r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16925
Expires: Wed, 07 Sep 2022 14:13:52 GMT
Date: Wed, 07 Sep 2022 09:31:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 09:04:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fm6H_lGfxifsZ7WZYWAePUOm2LK3AobqEfDO1O5vd64Yo0Pzxf5cZw==
Age: 1628
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QkvOfVS6rIjuVrAak3MuL8Yza26RxVTgYOx-bWJVB1jjtPBXO8iwow==
age: 20713
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 50179d6a7a77a9a5418cd886a6dd0be0
e3071441ca2eeda0972038039a943797a007b53c
28859102e8b03f748506be771e32c864e49a460d2efd32dc94226bcfdb602ff4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 09:31:47 GMT
Last-Modified: Wed, 07 Sep 2022 08:31:04 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -oDo3M6iS_1n11Vcr-FF_T4KxUhZNGCXgQ_o_HnvykTIp20dtOwuPw==
Age: 3643
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 09:31:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
we11sfargo1101.herokuapp.com/login
34.201.81.34200 OK 5.9 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/login
IP 34.201.81.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17437), with no line terminators
Hash 086ecc91ab8b8446f8cb08335c658fc6
558e15c57695e8bc542420b9f7befa8564cb24af
387a3f6f13a1b927c9c1e69ec3945ec538242c061f851533a5a9eb612a077e5b
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /login HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Next.js
Etag: "441e-sIfnvIyrFvFlR5IEZehLY4ODMbw"
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/css/43665ae2bb2d787c.css
34.201.81.34200 OK 20 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/css/43665ae2bb2d787c.css
IP 34.201.81.34:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 42982bf0f1777bfed59a0b5953297686
3c1475cb7a9fcb063cdd9eb1e360c89f55f6a563
93595d383a13603d577db34acc14a576628d03d5a39608f2a257d20f83ab8f1a
GET /_next/static/css/43665ae2bb2d787c.css HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"1d3d7-182eb2e18b8"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 08:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 08:47:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MwA1BABQw1bMpC-XQ6K2lTwNjaHCCl4l7Xv9tjHKpUejpwmEa8CdBA==
Age: 3210
we11sfargo1101.herokuapp.com/_next/static/chunks/webpack-42cdea76c8170223.js
34.201.81.34200 OK 1.1 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/webpack-42cdea76c8170223.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (2282), with no line terminators
Hash 9149abae2e55c60fc67038cc4e57c408
6da4184b51e84b81c66eab3877287d7b143d37ba
a6bd3247bba028c16fa38c133614b691de0b0102b4fd04e43d04715a8f0978d3
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/webpack-42cdea76c8170223.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"8ea-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/pages/_app-708ed9e08548b3aa.js
34.201.81.34200 OK 786 B URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/pages/_app-708ed9e08548b3aa.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (1554), with no line terminators
Hash 3489c7eadd9d00b030b057ee09808e13
8dc93621209a324be0a3713aecf8cddf77f4dfdb
dca5504cf3f561b660d06ff66590f7d98c9aea1e5709cd92fba04436a58e9612
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/pages/_app-708ed9e08548b3aa.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"612-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-bd.woff2
96.6.19.156200 OK 22 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-bd.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /wfui/css/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we11sfargo1101.herokuapp.com
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "569c-582d133e56280"
accept-ranges: bytes
content-length: 22172
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Thu, 07 Sep 2023 09:31:48 GMT
date: Wed, 07 Sep 2022 09:31:48 GMT
X-Firefox-Spdy: h2
we11sfargo1101.herokuapp.com/_next/static/chunks/415-7590c189192c3a8f.js
34.201.81.34200 OK 29 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/415-7590c189192c3a8f.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 523047b6d6442f81909066100f7e1b38
ce6c56a66504a46415d161a9a7421af9dcf0382b
a1878c8235bac9560e6cb2f9a9d20f70f2640be486a57f586ee944733dd1f457
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/415-7590c189192c3a8f.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"15b96-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/603-a17cc28571727768.js
34.201.81.34200 OK 6.0 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/603-a17cc28571727768.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (25384), with no line terminators
Hash ae9fb9bddb1dd1155ddccc99609c774e
462fe86395a377476536deca71474fe29a559438
e3a3353845a8d0c220bc2ca6ed4f815fda6ab4c2419f3c4c67aec2891c7afa22
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/603-a17cc28571727768.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"6328-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/main-25e5079ab4bd6ecd.js
