r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4772
Expires: Thu, 01 Dec 2022 06:00:30 GMT
Date: Thu, 01 Dec 2022 04:40:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1741
Cache-Control: max-age=109162
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:40:58 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:00:20 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7781
Expires: Thu, 01 Dec 2022 06:50:39 GMT
Date: Thu, 01 Dec 2022 04:40:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 04:19:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1273
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kpbjovJflhpJvfffhPVyvC7e2khljMB+HQUTG7rbBJTB53cf7aPSffeuiqyRGZWCksNkOD2VFZU=
x-amz-request-id: JF24ETBPZG7EAM0T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 03:46:07 GMT
age: 3291
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 04:40:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 1923
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
pinu4564ps4t.ru/qwsa/smoth/email.html
103.153.182.185200 OK 264 kB URL HTTP/1.1 pinu4564ps4t.ru/qwsa/smoth/email.html
IP 103.153.182.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64812), with CRLF line terminators
Size 264 kB (263790 bytes)
Hash d8c4358cdb4f0c1c9a4da37d473cead4
41833b04fd340850d6d5d60f1af15e5a34628c98
a5cc2a34b6d63f6feff55d993a81a65cc84208b69f1769e0f4580e7e23c6ff6b
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
quad9 Sinkholed
GET /qwsa/smoth/email.html HTTP/1.1
Host: pinu4564ps4t.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C85463239884521633163066137548215826225%7CMCAAMLH-1670469746%7C6%7CMCAAMB-1670469746%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C677917998%7CMCOPTOUT-1669872146s%7CNONE%7CvVersion%7C5.2.0; _ga=GA1.1.588445675.1669864947; _gid=GA1.1.1235809369.1669864947
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 04:40:58 GMT
Server: Apache
Last-Modified: Tue, 08 Feb 2022 05:01:30 GMT
Accept-Ranges: bytes
Content-Length: 263790
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d1d5c2b68b4506d1fd783a0365bf348
c701375e6d5fb742748a77bf0d024c965178cee8
e149ba71e28ed1c3e39c9a00517d4202a2b77cb3d34ce886fef74562719164f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1580
Cache-Control: max-age=98572
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:40:59 GMT
Etag: "6387083b-1d7"
Expires: Fri, 02 Dec 2022 08:03:51 GMT
Last-Modified: Wed, 30 Nov 2022 07:37:31 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d1d5c2b68b4506d1fd783a0365bf348
c701375e6d5fb742748a77bf0d024c965178cee8
e149ba71e28ed1c3e39c9a00517d4202a2b77cb3d34ce886fef74562719164f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1580
Cache-Control: max-age=98572
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:40:59 GMT
Etag: "6387083b-1d7"
Expires: Fri, 02 Dec 2022 08:03:51 GMT
Last-Modified: Wed, 30 Nov 2022 07:37:31 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d1d5c2b68b4506d1fd783a0365bf348
c701375e6d5fb742748a77bf0d024c965178cee8
e149ba71e28ed1c3e39c9a00517d4202a2b77cb3d34ce886fef74562719164f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:40:59 GMT
Last-Modified: Thu, 01 Dec 2022 04:15:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d1d5c2b68b4506d1fd783a0365bf348
c701375e6d5fb742748a77bf0d024c965178cee8
e149ba71e28ed1c3e39c9a00517d4202a2b77cb3d34ce886fef74562719164f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1503
Cache-Control: max-age=98495
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:40:59 GMT
Etag: "6387083b-1d7"
Expires: Fri, 02 Dec 2022 08:02:34 GMT
Last-Modified: Wed, 30 Nov 2022 07:37:31 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1788
Cache-Control: max-age=104140
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:40:59 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:36:39 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
oam.wellsfargo.com/oam/static/css/ssep/theme.ssep.credential.remediation.css?v=571149307C
23.36.79.8200 OK 36 kB URL HTTP/1.1 oam.wellsfargo.com/oam/static/css/ssep/theme.ssep.credential.remediation.css?v=571149307C
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (5598), with CRLF line terminators
