r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1424d2734290cfd767b86da0ee0da3bc
875b1243bca41177411ac6af710d2bb96f45a0ac
70b5bb76774526a0cf131445ae2f8639085c3449812497df457f4bc78089917b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70B5BB76774526A0CF131445AE2F8639085C3449812497DF457F4BC78089917B"
Last-Modified: Wed, 15 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4724
Expires: Fri, 17 Mar 2023 18:57:05 GMT
Date: Fri, 17 Mar 2023 17:38:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3396075e8f2d9ceae3bd11f94111fed8
98ba4ccf6b0e38a91c69b76ac1dc07313773ed1d
e533d6bd6a8080facdff772bcbf359373dab2d5a6fe5eabe64f95e68a8cd23aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533D6BD6A8080FACDFF772BCBF359373DAB2D5A6FE5EABE64F95E68A8CD23AA"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2590
Expires: Fri, 17 Mar 2023 18:21:31 GMT
Date: Fri, 17 Mar 2023 17:38:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12cdbcb1b0785dc0423386448ac68c9c
08cff6b76fd708f0cef3c5bdb8fc72570c4536bd
bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6187
Expires: Fri, 17 Mar 2023 19:21:28 GMT
Date: Fri, 17 Mar 2023 17:38:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 17 Mar 2023 17:14:28 GMT
content-type: application/json
age: 1433
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T9ch/UTzACFROuwVioXlgnwgUU+0fJmhHKzX174A5RIJPZoLOmxHmi6mV05uLD47+g00lAi81ug=
x-amz-request-id: GPCAWTXP6YCFGPCV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 17 Mar 2023 16:48:11 GMT
age: 3010
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 17 Mar 2023 17:38:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
web009.wifiooe.at/ch/login/ad4971d5248facb8ee317368b45aee56/
83.64.216.25200 OK 20 kB URL HTTP/2 web009.wifiooe.at/ch/login/ad4971d5248facb8ee317368b45aee56/
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (14891)
Hash 924f3db26308b9dbb7dc51fe82ee7bf5
cdeb317d25977a3407d82e894a645ac38f8c3eb2
62be32b4eed755476802d030356e8222e6eb053b9ad65b0f43f1488cfe5238fc
Analyzer Verdict Alert openphish Swisscom IT Services AG
fortinet Phishing
GET /ch/login/ad4971d5248facb8ee317368b45aee56/ HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 19675
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-998.min.js
151.101.2.137200 OK 12 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-998.min.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (30646), with no line terminators
Hash c291071c4c267ab9bdea1a2f4f64f1ef
5cc78589a981eafe58c819b24a14cb42ea6be725
bdb0d300dd00e49ad126920f482fa07aca450602b6c295e7dc937cac49ade5ea
GET /nr-spa-998.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web009.wifiooe.at/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FFHZVWUJ/Qn1LXqPbb08/wVDzSoRFuPmiLaK+lV3Yh9YfnylJXP3iVZeinZEKeQezN4p96FEufY=
x-amz-request-id: N2ADCFJ6N62S5TVC
last-modified: Wed, 28 Feb 2018 23:35:29 GMT
etag: "e9ab7706b0962cd9a8d63384981319b5"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 17 Mar 2023 17:38:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 12
x-timer: S1679074702.687820,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 11783
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
GET /id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/ch/login/ad4971d5248facb8ee317368b45aee56/logo2.png
83.64.216.25200 OK 31 kB URL HTTP/2 web009.wifiooe.at/ch/login/ad4971d5248facb8ee317368b45aee56/logo2.png
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type PNG image data, 658 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash 0374965d5ba5f16b9eaaa6c6162b2aba
2965725ec42940885b9923c74f8600ccda8d08f4
5834b0280b63f25fdc4eb09317696a1851ec4e3e7b17b12e8c54e16ecb136ace
GET /ch/login/ad4971d5248facb8ee317368b45aee56/logo2.png HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 17 Mar 2023 04:04:03 GMT
accept-ranges: bytes
etag: "997537838558d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 31080
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/js/legacy/snowball-scripts.min.58475eeb551969ae427551a9aeafa063.js
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/js/legacy/snowball-scripts.min.58475eeb551969ae427551a9aeafa063.js
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
Analyzer Verdict Alert fortinet Phishing
GET /id/public/js/legacy/snowball-scripts.min.58475eeb551969ae427551a9aeafa063.js HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/js/legacy/vendor/jquery.min.3b3832b24b22e5e2c9be3fcabeb23396.js
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/js/legacy/vendor/jquery.min.3b3832b24b22e5e2c9be3fcabeb23396.js
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
Analyzer Verdict Alert fortinet Phishing
GET /id/public/js/legacy/vendor/jquery.min.3b3832b24b22e5e2c9be3fcabeb23396.js HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/js/legacy/vendor/newrelic_snowball_production.b13b3537305564b794c2cd28a49bfcc7.js
