| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1456357aecbd23f21ad98da57e0127eb 7074815b39fa8da9013883971d665e4c1b0797ea f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6577
Expires: Tue, 22 Nov 2022 12:36:12 GMT
Date: Tue, 22 Nov 2022 10:46:35 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4843de3bf95411e6aa89834def44bb86 1f1882351ac63fba73a22014382f69df5e02ec96 1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5009
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 10:46:35 GMT
Last-Modified: Tue, 22 Nov 2022 09:23:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 10:09:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2233
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8a6c553d89cb6fd1de4787fee2a0e0dc b974e022ea8675c0a09f58864cc99df05b5b1241 a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Tue, 22 Nov 2022 11:59:02 GMT
Date: Tue, 22 Nov 2022 10:46:35 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1U8u6sbx9CibGAZn3/hms7QCqdtjsBPuAhBGEuyGnCzc5EjQaSWN59e9+zjmVHsJz/ylwMLZHbwxaWLkrqP0nA==
x-amz-request-id: W2GV652N4XP2QT89
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 10:42:32 GMT
age: 243
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 10:46:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 10:08:47 GMT
cache-control: public,max-age=3600
age: 2268
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2db0ebb9efcf3be3c92f23b61de5c065 dd830565723f18a7944c26d24b0fb142d06a71a5 8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5969
Cache-Control: max-age=86388
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 10:46:35 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 10:46:23 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU | 94.100.132.71 | 301 Moved Permanently | 309 B |
URL HTTP/1.1www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash71b09e82d5e2b5953842209cf3bf6d10 0c154aeac55aef000ad5c143e1175120d7fe7636 4b59fcfc00c79accc96724d83ef473aef76dcf8e7d210ef098f1d4164aab79a9
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU HTTP/1.1
Host: www.wetransfer.safe-browsing.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 309
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Nov 2022 10:46:36 GMT
Location: https://phishing-training.it-seal.de?token=bV2-k3vU
Server: Caddy, gunicorn
|
|
| push.services.mozilla.com/ | 52.38.198.114 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.38.198.114:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TopRkThjrAuoB5G4VlVvyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +xvEbYXLDu4voQzM+O6Rp0vaE3c=
|
|
| cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css | 46.165.253.9 | 200 OK | 236 B |
URL HTTP/2cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
Hash5e4bb043b759283363876ab15c299602 df39095fb31b46aeb3d357fbcdda06577ee72fe9 b5d9f71a187ee086d1422a5b20e4496cace40010f0bbd804d4641ffdae5575d3
GET /it-seal/fonts/open-sans/open-sans.css HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: W/"qxdzylq4"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 236
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css | 46.165.253.9 | 200 OK | 163 B |
URL HTTP/2cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
Hashac825df3791896cf70e4f10e70712452 e793692fc74bea3580e490635cc428cc7f9ad1a1 3ebca15ca8eaa75707fd0cc7589cbd32325290769ce2a46f47792149eeb64f3e
GET /it-seal/fonts/courier-prime-sans/courier-prime-sans.css HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: W/"qxdzyl9s"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 163
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Regular.woff2 | 46.165.253.9 | 200 OK | 45 kB |
URL HTTP/2cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Regular.woff2 IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typeWeb Open Font Format (Version 2), TrueType, length 44648, version 1.0\012- data Hash5d5735e57127db2f7a2ad879fc6056b8 1e55dbe4e381353b147bf963e97bb60a43b0f28c 408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
GET /it-seal/fonts/open-sans/OpenSans-Regular.woff2 HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://phishing-training.it-seal.de
Connection: keep-alive
Referer: https://cdn.it-seal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://phishing-training.it-seal.de
content-type: font/woff2
etag: "qxdzylyg8"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Origin
content-length: 44648
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/AATM/AATM.svg | 46.165.253.9 | 200 OK | 53 kB |
URL HTTP/2cdn.it-seal.de/it-seal/AATM/AATM.svg IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
Hashb245a90e024696d60172f1dd9bc7df82 35856c0b73ad199b5a5102fafdfbc07876d41a76 ac9d92db897ac34c723afca765515a2e1056d09c969ea73a9d36951aca63bc97
GET /it-seal/AATM/AATM.svg HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: W/"r5na9rgzl"
