Overview

URL freeflywindstation.com/unicredit/carta/
IP108.167.143.215
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-09-23 09:48:41 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-22 2 freeflywindstation.com/unicredit/carta/ UniCredit Bank
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 freeflywindstation.com/unicredit/carta/ Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Regular.otf Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Bold.otf Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.woff2 Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Medium.otf Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/UniCredit-Light.otf Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.woff Phishing
2022-09-23 2 freeflywindstation.com/unicredit/carta/assets/fonts/roboto-regular.ttf Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-23 04:34:38 UTC 69.16.175.10
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 04:04:38 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 44.237.239.70
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.36
mnemonic passive DNS freeflywindstation.com (16) 0 2015-07-11 15:27:02 UTC 2022-09-23 00:31:47 UTC 108.167.143.215 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:02:41 UTC 34.160.144.191


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 108.167.143.215

Date UQ / IDS / BL URL IP
2022-09-23 09:48:41 +0000
0 - 0 - 9 freeflywindstation.com/unicredit/carta/ 108.167.143.215
2022-09-03 22:31:37 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 11:09:09 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 06:17:33 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 02:08:14 +0000
0 - 0 - 8 freeflywindstation.com/unicredit/carta/ 108.167.143.215

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-12-09 18:48:51 +0000
0 - 0 - 2 www.my-netbank.commbank.application.com.au.pa (...) 162.214.224.110
2022-12-09 18:48:07 +0000
0 - 0 - 2 www.my-netbank.commbank.application.com.au.pa (...) 162.214.224.110
2022-12-09 18:47:51 +0000
0 - 0 - 2 www.my-netbank.commbank.application.com.au.pa (...) 162.214.224.110
2022-12-09 18:45:56 +0000
0 - 0 - 2 www.my-netbank.commbank.application.com.au.pa (...) 162.214.224.110
2022-12-09 18:45:24 +0000
0 - 0 - 2 www.my-netbank.commbank.application.com.au.pa (...) 162.214.224.110

Last 5 reports on domain: freeflywindstation.com

Date UQ / IDS / BL URL IP
2022-09-23 09:48:41 +0000
0 - 0 - 9 freeflywindstation.com/unicredit/carta/ 108.167.143.215
2022-09-03 22:31:37 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 11:09:09 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 06:17:33 +0000
0 - 0 - 10 freeflywindstation.com/unicredit/carta 108.167.143.215
2022-09-01 02:08:14 +0000
0 - 0 - 8 freeflywindstation.com/unicredit/carta/ 108.167.143.215

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-02 22:09:25 +0000
0 - 0 - 8 handlercolombia.com/ 184.168.103.124
2022-12-01 16:13:15 +0000
0 - 0 - 24 sscribedev.parextech.in/ 200.225.43.212
2022-12-01 13:26:39 +0000
0 - 0 - 24 sscribedev.parextech.in/ 200.225.43.212
2022-10-07 09:20:21 +0000
0 - 0 - 9 www.condordelcaribe.com/unicredit/ 192.185.3.32
2022-10-04 09:00:19 +0000
0 - 0 - 14 gimistudios.com/unicredit/unicredit/carta 192.254.185.52


JavaScript

Executed Scripts (2)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (34)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VgwzIsytXkydoFXTvCKEoEz5h_Qqn-lnONXMEVJTDcKOKXZ1Nhd6SQ==
Age: 2063


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19549
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 09:48:31 GMT
Connection: keep-alive

                                        
                                            GET /unicredit/carta/ HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:48:30 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=16639265116; expires=Mon, 20-Sep-2032 09:48:31 GMT; Max-Age=315360000 COOKIE_KEY=16639265119; expires=Mon, 20-Sep-2032 09:48:31 GMT; Max-Age=315360000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 4041
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1058), with CRLF line terminators
Size:   4041
Md5:    1a373b7629cf6d7ca938c9cb111b5c26
Sha1:   e7368d95eb55f1eb22488ef816deb4deb674d421
Sha256: 56819e64d070b10368d3af9906f14d438ec767e4a008489703e50e4f23f7dde1

