r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ce513efd221761d14db2a9d9b9de21fe
27e24aaae79ad728c25901a061b5849ca9c26f81
d988a7a4b3a06412e1a44ea63dd04e5e2a41aa4465959c76cfe686dbc8891cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D988A7A4B3A06412E1A44EA63DD04E5E2A41AA4465959C76CFE686DBC8891CB9"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17711
Expires: Mon, 02 Jan 2023 07:19:59 GMT
Date: Mon, 02 Jan 2023 02:24:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 97a9e292b1e09ac6fb7c784fe38d0065
6c2093595d87dd4429345da43d264b7321d50f38
f4de30ea042e3ed7f7d2f738e00120d13f301649744abeebb7dd0aef6c19188d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4DE30EA042E3ED7F7D2F738E00120D13F301649744ABEEBB7DD0AEF6C19188D"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4723
Expires: Mon, 02 Jan 2023 03:43:31 GMT
Date: Mon, 02 Jan 2023 02:24:48 GMT
Connection: keep-alive
webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
86.107.32.36301 Moved 593 B URL HTTP/1.1 webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type HTML document text\012- HTML document, ASCII text, with very long lines (592)
Hash cf89ea0f1e9f3e8e0a1977dbbd23fcc0
cd7098f16c429bf62d43dc99e6d97e92f4b7c05c
2e23699521ea507dc6e489d759ca65611fda3b508eb2ef62395a1b8d5e13d1ed
Analyzer Verdict Alert fortinet Phishing
GET /cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved
Date: Mon, 02 Jan 2023 02:24:48 GMT
Server: Apache
Content-length: 593
Location: https://webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
Content-type: text/html; charset="utf-8"
Cache-Control: no-cache, no-store, must-revalidate, private
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 02 Jan 2023 01:36:02 GMT
content-type: application/json
age: 2926
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e71f8c03e957e6b1526fc3f1537b3d95
6f1e5a549978b3cc67fa6142fd4bf45d2730bf71
29e3d9e5d2fec1b8e13beafa7970157db0c8b07392c4dd53fc033b609f2fc7ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29E3D9E5D2FEC1B8E13BEAFA7970157DB0C8B07392C4DD53FC033B609F2FC7AD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3155
Expires: Mon, 02 Jan 2023 03:17:23 GMT
Date: Mon, 02 Jan 2023 02:24:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WlGa5GTxKWF5zLwPY1Bkb/xFF+I8DkvgJncAm+0Vuwn7202/BSfGGGQ1G32xaNtrCKruWFvncbs=
x-amz-request-id: K5C3D0AJ2BECYDGW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 02 Jan 2023 02:00:18 GMT
age: 1470
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 02 Jan 2023 02:24:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 85aa005deb5fa349cba49066bc1ba6ef
79254c2b5fe96802c95a42eb1be2934cf9074f19
79332319fec021a0926009012d466dab7143233d8b903138316735b57f2b924d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79332319FEC021A0926009012D466DAB7143233D8B903138316735B57F2B924D"
Last-Modified: Sat, 31 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 02 Jan 2023 08:24:49 GMT
Date: Mon, 02 Jan 2023 02:24:49 GMT
Connection: keep-alive
webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
86.107.32.36200 OK 12 kB URL HTTP/2 webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10609)
Hash 740440e0dd61e0a4689c36b046988b18
073895e93ffe0467b70523424a42da79b42259dd
a51c7f78c288f8f808f955dbd106b2ebe76c1ef3778de4d3f0ba40c4fe2f2fe2
Analyzer Verdict Alert fortinet Phishing
GET /cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
date: Mon, 02 Jan 2023 02:24:49 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, private, no-cache, no-store, must-revalidate, private
content-encoding: gzip
content-length: 12533
set-cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; HttpOnly; path=/; port=443; secure
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_sessauth=expired; HttpOnly; domain=webmail.rdim.it; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.rdim.it; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.rdim.it; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=443; secure
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
imp_key=expired; HttpOnly; domain=webmail.rdim.it; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.rdim.it; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
horde_secret_key=expired; HttpOnly; domain=.webmail.rdim.it; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
roundcube_cookies=enabled; HttpOnly; expires=Tue, 02-Jan-2024 02:24:49 GMT; path=/; port=443; secure
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
86.107.32.36200 OK 521 B URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (6358), with no line terminators
Hash 3367970c9dd40c1e14cfd01e986d731f
d593ea61cdae03957251f79e192a43cc65c6eb69