Hash ed33c30083334d769b5eaff4d35ed591
56bf047107239361779c13410815d34555430c1f
41ebc26ace9f702b3bb0d3d7674a49041ce73670bcccaf496c7ca940fa601795
GET /oam/static/css/ssep/theme.ssep.credential.remediation.css?v=571149307C HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 03 Nov 2022 06:01:34 GMT
Vary: Accept-Encoding
ETag: W/"6363593e-15429"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 35605
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=aWnkeLkUOz+AzZaPBzafag%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
oam.wellsfargo.com/oam/static/css/global/globalFooter.css?v=571149307C
23.36.79.8200 OK 1.1 kB URL HTTP/1.1 oam.wellsfargo.com/oam/static/css/global/globalFooter.css?v=571149307C
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 2bb8d3b883aee14272aa9fd5bf93144f
759126aef0b4db0644f6ac6de5cb9cf9123c94c3
a838073f9b84cd56bbe93d1bdf1f6b624fdc0e9b2efc6a045e3911bd3e3196b6
GET /oam/static/css/global/globalFooter.css?v=571149307C HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 03 Nov 2022 06:01:31 GMT
Vary: Accept-Encoding
ETag: W/"6363593b-e13"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 1119
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ngC0HoNoa2%2fiPHizVrA8+w%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
oam.wellsfargo.com/oam/static/js/appd/adrum-ext.js?v=571149307C
23.36.79.8200 OK 15 kB URL HTTP/1.1 oam.wellsfargo.com/oam/static/js/appd/adrum-ext.js?v=571149307C
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (675)
Hash b4bcf20ab8345150ce1ca1ae1c079fe3
36ad92bb9ed18f3cb6aae35ae0efff05744fcd1f
6aae000f3cf00ea216f5126569f689086a22960375df104f80d7a642d2835340
GET /oam/static/js/appd/adrum-ext.js?v=571149307C HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Nov 2022 06:01:34 GMT
Vary: Accept-Encoding
ETag: W/"6363593e-b218"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 14672
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=GMsxZWSVOHuQ7MDuVI4fgA%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
oam.wellsfargo.com/oam/images/icn-nav-home-glob-18x17-000720-v01_00@1x.png
23.36.79.8200 OK 239 B URL HTTP/1.1 oam.wellsfargo.com/oam/images/icn-nav-home-glob-18x17-000720-v01_00@1x.png
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type PNG image data, 17 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 53fe1c00b7d6229830420ccdeac140b8
b7631c8027e595c0963f4470ee77ded4f0c7c48d
ec04389b5b81da4ce01879e7bc68a8cc1fe2b912efb16b01ea511b80f923f79f
GET /oam/images/icn-nav-home-glob-18x17-000720-v01_00@1x.png HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0
Pragma: no-cache
Expires: -1
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'nonce-e5146c5b-340e-4ce4-ac6d-08483bef10bd' 'self' https://*.wellsfargo.com https://*.wellsfargoadvisors.com https://*.wfinterface.com https://*.wellsfargomedia.com https://wellsfargo.com; img-src data: 'self' https://*.wellsfargo.com https://*.wellsfargoadvisors.com https://*.wfinterface.com https://*.wellsfargomedia.com https://wellsfargo.com https://*.kampyle.com; style-src 'unsafe-inline' 'self' https://*.wellsfargo.com https://*.wellsfargoadvisors.com https://*.wfinterface.com https://*.wellsfargomedia.com https://wellsfargo.com; font-src data: 'self' https://*.wellsfargo.com https://*.wellsfargoadvisors.com https://*.wfinterface.com https://*.wellsfargomedia.com https://wellsfargo.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargoadvisors.com https://*.wfinterface.com https://*.wellsfargomedia.com https://wellsfargo.com https://pdx-col.eum-appdynamics.com https://*.kampyle.com https://*.medallia.com/; form-action 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://wellsfargo.com; plugin-types 'none'; frame-src 'self' https://*.wellsfargo.com https://*.wellsfargoadvisors.com https://*.wfinterface.com https://*.wellsfargomedia.com https://wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Accept-Ranges: bytes
ETag: W/"239-1665668012000"
Last-Modified: Thu, 13 Oct 2022 13:33:32 GMT
Content-Type: image/png
Content-Length: 239
