firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 09:12:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X9Utk4ta7EqTpEB7aIkSDirHehTmJeM7_0Wuf5sL-bOO9rF_vpFgwg==
Age: 2629
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4303
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 09:56:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aBbRO7C9XL2gHlA9FQKCA4RGEbsFQSe8Rw8u0xozIrL8DP6qSUmoLg==
age: 19276
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:56:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vyqzKjbXM5cqJGJTIByzrM-dXwEGNnZHlY3nT3f4Qyv3wliFfv6vXg==
Age: 3188
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6145
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:56:30 GMT
Last-Modified: Mon, 19 Sep 2022 08:14:05 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e3dddaae9e61ef14b6bab25e3334161
6f4cec71a7cf76b213a371a97aa846b48d21241a
0e07ed497ddb2fb9d1bdf1f2ad9ad95bfaa9a8b3408b680ca3d2f29e1176659e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E07ED497DDB2FB9D1BDF1F2AD9AD95BFAA9A8B3408B680CA3D2F29E1176659E"
Last-Modified: Sun, 18 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 15:56:30 GMT
Date: Mon, 19 Sep 2022 09:56:30 GMT
Connection: keep-alive
ksk-koeln.de.sicherheitsupdates.com/
95.161.129.153200 OK 13 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/
IP 95.161.129.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1432), with CRLF line terminators
Hash c1e40291c98a0c547950d8f1026a1b99
00a5e21e9f0203257d7ba5270741adf283927aab
c30a1d0451f0fd37e8fbadd3254a696425bb78337d99a7897198fa5161720533
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET / HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pcZcIhxjQY+16uaDZVUlGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5aycx0zNR9wclZk/QgEs3nGcvXA=
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:56:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4626612
expires: Sat, 09 Sep 2023 09:56:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDWPIqQVxM29EeyWKaue9pOwHJAIGD80mpkpeWSUT2Ax6uTE4X5NneQKCVryQA3fUei1yeg5nEx%2B1%2BF8UfdABUeXFYAwUQkCrcKahoDYEZsnXi25jXfgQM6tfXkh%2BKJ0nh%2F6LYgY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74d173addab1fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ksk-koeln.de.sicherheitsupdates.com/
95.161.129.153200 OK 13 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/
IP 95.161.129.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1432), with CRLF line terminators
Hash c1e40291c98a0c547950d8f1026a1b99
00a5e21e9f0203257d7ba5270741adf283927aab
c30a1d0451f0fd37e8fbadd3254a696425bb78337d99a7897198fa5161720533
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET / HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
95.161.129.153200 OK 1.6 MB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
IP 95.161.129.153:0
File type ASCII text, with very long lines (598)
Size 1.6 MB (1563633 bytes)
Hash 64f6b2fcf14c1ab1959a4dbc27590e8d
baead53be07691830a5ef4e2ee6bb2ca312dcdf5
af518bcd60f5b994088a091b9ccd2287a31c79ccfca110196631e1da43412b3c
Analyzer Verdict Alert openphish Sparkasse Bank
GET /etc/clientlibs/myif/master/base/internetfiliale.min.css HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: text/css
Content-Length: 1563633
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-17dbf1"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/siegel/beste-bank-100.jpg
95.161.129.153200 OK 13 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/siegel/beste-bank-100.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 140x140, components 3\012- data
Hash d17bfb5c437ed196cbef9eb83743529b
cef58296d3079d1a162ab6aeb5ff0e3ae78d6d5e
2812929d5c17806fdc9f53510a1533d1b186319202bf253427ac4690f5576c33
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/dam/myif/kskkoeln/work/bilder/siegel/beste-bank-100.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 12717
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-31ad"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_fbc4/image.img.png/1641894766255.png
95.161.129.153200 OK 154 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_fbc4/image.img.png/1641894766255.png
IP 95.161.129.153:0
File type PNG image data, 1280 x 1097, 8-bit/color RGBA, non-interlaced\012- data
Size 154 kB (154468 bytes)
Hash 687b7c3372611a7366d1601e92ad6f84
7974fc3c96a4b400007313d4bef0bf8b28d5b177
f174ff99402bc8ccb9a2830fb51a0ce4b4fc2da46e6570ff3d43b70672c68c6b
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_fbc4/image.img.png/1641894766255.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/png
Content-Length: 154468
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-25b64"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_0/image.img.png/1639709321990.png
95.161.129.153200 OK 29 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_0/image.img.png/1639709321990.png
IP 95.161.129.153:0
File type PNG image data, 358 x 181, 8-bit/color RGBA, non-interlaced\012- data
Hash a4f7053499725732d25987ee3308c3e1
5b669d9dcbd93504ef7c84122e7042b6eec7103f
6adf4855311d6e6260d33dae718aa3fe8e0d3e97b12419f881089771d4af49b7