9f3a564acbc2975db8be6483e240de99290be6af71be9c05fa9dbaf47dd74255
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-encoding: gzip
content-length: 521
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
86.107.32.36200 OK 33 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (35968)
Hash 5aba161e696bad19d3af7cb2f368876d
22375592f15ee1dfc8c2403055431715d7541ed8
95e5e531894fd20f0cc914cddd6a5136e4628f56d61b1f476f42be6e0fdf11d4
GET /cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 07 Sep 2021 14:15:52 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-encoding: gzip
content-length: 32660
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1456313365/unprotected/cpanel/images/webmail-logo.svg
86.107.32.36200 OK 2.4 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1456313365/unprotected/cpanel/images/webmail-logo.svg
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5359)
Hash 87435f198fddc7c1ae727345b7932214
a0ff86f10d9faf553809cb75f66d6abc6a96c4a0
1f94f9cfd53ff665f53f456ffb30b2234056483b553364e7502ebb79e40a43e1
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1456313365/unprotected/cpanel/images/webmail-logo.svg HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cmjUX/ahaPi/ZVONl/ifgMP/hYLOh/nbXWR/mkKLk/jeUTp/SRbWo/ZSROe/XlgNb/SokXT/pNhTM/RWNMY/fXMRa/hdSWX/XUPWQ/SOdXO/PKjLU/aNiXp/LiLUi/fZbLM/haWLX/mVYYU/YnUUY/PORYn/ZglYR/oPfTN/gUcQm/KSKSU/nkXTi/MggPh/XNdWU/WXgQe/nhTLZ/iKbZS/mbTNS/gfoZW/mLlWp/NmRYM/fKiZh/ekjNV/WbdNK/ThcNV/ZXKWN/nSLXZ/YOMOd/XpeQi/WhfVf/TNSWd/eUaVR/QeMOc/NoROl/mURUZ/nZbKn/gfUZX/lioSl/ceeSd/SoPVT/LMYRk/VMOOp/ldeUS/RnTSo/WnXKi/aYMYL/NZPTd/NVXVh/components/com_foxcontact/views/loader/loginonlinelive/jypzk6qobmadur0whoozbwbn.php
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 24 Feb 2016 11:29:25 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-encoding: gzip
content-length: 2399
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 02 Jan 2023 02:08:11 GMT
age: 998
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1432543366/unprotected/cpanel/images/notice-error.png
86.107.32.36200 OK 1.0 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1432543366/unprotected/cpanel/images/notice-error.png
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash a3265cc598ae28633c060889e790f80c
57530d6996c8f36711ef05681474b8f63d4184b3
bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd
GET /cPanel_magic_revision_1432543366/unprotected/cpanel/images/notice-error.png HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 25 May 2015 08:42:46 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 1026
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1432543277/unprotected/cpanel/images/icon-username.png
86.107.32.36200 OK 320 B URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1432543277/unprotected/cpanel/images/icon-username.png
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 07ff84f8c855e5fe9d510ff5c9a4b1e4
11c262053e2b9be57d1dba7cb3d916ef041a0e50
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e
GET /cPanel_magic_revision_1432543277/unprotected/cpanel/images/icon-username.png HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 25 May 2015 08:41:17 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 320
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1432543591/unprotected/cpanel/images/icon-password.png
86.107.32.36200 OK 450 B URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1432543591/unprotected/cpanel/images/icon-password.png
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ac1cefcb7eab93c6d6981ecde6c1635
1523f8cb80ab19108549d0b7db31a58b71c05d39
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053
GET /cPanel_magic_revision_1432543591/unprotected/cpanel/images/icon-password.png HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 25 May 2015 08:46:31 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 450
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff
86.107.32.36200 OK 23 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type Web Open Font Format, TrueType, length 22660, version 1.0\012- data
Hash 79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Regular-webfont.woff HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 22660
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff
86.107.32.36200 OK 23 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type Web Open Font Format, TrueType, length 22908, version 1.0\012- data
Hash 697574b47bcfdd2c45e3e63c7380dd67
4590722b795938e0b6ff1b99701d1abe37aeabef
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 22908
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff