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Set-Cookie: wfacookie=38202211302040591697652400; domain=.wellsfargo.com; path=/; expires=28 Nov 2032 04:40:59 GMT; secure=true; HttpOnly
ISD_ABC_COOKIE=A; Max-Age=2400; path=/; Domain=oam.wellsfargo.com; Secure; httpOnly
ISD_TF_COOKIE=5x6IxcPrA397eb5zBk8ugT0Uby7HR6gyT5CVmC5HtZiUZHWEv9CY/fTlIVJ+3AQ4XcyICVsRbsMjbAAAAAE=; path=/; domain=oam.wellsfargo.com; HttpOnly; Secure
DCID=JkjkMdKAEBB+pOihEtZwnV2EZWouMuvOeu+MR9+oUsDl6PvElPZsrIWAhTxUazYX; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Dec 2022 04:55:59 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
oam.wellsfargo.com/oam/static/js/jquery.min.js?v=571149307C
23.36.79.8200 OK 31 kB URL HTTP/1.1 oam.wellsfargo.com/oam/static/js/jquery.min.js?v=571149307C
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65451)
Hash 43c4cc26afc8987522d2968001c59ca0
4121fbfa94ea24ba93e30a4072ccb05fe124d4a1
1636e15b320d5032702d99b0ed52abafba808e92e08ecdb139e9099099e41029
GET /oam/static/js/jquery.min.js?v=571149307C HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Nov 2022 06:01:31 GMT
Vary: Accept-Encoding
ETag: W/"6363593b-15d84"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 30879
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=sXveTm4oNUDz4nbTrGYeBw%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
oam.wellsfargo.com/oam/static/images/icn-ind-confirm-customer-level-glob-36x28-000720-v01-00-@1x.png
23.36.79.8200 OK 271 B URL HTTP/1.1 oam.wellsfargo.com/oam/static/images/icn-ind-confirm-customer-level-glob-36x28-000720-v01-00-@1x.png
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type PNG image data, 36 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 583b8c10ee0bf99180613ea94606dacb
9d319a6fc2fc82ab0be7b0134d96ce527febe131
c3eae7afa0de88591ea3db2996b72ba0592ae63f0b9e0ffca90f03bcdab4775a
GET /oam/static/images/icn-ind-confirm-customer-level-glob-36x28-000720-v01-00-@1x.png HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 271
Last-Modified: Thu, 03 Nov 2022 06:01:32 GMT
ETag: "6363593c-10f"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Accept-Ranges: bytes
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=ZjGWt9IuqjRuCf9%2ftPWKfQ%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
oam.wellsfargo.com/oam/static/js/nativeapp-bridge-min.js?v=571149307C
23.36.79.8200 OK 1.8 kB URL HTTP/1.1 oam.wellsfargo.com/oam/static/js/nativeapp-bridge-min.js?v=571149307C
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4807), with no line terminators
Hash d4b7a00e8cdff8180de04f80d0739781
24dd32db0725f8ff98590a7f9e82ff635ccec96b
8689b18b6cba4494556cd301a54bfbda1f9ea3aa95dac10f5b8b0027499ab049
GET /oam/static/js/nativeapp-bridge-min.js?v=571149307C HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Nov 2022 06:01:34 GMT
Vary: Accept-Encoding
ETag: W/"6363593e-12c7"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 1764
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=KBdMoh4UkABHMSiEXe67PA%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
oam.wellsfargo.com/oam/static/js/combined/change.username.js?v=571149307C
23.36.79.8200 OK 7.7 kB URL HTTP/1.1 oam.wellsfargo.com/oam/static/js/combined/change.username.js?v=571149307C
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
Hash 814ca330c1b1fdbe3ac3cb873784a957
0ed7c595983a5715efe3d80ccbf9e64db04b2135
6d6f028cd75109f07906a9ea9a3d81faa74a232d63726e0c725b186eb73aee12
GET /oam/static/js/combined/change.username.js?v=571149307C HTTP/1.1
Host: oam.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Nov 2022 03:24:39 GMT
Vary: Accept-Encoding
ETag: W/"63633477-b2a5"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; style-src 'self' https://wellsfargo.com https://*.wellsfargo.com; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 7672
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=rcykdZ5eGV+G0zI1EcC9eA%3d%3d; Domain=oam.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c9ZJGaQNksD86hgJi5qFKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6Ff8zBIr+MCbLRouWyQBSkMkXUY=
static.wellsfargo.com/tracking/secure-auth/utag.js
23.36.79.27200 OK 10 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6980)