Alerts:
  Blocklists:
    - openphish: UniCredit Bank
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9675
Expires: Fri, 23 Sep 2022 12:29:46 GMT
Date: Fri, 23 Sep 2022 09:48:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: bkJ0dMicstJGWSXgEzFq+4RXPtAJHHkVPKGo/awEX5Kclu0JIoCu6dvlcfo5aag5MXFw66TmtxQ=
x-amz-request-id: XC6DBCE24E77B1SJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 09:44:20 GMT
age: 251
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 09:48:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /jquery-2.2.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freeflywindstation.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:48:31 GMT
content-encoding: gzip
content-length: 29811
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663926511.dop210.sk1.t,1663926511.cds216.sk1.hn,1663926511.cds214.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29811
Md5:    82885772205f23cd59e25a221521b059
Sha1:   96ed36f45544295f28df1ab251e7e38faceeff0e
Sha256: 8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 09:19:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4d6pY8b3JrouviWDZRHU2gmrIg3Gt670XRcr7NcQ83J1SbcKsku_2w==
Age: 2709


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1845
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:48:31 GMT
Last-Modified: Fri, 23 Sep 2022 09:17:46 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /unicredit/carta/assets/main.4c1b8b4624.css HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:48:31 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   466866
Md5:    6a0f1ebcc7ae8d0d9ecb635fbbe68d65
Sha1:   74b6a40134f1cd63607dcfb090675c6a9481bf1e
Sha256: 98802cfc3623796dcb74be0f1aab505e95aefbd5bdcc471d084da36de80dd219
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wqNqUrxCohltkfHov/ljfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.237.239.70
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i3JG8jLJoNDs1wKcZNILo7fC+Ns=

                                        
                                            GET /unicredit/carta/assets/icon/orientation.png HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 8882
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 302 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size:   8882
Md5:    2073cded710eb1ff89baf36eac4cbc59
Sha1:   9a4a5185ae47a7630f3dfccdb234e924f044fc19
Sha256: 034e29c302d5a67bb29f401a4b26ece4d920b0891e88337a37919dbd74abbf84
                                        
                                            GET /unicredit/carta/assets/imgs/logo-splash-msite.png HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 7123
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1174 x 285, 8-bit colormap, non-interlaced\012- data
Size:   7123
Md5:    65294bbb5427d8dd82b6001edec003f1
Sha1:   9a389c60ae57ff80fe2542d355709ea5f51d70fc
Sha256: e62e38d3cda262687803f85dcfeb47f8a8960e01a4f493475b95bf0be235481f
                                        
                                            GET /unicredit/carta/assets/icon/login/msite/locator.png HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2325
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size:   2325
Md5:    50c7809e2e4c323f6a92f5522f9f3348
Sha1:   5b0160b5f22afc8b9d82122793e880f70becd59e
Sha256: 6953f2685dc754d4e2489826d52fbf36a5c8d0aa18fb8c23be70dc2ba5e71402
                                        
                                            GET /unicredit/carta/assets/icon/login/msite/home.png HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2738
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size:   2738
Md5:    093ff98de56ace3c0c9c497446759840
Sha1:   9c5307f15c91ad9fead6234a7105fc55b08397b3
Sha256: 825ff7e698273277b498ff7a2ccdfd6c2db7712e0f6904a30e4d944e5adbb611
                                        
                                            GET /unicredit/carta/assets/imgs/Logo-UniCredit.png HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:05:38 GMT
Accept-Ranges: bytes
Content-Length: 2879
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 240 x 47, 8-bit colormap, non-interlaced\012- data
Size:   2879
Md5:    6da3b1dadbf4752b21c9976b5b5a0e59
Sha1:   d6222a646ba72ad6a6784ed8e9d26fb93f8f6c86
Sha256: ce2a90b7453d592f36994cf622a4c7a016e6050c5dc115c97127e15f9adb2bab
                                        
                                            GET /unicredit/carta/assets/fonts/UniCredit-Regular.otf HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:14 GMT
Accept-Ranges: bytes
Content-Length: 63864
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   63864
Md5:    ead58f7ad732335b3efcfcb49baa3982
Sha1:   7d98101c525a65129b0ef6d44913071d35721c18
Sha256: 9cfe221c6d9b096b2b7db501ec58d6ce58b03cd87a8cdda037cd5eb69d634bee