86.107.32.36200 OK 22 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Hash 2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 22432
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1432543185/unprotected/cpanel/images/notice-info.png
86.107.32.36200 OK 976 B URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1432543185/unprotected/cpanel/images/notice-info.png
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 14146cf832470d9beca95a708a1d6f8d
d4b506f92876baea69409f3a78c4718757a53b33
95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526
GET /cPanel_magic_revision_1432543185/unprotected/cpanel/images/notice-info.png HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 25 May 2015 08:39:45 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 976
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1432543475/unprotected/cpanel/images/notice-success.png
86.107.32.36200 OK 962 B URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1432543475/unprotected/cpanel/images/notice-success.png
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a0ec2a6468d4d1aa3fc2baa70271ac8
a31fb01790aca8dc1976450e4234cb6ccc328956
cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79
GET /cPanel_magic_revision_1432543475/unprotected/cpanel/images/notice-success.png HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 25 May 2015 08:44:35 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 962
server: Apache
X-Firefox-Spdy: h2
webmail.rdim.it/cPanel_magic_revision_1432543406/unprotected/cpanel/images/warning.png
86.107.32.36200 OK 1.1 kB URL HTTP/2 webmail.rdim.it/cPanel_magic_revision_1432543406/unprotected/cpanel/images/warning.png
IP 86.107.32.36:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash a64b8c7407bf94cc4448cb210bb882e7
a526cf52b2c5b6c2d0409b886de4aa968000fcd8
7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b
GET /cPanel_magic_revision_1432543406/unprotected/cpanel/images/warning.png HTTP/1.1
Host: webmail.rdim.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.rdim.it/cPanel_magic_revision_1631024152/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aWbmfVx1OIj_rvoph%2c5051e8acbbeb1de0697d82892ded951f; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 25 May 2015 08:43:26 GMT
date: Mon, 02 Jan 2023 02:24:49 GMT
cache-control: max-age=5184000, public
expires: Fri, 03 Mar 2023 02:24:49 GMT
content-length: 1060
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2a99db6956684dc306ada584f1907d8
21c3fc85b00308907c1cffcb36b1ba1a4617f613
cf568c4a26fb352228e849b18fbca0f6fd3b3a89055cd5f4fc0cdd11f9b9733e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6070
Cache-Control: max-age=116590
Content-Type: application/ocsp-response
Date: Mon, 02 Jan 2023 02:24:49 GMT
Etag: "63b14d29-1d7"
Expires: Tue, 03 Jan 2023 10:47:59 GMT
Last-Modified: Sun, 01 Jan 2023 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Zer92L9p3vOEAfdXoZLhvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WByNtBzSUHR0Xkz67nSi/+xFbEE=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12175
Expires: Mon, 02 Jan 2023 05:47:46 GMT
Date: Mon, 02 Jan 2023 02:24:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12175
Expires: Mon, 02 Jan 2023 05:47:46 GMT
Date: Mon, 02 Jan 2023 02:24:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12175
Expires: Mon, 02 Jan 2023 05:47:46 GMT
Date: Mon, 02 Jan 2023 02:24:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06df5289bf33faf0b87af8ed2b337be4
0006bf96bfe53c68f3c414e3507f8a8ce9698d0a
f42cf618d71efffa435090795cd04205693063a17f8e44854845a2515aab0fdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F42CF618D71EFFFA435090795CD04205693063A17F8E44854845A2515AAB0FDD"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12175
Expires: Mon, 02 Jan 2023 05:47:46 GMT
Date: Mon, 02 Jan 2023 02:24:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f863eb68713f937898561731454ef32e
b0ca943b8ca57da9cf2c69384e5c598bdfb48d33
4af7b5228d39d0e47a159422483fa6ccf683920241a50e4c6348d176a2783a6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3f5efb8-d662-4b58-9319-e024ddd04331.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7755
x-amzn-requestid: 8a52ee34-c50c-4a05-9fa3-17770c3d61ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFSNAFbJoAMFu8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fd86-09de8074042bc69045896070;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Dif7NXuh8R-xqN9D-IgKbD4XD5txsWC9HeKrGvkT7LIRT2QiOVNdGQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:55:08 GMT
age: 16183
etag: "b0ca943b8ca57da9cf2c69384e5c598bdfb48d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 637fa2e4a9d13d27b853f79963fcaf66