Hash 32add8e685df3c8a752e1567db643dbf
12465af9f2116be2ffd11a4d19f346b3b77f09a0
f12da9ae0698b6150f84156ac3e1f8f83b91e92a0538f0e1ee0894964f8fe49d
GET /tracking/secure-auth/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 07 Nov 2022 21:07:58 GMT
Vary: Accept-Encoding
ETag: W/"636973ae-8e8f"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 10476
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qS0gTwD2Ek6t5jtq0ialDw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.48.202209151645
23.36.79.27200 OK 2.4 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.48.202209151645
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3223)
Hash 44449282135ec65f8a30f2d0019559bc
b5345b6412524b284661df58083cf4a69137bf07
4274fe65bf4837e788240c5554ea146522b4f639497f86f0ebad1cfdff13e71b
GET /tracking/secure-auth/utag.5.js?utv=ut4.48.202209151645 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:42 GMT
Vary: Accept-Encoding
ETag: W/"632cc052-1c52"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2392
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=2L%2fIfnCqIG6fHHmimID5Ww%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.21.js?utv=ut4.48.202210132016
23.36.79.27200 OK 1.8 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.21.js?utv=ut4.48.202210132016
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1090)
Hash 79d4c5b9ced319f1894c68d097b54f9c
75ad64d30369f91d7e2831b5b024364839e74d2d
aece2b5528a0cce3613b0ee26cc3455e0fae06eb730d8932d3baf5122766a5ff
GET /tracking/secure-auth/utag.21.js?utv=ut4.48.202210132016 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 07 Nov 2022 21:02:08 GMT
Vary: Accept-Encoding
ETag: W/"63697250-1123"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1841
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=7NOPrRqxueBJXuMUvhenYQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
23.36.79.27200 OK 819 B URL HTTP/1.1 static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (720)
Hash 400e574e68b2d11076d96efd5cc087ec
873e23f01b6356fc78aab57cdb1308d458ae6888
454b56cd80b0412a4ec874001dcedaa491e4ca376b3805d1d91dd83071033564
GET /tracking/medallia/wdcusprem/57907/onsite/medallia-digital-embed.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 12 Oct 2022 20:08:15 GMT
Vary: Accept-Encoding
ETag: W/"63471eaf-798"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 819
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=4j1mWg1gDNkLAxtjR0LpKA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/gb/detector-dom.min.js
23.36.79.27200 OK 132 kB URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65434)
Size 132 kB (131829 bytes)
Hash 73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=LnCuGCnllxk1RbCCrCuhGA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
pinu4564ps4t.ru/favicon.ico
103.153.182.185404 Not Found 315 B URL HTTP/1.1 pinu4564ps4t.ru/favicon.ico
IP 103.153.182.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: pinu4564ps4t.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/qwsa/smoth/email.html
Cookie: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C85463239884521633163066137548215826225%7CMCAAMLH-1670469746%7C6%7CMCAAMB-1670469746%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C677917998%7CMCOPTOUT-1669872146s%7CNONE%7CvVersion%7C5.2.0; _ga=GA1.1.588445675.1669864947; _gid=GA1.1.1235809369.1669864947
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:40:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
23.36.79.27200 OK 78 kB URL HTTP/1.1 static.wellsfargo.com/tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11854)
Hash 2d4114748dd4ba96746b364ddbb90efd
71af87311a51b11de269075c7d5222ac27170efb
c86a5b651313fa185fbb81f5e78f9ec42ae8a466532995e4b6bfda7407f5ac81
GET /tracking/medallia/wdcusprem/57907/onsite/generic1661785830759.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 12 Oct 2022 20:08:15 GMT
Vary: Accept-Encoding
ETag: W/"63471eaf-54d3a"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 78340
Date: Thu, 01 Dec 2022 04:40:59 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=kyHaXbZ4Jab3k2WLqK3lYA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