last-modified: Thu, 13 Jan 2022 10:53:51 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js | 94.100.132.71 | 200 OK | 53 kB |
URL HTTP/2phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
Hash1ca6402bfdebc7651671858f3f169d7a 4e3107aac3e657775b6a56057d9d9e3773f66986 c58c150ee77224e58fd1c89c6f1e28822bfc5c4a32666945f0c0421cea2b3a45
GET /vendor/intro.js/minified/intro.min.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"70fe-17583ab8368"
last-modified: Sun, 01 Nov 2020 11:57:37 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/Logo_IT-Seal_2019_negativ.png | 46.165.253.9 | 200 OK | 16 kB |
URL HTTP/2cdn.it-seal.de/it-seal/Logo_IT-Seal_2019_negativ.png IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typePNG image data, 1080 x 320, 8-bit colormap, non-interlaced\012- data Hash0ddbf95e425f416443711fc10ada7e88 ba162ac1b5f2ef37c65dc21708195479ce54763a 418f6c57f6e7817ce67804d1db74d4cddd0dd033879b724fd097c670c0eea6c9
GET /it-seal/Logo_IT-Seal_2019_negativ.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylcdk"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 16040
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash804755c7e438531c9ba2e781947e1640 7a93c31638ee89a561bac2174482a5d12aa62d63 aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash804755c7e438531c9ba2e781947e1640 7a93c31638ee89a561bac2174482a5d12aa62d63 aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash804755c7e438531c9ba2e781947e1640 7a93c31638ee89a561bac2174482a5d12aa62d63 aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash804755c7e438531c9ba2e781947e1640 7a93c31638ee89a561bac2174482a5d12aa62d63 aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash804755c7e438531c9ba2e781947e1640 7a93c31638ee89a561bac2174482a5d12aa62d63 aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash841a4b110022a99ddea6f7bf66df0fa1 126771b86638108050cf57c0d12faa27f80f0edb 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 06:05:40 GMT
age: 16857
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/38ea98a.js | 94.100.132.71 | 200 OK | 11 kB |
URL HTTP/2phishing-training.it-seal.de/_nuxt/38ea98a.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
Hashea034c90934b7484b977fe4789306440 d8c2f8077dc368597179d6dd9dbfb1573232d87e 1481dba71b96b2ad1b50919dc1b1cffb58d0ef6cf17ea4ea82d3ea46096cb5be
GET /_nuxt/38ea98a.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"1518-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash528d729159d8b08ed1fe05472dc65ce4 b7d570a7a095e127fd408b8272b93a52c5038b46 d6404764bcc3f2e7c4462b6b31fbc0e315c9cbf51b7424194c2bc6f4a21a33de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9862
x-amzn-requestid: 02281c2f-2a42-4891-97af-8d21a4cd0d2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrJEdYIAMFijQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee47-7c96415239d22bfc219f53f6;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s7D3KMWB4GWn_ocJfzzb71Btbh8DE--DsUnwH9PkWptl7CXfqh3CXA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:48:12 GMT
age: 46705
etag: "b7d570a7a095e127fd408b8272b93a52c5038b46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7ccd43a87165914b33d3d0abf4daac17 495bc194d9cf043cad38e9aab650a3e74a542c68 3e95928493b984c636a5fa77b22c29b3245ba4bba7d730a8545145b17a5986f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8075
x-amzn-requestid: 5d8d5076-abee-484e-98e6-e2f8641133e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqUGXnIAMF4gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-3c973b4d2d40cbaa2c5df221;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 72klCXzOuoI65Ga5GmG59pLPjzQwLo2Y6bj-IZIBQQU29LU7GM14Rw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:40:14 GMT
age: 43583
etag: "495bc194d9cf043cad38e9aab650a3e74a542c68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4f3fad7453f45dfa617243c8beac64e1 56414a905340e1b1478a0a40a52b25365a724524 7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VabInML1mfcQLIp29OWRNsixwfSWt0Wv9l7I-Ak7TdUHlNt2ZEVtPg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 15:21:36 GMT
age: 69901
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg | 34.120.237.76 | 200 OK | 4.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdafd9e17dc0023e71ae513c6025e4b80 12e2654db1f384bb04f5c5042848b25dda86b710 e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmrDryUp_4bvIikGkppa36e9isEfvK0gjunV6xmU5ApJtxlLR_GYkA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:18 GMT
age: 45679
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/icons/favicon-16x16.png | 46.165.253.9 | 200 OK | 884 B |
URL HTTP/2cdn.it-seal.de/it-seal/icons/favicon-16x16.png IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data Hashaf4c9d7cd828b2f49636b240809bfb83 4ff2b162029537604b6a9334fd93b348c4f60510 bb0c7ac5b45e8a51675486a9318d2dde9c447933a1f95320b951916eb0a7080d