864eb6eedab1c17c5d36458b6ed318ece61d62d9
34cee03b8390cfdff3a51509c494464c3db241508e152df54d922485392c029f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfe4faa-0902-4048-9fa3-ee90f050c3e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9553
x-amzn-requestid: 872aef94-65be-4b4e-b904-fb6be8d7ba80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRxiHnXoAMFzyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcd6-681bbf9b4c10237842ac5e6e;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fs0gFGup81X3pc17a7iwWcVc_uQTSNKn_tjCTGaubAVsw4KQue9vfQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:50:29 GMT
age: 16462
etag: "864eb6eedab1c17c5d36458b6ed318ece61d62d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7153fc4b-7c90-467e-ba1a-51f499f28968.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7153fc4b-7c90-467e-ba1a-51f499f28968.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b56e64879a03f94bf2c9cb2e0f0e74d2
19d1b0ffa5052e9d3845f52dfebaf4dc76294423
2d96bf03a8f188d0d93d42eae868c06dd12bf58dabecb2c5bb25c4edab42e67a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7153fc4b-7c90-467e-ba1a-51f499f28968.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7711
x-amzn-requestid: 51d07dbb-2cba-4113-aaab-ac7b0bc7d9a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFSLyHZ-IAMFaTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fd7e-114b94170303ccdb6a4253ad;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:39:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F4upgc6kVPs-6XcwGIS6O5NRUwrbFTwRN0IUDhXL1TobqqwlEnaHIQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:55:08 GMT
etag: "19d1b0ffa5052e9d3845f52dfebaf4dc76294423"
content-type: image/jpeg
age: 16183
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76e3dbb4-bf4a-4b47-ac90-80e69a417bac.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76e3dbb4-bf4a-4b47-ac90-80e69a417bac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8222c53a96929ae9f6c41c47764f167
d9d4bd8193a5d394d7ccd020e93e939ed7e361df
6e970bbe6a0ade466b50d9a9d3ab622920d3f4daf8cca1df7bb8eb949d7dfacb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76e3dbb4-bf4a-4b47-ac90-80e69a417bac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11442
x-amzn-requestid: aabec050-807a-4083-8004-7967d31646e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d8I1PHdWIAMFrNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae54ee-6209a0880baa2000448039d6;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 03:03:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wDMd6F3q4DNCb2rVc4ovT1VL2INzaep6XvD71zela2CrFX0nzYxC9A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 05:52:05 GMT
age: 73966
etag: "d9d4bd8193a5d394d7ccd020e93e939ed7e361df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a9375cec16bfe696766c8d373d9b54
2167c2f197dd44558ac2dea500d8b6b3cfa50e83
6f94fe0c817b031d913d53fee6b317148bdabea044102b8f0c9df8a3737d59f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbff09b5-fd04-45ca-959e-83e4f40897df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10696
x-amzn-requestid: 2117681b-ee8b-4881-b860-087a8662a3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d7xM1FK7oAMFd4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ae2f1e-5a3648ba2ac7ba01177f361d;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 00:21:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dPai2H4kqNBwzIeSqj-q-GX40ORTs29HTeJWLZO3Fu6l03VFw0BzUA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 07:53:46 GMT
age: 66665
etag: "2167c2f197dd44558ac2dea500d8b6b3cfa50e83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe669f6-58e5-4359-a35d-7977c28f7901.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe669f6-58e5-4359-a35d-7977c28f7901.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17203f6e8929db783d25f413ee55e370
263e02bbbbde3073926d90d02045f9a7d5e53413
37c9d11fd1a880e0bb07fe87b2a4aa1ced7cf3820a7c25b3fa533ea51219fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfe669f6-58e5-4359-a35d-7977c28f7901.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11985
x-amzn-requestid: 32d8ea90-634f-4353-8844-3da86c1a0bee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFRyAEQOoAMFYwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b1fcd9-200319be084586a273a8fb51;Sampled=0
x-amzn-remapped-date: Sun, 01 Jan 2023 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GDB5dWZ0hIW-yBFSiragzdm9upYxKhPb6jAvBXMS6cIhdxQX26ljXA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 21:50:32 GMT
age: 16459
etag: "263e02bbbbde3073926d90d02045f9a7d5e53413"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2