pinu4564ps4t.ru/oam/static/js/appd/adrum-ext.b4436be974de477658d4a93afb752165.js
103.153.182.185404 Not Found 315 B URL HTTP/1.1 pinu4564ps4t.ru/oam/static/js/appd/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 103.153.182.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /oam/static/js/appd/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: pinu4564ps4t.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/qwsa/smoth/email.html
Cookie: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C85463239884521633163066137548215826225%7CMCAAMLH-1670469746%7C6%7CMCAAMB-1670469746%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C677917998%7CMCOPTOUT-1669872146s%7CNONE%7CvVersion%7C5.2.0; _ga=GA1.1.588445675.1669864947; _gid=GA1.1.1235809369.1669864947
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 04:40:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
151.101.129.230200 OK 1.6 kB URL HTTP/2 resources.digital-cloud-prem.medallia.com/wdcusprem/57907/onsite/onsiteData.json
IP 151.101.129.230:0
File type JSON data\012- , ASCII text, with very long lines (2056)
Hash 7aaa86afaa226554d3779a33c42b14a2
4c673283d99b406af089ddf3ad7f4ec2f31e2538
08c3507df95050d37e85d639db9a2c6887885ac34b57dce8801fa4511d438433
GET /wdcusprem/57907/onsite/onsiteData.json HTTP/1.1
Host: resources.digital-cloud-prem.medallia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pinu4564ps4t.ru
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +owKg4mEzug+epSn0dkeUIPcjaxIvXEuQTOsvwTVA4LZcNQqsJjQYFHZeSbir1o+EhK+wlkvlN+9SNH6htnYkA==
x-amz-request-id: 2N2AR93JZR9H1B9J
last-modified: Tue, 18 Oct 2022 18:20:38 GMT
etag: "d8dc1950f0b57bc5a3877f5b89a3bcd1"
x-amz-version-id: pRJOZqLoxdz1tvMzBIvHCK_H7KLb6pxx
content-type: application/json
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Thu, 01 Dec 2022 04:40:59 GMT
age: 3752420
x-served-by: cache-pao12023-PAO, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 188, 2
x-timer: S1669869660.986145,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1644
X-Firefox-Spdy: h2
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=25803f0e-41d0-4545-9104-42d59b2151cd%3A0&_cls_v=a3b28771-8654-4d62-8307-454d16c772d2&pv=2&f_cls_s=true
23.36.79.9200 OK 76 B URL HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=25803f0e-41d0-4545-9104-42d59b2151cd%3A0&_cls_v=a3b28771-8654-4d62-8307-454d16c772d2&pv=2&f_cls_s=true
IP 23.36.79.9:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 87d07aee89b32d5c3a7d401c49cc44f4
953121b2646c46f4198ed9d9f46ee202c068b8f9
bd74400def9db8a7ee9e91761f5cd1466d8013709e7a3db968d6cc1fae2c980a
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=25803f0e-41d0-4545-9104-42d59b2151cd%3A0&_cls_v=a3b28771-8654-4d62-8307-454d16c772d2&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pinu4564ps4t.ru
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://pinu4564ps4t.ru
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 76
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Thu, 01 Dec 2022 04:41:00 GMT
Connection: keep-alive
Set-Cookie: _cls_v=a3b28771-8654-4d62-8307-454d16c772d2; Secure; SameSite=None;HttpOnly;Secure
_cls_s=25803f0e-41d0-4545-9104-42d59b2151cd:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!/KgRhz4Hbvj/ekER0YpcGl4FPg9joQWg1/mH6C8R6Ez5/U0Q0IJJaNmW2Lw/Fkg4j16b/phyBiorQg==; path=/; Httponly; Secure
DCID=mTPHC8hTztgqosd6NIo++Iqq+8VmRkYrheX30B4P3CJMp6lzD+7fsp%2fHR7mcnvGN; Domain=rubicon.wellsfargo.com; Path=/; Expires=Thu, 01 Dec 2022 04:56:00 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
ocsps.ssl.com/
52.6.97.148200 OK 1.8 kB IP 52.6.97.148:0
Hash 4d4f93c4e9d746e5e23a90f4098b7621
b99cab4f2e7e3d13fcd0dbf03d03599e8d00cef5
bb22bf45d1387f01ad33d05dfb3cb144e439f9e1f923c26a22c2607c453010ae
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 04:41:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Wed, 07 Dec 2022 15:27:38 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "b99cab4f2e7e3d13fcd0dbf03d03599e8d00cef5"
Last-Modified: Wed, 30 Nov 2022 15:27:39 GMT
X-Proxy-Cache: HIT
ocsps.ssl.com/
52.6.97.148200 OK 1.8 kB IP 52.6.97.148:0
Hash 8b38000766994e53c9378c7239b99b32
8768767b837affbf33358526e3ebb0de29255394