GET /it-seal/icons/favicon-16x16.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylok"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 884
date: Tue, 22 Nov 2022 10:46:38 GMT
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/it-seal/icons/favicon-256x256.png | 46.165.253.9 | 200 OK | 35 kB |
URL HTTP/2cdn.it-seal.de/it-seal/icons/favicon-256x256.png IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
File typePNG image data, 256 x 256, 8-bit/color RGB, non-interlaced\012- data Hashdcb6dab687da17991edfb820e2484129 7e41f91b1abf22e9d5e9fc9a4f07295dc2a6f8cb 181171e423a46c201e9be2f6114617092f69091dd386fe5ca1b5c17fcef901f4
GET /it-seal/icons/favicon-256x256.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylr1a"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 35038
date: Tue, 22 Nov 2022 10:46:38 GMT
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/07896ce.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/07896ce.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/07896ce.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"5207-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/api/v1/tracking?token=bV2-k3vU | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/api/v1/tracking?token=bV2-k3vU IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
POST /api/v1/tracking?token=bV2-k3vU HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 46
Origin: https://phishing-training.it-seal.de
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 10:46:38 GMT
server: Caddy
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/vendor/intro.js/minified/introjs.min.css | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/vendor/intro.js/minified/introjs.min.css IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /vendor/intro.js/minified/introjs.min.css HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: text/css; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"23d2-17583ab8368"
last-modified: Sun, 01 Nov 2020 11:57:37 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/d23f7a3.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/d23f7a3.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/d23f7a3.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"21687-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/img/phishing-mail.3825c8d.svg | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/img/phishing-mail.3825c8d.svg IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/img/phishing-mail.3825c8d.svg HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"997-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| cdn.it-seal.de/teachable-moment/angelschnur_haken_login.svg | 46.165.253.9 | 200 OK | 0 B |
URL HTTP/2cdn.it-seal.de/teachable-moment/angelschnur_haken_login.svg IP46.165.253.9:0 ASN#28753 Leaseweb Deutschland GmbH
GET /teachable-moment/angelschnur_haken_login.svg HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: W/"qxdzylcai"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/vendor/polyfill.min.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/vendor/polyfill.min.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /vendor/polyfill.min.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"1333a-181cf16f448"
last-modified: Tue, 05 Jul 2022 15:59:57 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/?token=bV2-k3vU | 94.100.132.71 | 302 Found | 0 B |
URL HTTP/2phishing-training.it-seal.de/?token=bV2-k3vU IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /?token=bV2-k3vU HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 22 Nov 2022 10:46:36 GMT
location: /en?token=bV2-k3vU
server: Caddy
set-cookie: i18n_redirected=en; Path=/; Expires=Wed, 22 Nov 2023 10:46:36 GMT; SameSite=Lax
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/en?token=bV2-k3vU | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/en?token=bV2-k3vU IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /en?token=bV2-k3vU HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: i18n_redirected=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: "2336d-MwbbzafcWqEB+z96MhHzrqw2VGw"
server: Caddy
set-cookie: i18n_redirected=en; Path=/; Expires=Wed, 22 Nov 2023 10:46:36 GMT; SameSite=Lax
token=bV2-k3vU; Max-Age=172800; Path=/
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/1217fb2.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/1217fb2.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/1217fb2.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"348c7-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| phishing-training.it-seal.de/_nuxt/a393ceb.js | 94.100.132.71 | 200 OK | 0 B |
URL HTTP/2phishing-training.it-seal.de/_nuxt/a393ceb.js IP94.100.132.71:0 ASN#25394 MK Netzdienste GmbH & Co. KG
GET /_nuxt/a393ceb.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"2e3c2-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|