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/js/legacy/vendor/newrelic_snowball_production.b13b3537305564b794c2cd28a49bfcc7.js
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
Analyzer Verdict Alert fortinet Phishing
GET /id/public/js/legacy/vendor/newrelic_snowball_production.b13b3537305564b794c2cd28a49bfcc7.js HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 17 Mar 2023 17:17:21 GMT
age: 1260
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
bam.nr-data.net/1/1ef45fad1c?a=9259361&sa=1&v=998.365d633&t=Unnamed%20Transaction&rst=864&ref=https://connect.telenordigital.com/id/signin&be=373&fe=470&dc=5&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1583081805093,%22n%22:0,%22u%22:311,%22ue%22:311,%22f%22:5,%22dn%22:5,%22dne%22:5,%22c%22:5,%22ce%22:5,%22rq%22:15,%22rp%22:296,%22rpe%22:300,%22dl%22:314,%22di%22:377,%22ds%22:377,%22de%22:378,%22dc%22:843,%22l%22:843,%22le%22:843%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/1ef45fad1c?a=9259361&sa=1&v=998.365d633&t=Unnamed%20Transaction&rst=864&ref=https://connect.telenordigital.com/id/signin&be=373&fe=470&dc=5&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1583081805093,%22n%22:0,%22u%22:311,%22ue%22:311,%22f%22:5,%22dn%22:5,%22dne%22:5,%22c%22:5,%22ce%22:5,%22rq%22:15,%22rp%22:296,%22rpe%22:300,%22dl%22:314,%22di%22:377,%22ds%22:377,%22de%22:378,%22dc%22:843,%22l%22:843,%22le%22:843%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/1ef45fad1c?a=9259361&sa=1&v=998.365d633&t=Unnamed%20Transaction&rst=864&ref=https://connect.telenordigital.com/id/signin&be=373&fe=470&dc=5&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1583081805093,%22n%22:0,%22u%22:311,%22ue%22:311,%22f%22:5,%22dn%22:5,%22dne%22:5,%22c%22:5,%22ce%22:5,%22rq%22:15,%22rp%22:296,%22rpe%22:300,%22dl%22:314,%22di%22:377,%22ds%22:377,%22de%22:378,%22dc%22:843,%22l%22:843,%22le%22:843%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://web009.wifiooe.at/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 17 Mar 2023 17:38:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7a970255ad44b517-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=29e9d60fbd4f8ac; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a4b141e90b0fb22cf6d10a6a4fd360d
37b081be1a69edb97a7c562b71474f4d7405d94e
5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5914
Expires: Fri, 17 Mar 2023 19:16:56 GMT
Date: Fri, 17 Mar 2023 17:38:22 GMT
Connection: keep-alive
web009.wifiooe.at/id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
GET /id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/js/legacy/vendor/jquery.min.3b3832b24b22e5e2c9be3fcabeb23396.js
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/js/legacy/vendor/jquery.min.3b3832b24b22e5e2c9be3fcabeb23396.js
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
Analyzer Verdict Alert fortinet Phishing
GET /id/public/js/legacy/vendor/jquery.min.3b3832b24b22e5e2c9be3fcabeb23396.js HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
GET /id/public/css/legacy/snowball-main.f6a8f2c79bb45e96ab83802fb4c09823.css HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/js/legacy/snowball-scripts.min.58475eeb551969ae427551a9aeafa063.js
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/js/legacy/snowball-scripts.min.58475eeb551969ae427551a9aeafa063.js
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
Analyzer Verdict Alert fortinet Phishing
GET /id/public/js/legacy/snowball-scripts.min.58475eeb551969ae427551a9aeafa063.js HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ExqGLbghUVbM8QAJtn/EBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5VBFo3lmZ6xxKqrNt+qyvw4Z3/M=
web009.wifiooe.at/id/public/js/legacy/vendor/newrelic_snowball_production.b13b3537305564b794c2cd28a49bfcc7.js
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/js/legacy/vendor/newrelic_snowball_production.b13b3537305564b794c2cd28a49bfcc7.js
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
Analyzer Verdict Alert fortinet Phishing
GET /id/public/js/legacy/vendor/newrelic_snowball_production.b13b3537305564b794c2cd28a49bfcc7.js HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:21 GMT
content-length: 1285
X-Firefox-Spdy: h2
web009.wifiooe.at/id/public/img/favicon.dfa5913bb9249eb2ffabfc686ebca109.png
83.64.216.25404 Not Found 1.3 kB URL HTTP/2 web009.wifiooe.at/id/public/img/favicon.dfa5913bb9249eb2ffabfc686ebca109.png
IP 83.64.216.25:0
ASN #8412 T-Mobile Austria GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 47b67f1fffa58bf0846adc56ca5d3d49
dfd52c34fef1bb60a88710379505be25dc09f352
2d781355e6754bead57f78d34bb6d38258c32391bbb43629d3ef5124fe4b1259
GET /id/public/img/favicon.dfa5913bb9249eb2ffabfc686ebca109.png HTTP/1.1
Host: web009.wifiooe.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 17 Mar 2023 17:38:22 GMT
content-length: 1285
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Fri, 17 Mar 2023 19:04:33 GMT