8d4d2f986b3c20db1d65020a37f2cad519de67eab5def52988ea6a1578db1268
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 04:41:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Wed, 07 Dec 2022 14:16:31 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "8768767b837affbf33358526e3ebb0de29255394"
Last-Modified: Wed, 30 Nov 2022 14:16:32 GMT
X-Proxy-Cache: HIT
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiV2VsbHMgRmFyZ28gLSBDaGFuZ2UgeW91ciB1c2VybmFtZSIsInBhZ2VfdXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2Njk4Njk2NTg2NzMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NGNiZmNlMWQyNWYtMDUxMWY1ZmU3MjBhOTE4LWM1MDU0MjUtMTQwMDAwLTE4NGNiZmNlMWQzMzE0IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjVhMDEtYWM4NS0yYTI3LWY1ODAtOTMzNi0xYTNiLWM0ZTctMGE2ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY5ODY5NjU4NjcyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4Nywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2OTg2OTY1ODY3MywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsInBhY2thZ2VWZXJzaW9uIjogIjIuNDcuM18yMDIyMDgyOTE1MTAzMCJ9Cl19
35.241.45.82200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiV2VsbHMgRmFyZ28gLSBDaGFuZ2UgeW91ciB1c2VybmFtZSIsInBhZ2VfdXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2Njk4Njk2NTg2NzMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NGNiZmNlMWQyNWYtMDUxMWY1ZmU3MjBhOTE4LWM1MDU0MjUtMTQwMDAwLTE4NGNiZmNlMWQzMzE0IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjVhMDEtYWM4NS0yYTI3LWY1ODAtOTMzNi0xYTNiLWM0ZTctMGE2ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY5ODY5NjU4NjcyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4Nywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2OTg2OTY1ODY3MywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsInBhY2thZ2VWZXJzaW9uIjogIjIuNDcuM18yMDIyMDgyOTE1MTAzMCJ9Cl19
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiV2VsbHMgRmFyZ28gLSBDaGFuZ2UgeW91ciB1c2VybmFtZSIsInBhZ2VfdXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2Njk4Njk2NTg2NzMiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NGNiZmNlMWQyNWYtMDUxMWY1ZmU3MjBhOTE4LWM1MDU0MjUtMTQwMDAwLTE4NGNiZmNlMWQzMzE0IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXVzLXByZW0iLCJhY2NvdW50SWQiOiA1NzkwNSwidXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwid2Vic2l0ZUlkIjogNTc5MDcsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjVhMDEtYWM4NS0yYTI3LWY1ODAtOTMzNi0xYTNiLWM0ZTctMGE2ZCIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjY5ODY5NjU4NjcyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDU4Nywia2FtcHlsZV92ZXJzaW9uIjogIjIuNDcuMyIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDcuMyIsImhpc3RvcnlfbGVuZ3RoIjogMSwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY2OTg2OTY1ODY3MywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2UsInBhY2thZ2VWZXJzaW9uIjogIjIuNDcuM18yMDIyMDgyOTE1MTAzMCJ9Cl19 HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 04:41:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-green-chl9
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiV2VsbHMgRmFyZ28gLSBDaGFuZ2UgeW91ciB1c2VybmFtZSIsInBhZ2VfdXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfYWZ0ZXJfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY5ODY5NjU4NjYyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODRjYmZjZTFkMjVmLTA1MTFmNWZlNzIwYTkxOC1jNTA1NDI1LTE0MDAwMC0xODRjYmZjZTFkMzMxNCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8vcGludTQ1NjRwczR0LnJ1L3F3c2Evc21vdGgvZW1haWwuaHRtbCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1YTAxLWFjODUtMmEyNy1mNTgwLTkzMzYtMWEzYi1jNGU3LTBhNmQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4fX0sImNvb2tpZV9zaXplIjogNDc4LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY5ODY5NjU4NjYyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40Ny4zXzIwMjIwODI5MTUxMDMwIn0KXX0=