34.201.81.34200 OK 31 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/main-25e5079ab4bd6ecd.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7019189a219d0251495601eb27e5da72
4b8dc1e9fb99d66bebd67dc229865cf1d5d420d1
adb5c3cfd078898559439f61b19e11d7d14fb5effd6ec45b4c268304aa3349ca
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/main-25e5079ab4bd6ecd.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"1a61d-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/34-6721f66f62479da6.js
34.201.81.34200 OK 2.5 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/34-6721f66f62479da6.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (9620), with no line terminators
Hash d5be39b1aa8bc2cdced3be490f10db83
636af25273ee55dcc2564c43b738c491f57d4750
0780ebd14baa39070eb11612da14c609625acad5ef9c217524f07d47dfbb2956
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/34-6721f66f62479da6.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"2594-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/217-998f22197d5821b9.js
34.201.81.34200 OK 15 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/217-998f22197d5821b9.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (45535), with no line terminators
Hash c30ec41db723a81b43104c78aac73360
d71d05dfa2cc9fa045eaee639e20a501b3edb31e
057333eca58a8cf6a0c1f58c94402668fde6e456ea3d1c3d7a8c22fc9f3e63e0
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/217-998f22197d5821b9.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"b1df-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/pages/login-c9de949eb6b2efef.js
34.201.81.34200 OK 4.4 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/pages/login-c9de949eb6b2efef.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (11794), with no line terminators
Hash d5eb5b3f2dff8453b5ff785968df302f
5291b910fa018647f8de7cde07453cab18a2d0d6
539a51c142b70ed62e181f5a48ab4f3ffd9f96377a9832bdf1083ee17df29019
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/pages/login-c9de949eb6b2efef.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"2e12-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/chunks/framework-4556c45dd113b893.js
34.201.81.34200 OK 45 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/chunks/framework-4556c45dd113b893.js
IP 34.201.81.34:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 828d2085295ecc1a26daac2042176dd3
1321a70d7499f927489b164a3a7ba3d49c5ef066
5347335eb87a340da6f347359ca03c7bfc9e2135448556ac64e17c83c051ba13
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/framework-4556c45dd113b893.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"22682-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:48 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/_next/static/TaE94Qzh6pslyN82jGaBy/_ssgManifest.js
34.201.81.34200 OK 77 B URL HTTP/1.1 we11sfargo1101.herokuapp.com/_next/static/TaE94Qzh6pslyN82jGaBy/_ssgManifest.js
IP 34.201.81.34:0
File type ASCII text, with no line terminators
Hash b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/TaE94Qzh6pslyN82jGaBy/_ssgManifest.js HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Mon, 29 Aug 2022 19:57:23 GMT
Etag: W/"4d-182eb2e18b8"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 77
Vary: Accept-Encoding
Date: Wed, 07 Sep 2022 09:31:48 GMT
Via: 1.1 vegur
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4526
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 09:31:48 GMT
Last-Modified: Wed, 07 Sep 2022 08:16:22 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
96.6.19.156200 OK 27 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 26708, version 1.13107\012- data
Hash 885d42ab7ffcffc42ed29816c3ce9727
3d84cb41ddfb5bf8627e2b9dc867237bea47baad
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
GET /wfui/css/fonts/wellsfargoserif-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we11sfargo1101.herokuapp.com
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Mon, 11 Mar 2019 20:52:01 GMT
etag: "6854-583d7be82be40"
accept-ranges: bytes
content-length: 26708
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Thu, 07 Sep 2023 09:31:48 GMT
date: Wed, 07 Sep 2022 09:31:48 GMT
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
96.6.19.156200 OK 22 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /wfui/css/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we11sfargo1101.herokuapp.com
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5798-582d133e56280"
accept-ranges: bytes
content-length: 22424
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Thu, 07 Sep 2023 09:31:48 GMT
date: Wed, 07 Sep 2022 09:31:48 GMT
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
96.6.19.156200 OK 23 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /wfui/css/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://we11sfargo1101.herokuapp.com
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5848-582d133e56280"
accept-ranges: bytes
content-length: 22600