Date: Fri, 17 Mar 2023 17:38:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Fri, 17 Mar 2023 19:04:33 GMT
Date: Fri, 17 Mar 2023 17:38:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Fri, 17 Mar 2023 19:04:33 GMT
Date: Fri, 17 Mar 2023 17:38:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05b82ec8d7e99e9499e8b5a980008c60
280fe711e384d60749c6225ddcc7f57c48845719
305b82d6aa40f5af58100de5007ac484c73c0a49ab7c5715b8ab6e83e10270f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6272d07-0ccd-41ba-a86f-72932f0783bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5828
x-amzn-requestid: d366481c-e7c3-4cc5-b3da-c7c4b22f320a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5KlrFegIAMFa8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138af0-1c7c39d05a6b31ed1ddcb409;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:32:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: WWj5PE-SRteLqD_zUeyBBarnrGodgVs_FuEh3pqlu8NmuSXEKbtJiA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:49:59 GMT
etag: "280fe711e384d60749c6225ddcc7f57c48845719"
content-type: image/jpeg
age: 71304
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3afd93ef-cefa-4b13-9faa-e4560a0e65e1.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3afd93ef-cefa-4b13-9faa-e4560a0e65e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5db2f29c5f1c49dd8d108f52ddae6c7
e380ed74ff84aa07ab542d6e7406b5780cbef0b8
e5ed487d1ddb3acda9e191ca2405297488460bdac661f8813074758281eeb29e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3afd93ef-cefa-4b13-9faa-e4560a0e65e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5922
x-amzn-requestid: 80d66033-595a-494b-851e-f38cbc71d197
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B5LISGbYIAMF1bA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64138bce-773f824a0989e5ec7b10295e;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Cm2_3aMuUoPr8-9OqvMwEnQ2LqNk7pXIeC9woNv3jmMe7VFOTJnzIQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 21:56:42 GMT
etag: "e380ed74ff84aa07ab542d6e7406b5780cbef0b8"
content-type: image/jpeg
age: 70901
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa24301-1030-4c4f-989c-e2b17d183b89.webp
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa24301-1030-4c4f-989c-e2b17d183b89.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 558d071f9fca9b78c603772983479a2e
d3e35ffefb1fb7463f0f4eedd6a83577dc73523a
03a98d89ba218aead77e6c2470bc74840b05515e9e6c14cad12ae952974a845d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafa24301-1030-4c4f-989c-e2b17d183b89.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: e80767f3-f9d5-4617-841c-0ff537e127f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B2oz2EdsIAMFVIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64128818-1ac71964287b5c9431cb9264;Sampled=0
x-amzn-remapped-date: Thu, 16 Mar 2023 03:08:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MnNSoeWgZ3xQgnZq7b579WZ6wD61BPS_JEOkfjxfk0DHifilHeYveQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 04:48:01 GMT
age: 46222
etag: "d3e35ffefb1fb7463f0f4eedd6a83577dc73523a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab1194f894e79ce8de9c4a02925415e8
b06c689355301378aedbe12d01782debc8e2559e
1113a17eb74f317f3879f781f7b2fcb86f7e7da9ff6e18b44288f379cd5a21c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F283cce37-c692-4203-ad27-597093d4e1d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5906
x-amzn-requestid: 81b47546-f999-40fc-887b-1f8e3d9e49b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bz5_JGH2oAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64117060-303925a47d9431f63bf5afaa;Sampled=0
x-amzn-remapped-date: Wed, 15 Mar 2023 07:14:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yhJQJKgvv9AxHjr1CFyDo6t5owgihxDs9W-HLMSV2bOb32s8KFFkAw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 07:54:01 GMT
age: 35062
etag: "b06c689355301378aedbe12d01782debc8e2559e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 04:25:38 GMT
age: 47565
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b237b4b09287ed50ed4b41b5a4bfb339
5114fb56e5d9847562d2c493dbe684ee1057ffba
a78555499f140649e47a5c0a561f36a8002abbceb2ab13189e91faefa6dd298c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32661b66-c29d-4fb2-8a6d-e8d32af65c0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6291
x-amzn-requestid: 862f541b-8662-40fd-948b-81f454101a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BuAzzFL6oAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f14e4-337ab28f5f932a4c050a691d;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 12:19:48 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: -r-kQBuxzGLlPe15PBUIOxhCSiYdWXVxK_nFS3wEr08Sy72W02ohsQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Mar 2023 22:36:10 GMT
age: 68533
etag: "5114fb56e5d9847562d2c493dbe684ee1057ffba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2