35.241.45.82200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiV2VsbHMgRmFyZ28gLSBDaGFuZ2UgeW91ciB1c2VybmFtZSIsInBhZ2VfdXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfYWZ0ZXJfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY5ODY5NjU4NjYyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODRjYmZjZTFkMjVmLTA1MTFmNWZlNzIwYTkxOC1jNTA1NDI1LTE0MDAwMC0xODRjYmZjZTFkMzMxNCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8vcGludTQ1NjRwczR0LnJ1L3F3c2Evc21vdGgvZW1haWwuaHRtbCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1YTAxLWFjODUtMmEyNy1mNTgwLTkzMzYtMWEzYi1jNGU3LTBhNmQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4fX0sImNvb2tpZV9zaXplIjogNDc4LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY5ODY5NjU4NjYyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40Ny4zXzIwMjIwODI5MTUxMDMwIn0KXX0=
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiV2VsbHMgRmFyZ28gLSBDaGFuZ2UgeW91ciB1c2VybmFtZSIsInBhZ2VfdXJsIjogImh0dHA6Ly9waW51NDU2NHBzNHQucnUvcXdzYS9zbW90aC9lbWFpbC5odG1sIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfYWZ0ZXJfaHR0cF9nZXRfcmVxdWVzdCIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjY5ODY5NjU4NjYyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODRjYmZjZTFkMjVmLTA1MTFmNWZlNzIwYTkxOC1jNTA1NDI1LTE0MDAwMC0xODRjYmZjZTFkMzMxNCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1wcmVtIiwiYWNjb3VudElkIjogNTc5MDUsInVybCI6ICJodHRwOi8vcGludTQ1NjRwczR0LnJ1L3F3c2Evc21vdGgvZW1haWwuaHRtbCIsIndlYnNpdGVJZCI6IDU3OTA3LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI1YTAxLWFjODUtMmEyNy1mNTgwLTkzMzYtMWEzYi1jNGU3LTBhNmQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiIsImh0dHBSZXF1ZXN0RGF0YSI6IHsicmVxdWVzdFVybCI6ICJodHRwczovL3Jlc291cmNlcy5kaWdpdGFsLWNsb3VkLXByZW0ubWVkYWxsaWEuY29tL3dkY3VzcHJlbS81NzkwNy9vbnNpdGUvb25zaXRlRGF0YS5qc29uIiwiYXR0ZW1wdE51bWJlciI6IDAsInJlcXVlc3RUb3RhbFRpbWVJblNlY29uZHMiOiAwLjA4fX0sImNvb2tpZV9zaXplIjogNDc4LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjY5ODY5NjU4NjYyLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwicGFja2FnZVZlcnNpb24iOiAiMi40Ny4zXzIwMjIwODI5MTUxMDMwIn0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pinu4564ps4t.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 04:41:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-green-7qxj
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 04:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 04:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 04:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 04:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4829
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 04:41:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 24540
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 23529
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8802d5080eb35e4052ef31cf7658650
1e78566f2e69268c5f753fb49112ab07aae3eccf
9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz7XEE2IAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 24675
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f07f254d44ff2fb86ee22cee39ef3eb0
0660a548a491d4a58ca2246f094f0553437c3f61
859b2416d638b1dc91ff563800517124b38d45b4c5db99e21539c1700829dbe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: ef9e5eb9-b7b3-41e9-9837-a5979ab35d94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91OFzsoAMFcew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-53b152c0027d26e52383e27e;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F_ZBWwAOPbEjvMD1ChrgN9QYUyyFYdtRT6CcX6gviowmeinPRgVtnA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:19:21 GMT
age: 1299
etag: "0660a548a491d4a58ca2246f094f0553437c3f61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2f2f7c9706a549fd41ba29135ce83e1
838faca0991563ccc5756f65d5bfd6c3d4d88372
f35f6a43751ff81f220789a2aa352c6abbd2f52b3beabff738cd11761b1923da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6509
x-amzn-requestid: a86cb68e-5c74-4945-acbc-79d10f7c6c7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMPFOEIAMFYnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe7-006677c06331c3e014ab143e;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tlB6fhdDRjY_6gEC8QWNa8BLapBlyNLrx2I2fyE0M36oIS4cpEXDQw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:58 GMT
age: 24662
etag: "838faca0991563ccc5756f65d5bfd6c3d4d88372"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 06:20:48 GMT
age: 80412
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2