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Thu, 07 Sep 2023 09:31:48 GMT
date: Wed, 07 Sep 2022 09:31:48 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DIYNsY4D9e1yFWq5yjAkbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AigQ1wwq0zgsL7GdotxJr4fddP0=
we11sfargo1101.herokuapp.com/favicon.ico
34.201.81.34200 OK 508 B URL HTTP/1.1 we11sfargo1101.herokuapp.com/favicon.ico
IP 34.201.81.34:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash aae21744b749c92583de4e320dccfae1
0df3faa383c1d0b64790b6e751417877fb0fa90f
485de168df9c99673821227a241ea2a2eed68992e965dc97fdbc7f9c781201fb
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /favicon.ico HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 29 Aug 2022 19:56:07 GMT
Etag: W/"47e-182eb2cefd8"
Content-Type: image/x-icon
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 09:31:49 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/images/bg--01.jpeg
34.201.81.34200 OK 613 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/images/bg--01.jpeg
IP 34.201.81.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=www.apeloga.se], baseline, precision 8, 2400x1600, components 3\012- data
Size 613 kB (613304 bytes)
Hash 598c358e4116e7c92dcb86c0921e4c4b
215f0238729c4a8db8f1a50b0728e31892e471c9
d3ee0c954f26a12702c2ad4ca5fc14fa14198eadd59113a5baef17e0c1240ebe
Analyzer Verdict Alert fortinet Phishing
GET /images/bg--01.jpeg HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 29 Aug 2022 19:56:07 GMT
Etag: W/"95bb8-182eb2cefd8"
Content-Type: image/jpeg
Content-Length: 613304
Date: Wed, 07 Sep 2022 09:31:48 GMT
Via: 1.1 vegur
we11sfargo1101.herokuapp.com/images/bg--03.jpeg
34.201.81.34200 OK 659 kB URL HTTP/1.1 we11sfargo1101.herokuapp.com/images/bg--03.jpeg
IP 34.201.81.34:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 Jim Purdum], progressive, precision 8, 2400x1600, components 3\012- data
Size 659 kB (659319 bytes)
Hash 133068d7ee306f24743190a69b433d39
ddc86ce7958b001acdcd32ff8ee65a9e444a2204
0ec17c78a8c0de92bd385f344308a3e0c715fedbb9b784820bd7aefcfc69c214
Analyzer Verdict Alert fortinet Phishing
GET /images/bg--03.jpeg HTTP/1.1
Host: we11sfargo1101.herokuapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://we11sfargo1101.herokuapp.com/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 29 Aug 2022 19:56:07 GMT
Etag: W/"a0f77-182eb2cefd8"
Content-Type: image/jpeg
Content-Length: 659319
Date: Wed, 07 Sep 2022 09:31:48 GMT
Via: 1.1 vegur
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17718
Expires: Wed, 07 Sep 2022 14:27:08 GMT
Date: Wed, 07 Sep 2022 09:31:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17718
Expires: Wed, 07 Sep 2022 14:27:08 GMT
Date: Wed, 07 Sep 2022 09:31:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17718
Expires: Wed, 07 Sep 2022 14:27:08 GMT
Date: Wed, 07 Sep 2022 09:31:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17718
Expires: Wed, 07 Sep 2022 14:27:08 GMT
Date: Wed, 07 Sep 2022 09:31:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17718
Expires: Wed, 07 Sep 2022 14:27:08 GMT
Date: Wed, 07 Sep 2022 09:31:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 41677
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:12:06 GMT
age: 15584
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 40638
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff29f2a08-1dd5-4577-ae0d-6852e6e83ba7.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff29f2a08-1dd5-4577-ae0d-6852e6e83ba7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6447311cd0f34fb9cde4e21946e0d8af
cfca3a21a33e58f300343f643634c50a924bb6db
e2de947b52e13a0350c5b6904020924b957161d825930677386185a62d2f2401
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff29f2a08-1dd5-4577-ae0d-6852e6e83ba7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5384
x-amzn-requestid: b2d61cc9-3109-4b76-9aee-96f14b755184
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqcrFFGIAMF8pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdea-43651bdc494d8c415225415e;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AdZGxVLg3lCcqbxAbsf79mse38ZRqK_L98l4OQZELiaNS4pAjuQ1BA==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:08 GMT
age: 42642
etag: "cfca3a21a33e58f300343f643634c50a924bb6db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ee4c9bd1e550045d69f24ad511070c
3bf0d51801523d7014ac76b5ab90c989fc7a770f
ee48c13050faa498f79222216f9c71b20b3a4e5e8e5c59c7156c276ab942703c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: d48113bc-fe40-4d59-b700-194b1092ab67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqmxQEbVoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db807-14ff6f5b0ffb9a7f08e57906;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YKs0giofWi83MnLBqx6zAu1NGd_A9-l6y2pULUBn2RK0-H3KNRzrUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 12:47:43 GMT
age: 74647
etag: "3bf0d51801523d7014ac76b5ab90c989fc7a770f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 42137
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2