ndnmag.fr/en/dist/langpack/en.json
46.182.4.120200 OK 514 B URL HTTP/1.1 www.ndnmag.fr/en/dist/langpack/en.json
IP 46.182.4.120:0
File type JSON data\012- , ASCII text
Hash e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3
Analyzer Verdict Alert urlquery phishing Phishing - DHL
urlquery phishing Phishing - DHL
fortinet Phishing
GET /en/dist/langpack/en.json HTTP/1.1
Host: www.ndnmag.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.ndnmag.fr/en/e6ae79a34a9ab062603a6b4ff22e732b/execution.html?validation=e1s1
Cookie: route=1675371234.688.361019.90248|499c8baf302284682cd20328146f4465
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:55:09 GMT
Content-Type: application/json
Content-Length: 514
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:25:21 GMT
ETag: "202-5f316906e63ee"
Accept-Ranges: bytes
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
151.101.193.229200 OK 7.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (21060)
Hash 1f61c1b15b25ba046056238766ff3a43
2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ndnmag.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 20:55:09 GMT
age: 797587
x-served-by: cache-fra-eddf8230069-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash b4f4a3a5ae499ec408f44c8da5424a36
d545bba8d5a297a916caeb69354232cc162902af
05221df73ce4cf32d51e9d8551d52aaf0e9fa8ca1d5d8cf49f4d723b22014843
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 20:55:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "00A7DD39D6AA56F2236FCB9890C0F4C8F030515A"
Expires: Fri, 03 Feb 2023 07:00:00 GMT
Last-Modified: Thu, 02 Feb 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3346
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7935d37faff80b3d-OSL