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/msite/footer/info-trasparenza.jpg HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 09 Nov 2020 15:13:40 GMT
Accept-Ranges: bytes
Content-Length: 17060
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  PNG image data, 295 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size:   17060
Md5:    56b5bb79ce602307ebea7cef2eca03ec
Sha1:   61eb31d995e3508006c0c47366fdfd92d6ced384
Sha256: ee937dcede34527a7158666d9ddcd10ea8f23558b285a6b8ca1b0ff6e01c1473
                                        
                                            GET /unicredit/carta/assets/fonts/UniCredit-Bold.otf HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 7927
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Size:   7927
Md5:    250a9a2714fd315c7942285708a4cf36
Sha1:   94e1ab54361818682066ba069db9853ce0f207d2
Sha256: dedcd1a0bc62923156415a1cb8150b39f97e4a82e51874f37ee13933e74da326

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/fonts/roboto-regular.woff2 HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Size:   29846
Md5:    68a7563ff056d729ad50735a0d8e4492
Sha1:   da692ed0402483deb7dada4f22d05a91f80be2d2
Sha256: e7482dd1ceae6863583dbfda866c9b3e83c259c6716374a66f26c52695bcfee7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/fonts/UniCredit-Medium.otf HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:13:00 GMT
Accept-Ranges: bytes
Content-Length: 69416
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   69416
Md5:    e06c0fb36f7080e2014d33df87f8f5d3
Sha1:   61cd7b696e9cdf680a8509cde6d66dd6a819ff8a
Sha256: b3d6fea3cf3db29242671ea9d4f5498b05f82b938ff7e2bc94b2c399c06bdec6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/fonts/UniCredit-Light.otf HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 200 OK
Content-Type: font/otf
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 15:12:54 GMT
Accept-Ranges: bytes
Content-Length: 64444
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  OpenType font data\012- data
Size:   64444
Md5:    2f70f3a7da1eee3afb7f600fc0894f0f
Sha1:   d31c2d6465d4759f6521acfd0d8a0d03e413f350
Sha256: d51aa085e49a4211758b17675299bdf1c65da3a2c7fdd1e4bd9ed1ce78e19a7b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/fonts/roboto-regular.woff HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:48:32 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Size:   29846
Md5:    68a7563ff056d729ad50735a0d8e4492
Sha1:   da692ed0402483deb7dada4f22d05a91f80be2d2
Sha256: e7482dd1ceae6863583dbfda866c9b3e83c259c6716374a66f26c52695bcfee7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/fonts/roboto-regular.ttf HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/assets/main.4c1b8b4624.css
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:48:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 7927
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Size:   7927
Md5:    250a9a2714fd315c7942285708a4cf36
Sha1:   94e1ab54361818682066ba069db9853ce0f207d2
Sha256: dedcd1a0bc62923156415a1cb8150b39f97e4a82e51874f37ee13933e74da326

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /unicredit/carta/assets/imgs/logo-msite.png HTTP/1.1 
Host: freeflywindstation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freeflywindstation.com/unicredit/carta/
Cookie: COOKIE_KEY=16639265119

                                         
                                         108.167.143.215
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 23 Sep 2022 09:48:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://freeflywindstation.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 0
X-nginx-cache: WordPress
Content-Length: 7927
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8196), with CRLF, LF line terminators
Size:   7927
Md5:    250a9a2714fd315c7942285708a4cf36
Sha1:   94e1ab54361818682066ba069db9853ce0f207d2
Sha256: dedcd1a0bc62923156415a1cb8150b39f97e4a82e51874f37ee13933e74da326
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9884
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:48:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9884
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:48:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9884
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:48:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 42608
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
age: 41771
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9481
Md5:    1eab8da8cc1495a0221efadddd1a0bcc
Sha1:   4156c37b612d5fb99c6b061187a3cb0b314ae4a8
Sha256: 2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10822
x-amzn-requestid: 0cec2f7d-e906-4f5f-baa7-5d8a1a7c6820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2P7bEeQoAMFhGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf9e2-5bdf18be72eed24028034edb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:00:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Pj5hSr5LtIWPRDYjHxp8-K8gVghjf8GlO-FnXDvxscJqdygfZH8hIA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
age: 51152
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10822
Md5:    948abf9bedd1bd67010284080ba06d01
Sha1:   dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
Sha256: 236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 42573
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 42228
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uqNnpll2kgC_0_t5e9yp0AgFAvprQq_GF_jgwj2sX2TE9S1l023Aw==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:58:47 GMT
age: 20986
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d