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_0/image.img.png/1639709321990.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/png
Content-Length: 28796
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-707c"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/aktionen/ukraine-krieg/ukraine-flagge.jpg
95.161.129.153200 OK 18 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/aktionen/ukraine-krieg/ukraine-flagge.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 350x200, components 3\012- data
Hash d9e85e242f46efb0ae75fec4126520ca
ad0a1ae319c9f2dae2fb55d7f8841c978451893f
22efe9212e894fc14c16b19f0c7b2964580cca57e4f4c442f508d0dcf44ebe3d
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/dam/myif/kskkoeln/work/bilder/aktionen/ukraine-krieg/ukraine-flagge.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 17747
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-4553"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.js
95.161.129.153200 OK 444 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.js
IP 95.161.129.153:0
File type Unicode text, UTF-8 text, with very long lines (886)
Size 444 kB (443697 bytes)
Hash d69758be0a5f4f67275e7688852750f2
c2cf9cea2064b7b3f863fb926bcaf4eef1d81f2c
9458c9806502a7e9c0e8b5bf28f6b26a07548e36882e75c16d6986e8b164ba80
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale.min.js HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/javascript
Content-Length: 443697
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-6c531"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/spk-logo-desktop.png
95.161.129.153200 OK 3.1 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/spk-logo-desktop.png
IP 95.161.129.153:0
File type PNG image data, 265 x 96, 8-bit/color RGB, non-interlaced\012- data
Hash 6bc2b2eb2efec6e35d956693689f51a6
07e8d2b1aa904c731ccb177826941bf6df7e0b4c
45bbcf5fc56b5328325a08ead937d9b501b22e533abf43a2437da6904a096f42
Analyzer Verdict Alert openphish Sparkasse Bank
GET /spk-logo-desktop.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/png
Content-Length: 3146
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-c4a"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_1/image.img.png/1617012047198.png
95.161.129.153200 OK 13 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_1/image.img.png/1617012047198.png
IP 95.161.129.153:0
File type PNG image data, 385 x 181, 8-bit/color RGBA, non-interlaced\012- data
Hash 30fbf4f11d7662acfe96d6a4c7caf622
6a68fb616cc9d54ca4003df589f17573bc6d3ec2
4eb2b7ffbc2e18601e1146e12ccb7f4b79b41e931cb03679cc6d4c15dc3ac63e
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/filiale/de/home/siegel/_jcr_content/awards/parsys/award_1/image.img.png/1617012047198.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/png
Content-Length: 13431
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-3477"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-deka-vermoegensstrukturierung-1-2/_jcr_content/onesys/one/image.img.jpg/1652686864474.jpg
95.161.129.153200 OK 240 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-deka-vermoegensstrukturierung-1-2/_jcr_content/onesys/one/image.img.jpg/1652686864474.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 240 kB (239943 bytes)
Hash b0710d51d96368158df5d87cf02beb9a
c920284f349ed1b9304b828901987ce93d5a63b0
5cba2a1b41ace66f51968f48d1e613d6636f64bd89f583008cef99078344a972
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-deka-vermoegensstrukturierung-1-2/_jcr_content/onesys/one/image.img.jpg/1652686864474.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 239943
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-3a947"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-s-trust/_jcr_content/onesys/one/image.img.jpg/1653998795756.jpg
95.161.129.153200 OK 194 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-s-trust/_jcr_content/onesys/one/image.img.jpg/1653998795756.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 194 kB (193641 bytes)
Hash 26e5d1885e8459cbe908efb9952d0afe
f1632f08bf0edf6a5ef7845d82674f47e4f3b2d5
17e6933ac37b4b5f987a67bfb7f44ed2f0a75dfff80169e050a5d3b3d27c8496
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-s-trust/_jcr_content/onesys/one/image.img.jpg/1653998795756.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 193641
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-2f469"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/pictos-if.woff
95.161.129.153200 OK 202 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/pictos-if.woff
IP 95.161.129.153:0
File type Web Open Font Format, TrueType, length 202184, version 1.0\012- data
Size 202 kB (202184 bytes)
Hash edb22c951ca6e259efab0a460520fcf5
c9e0b373020f9c7389c76c437835c9d2d1615304
385bbee80414712855e9a4250cd4dcbbff192dc79136cf99fa5b62075d3bb0ad
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale/fonts/pictos-if.woff HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/font-woff
Content-Length: 202184
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-315c8"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Rg.woff
95.161.129.153200 OK 42 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Rg.woff
IP 95.161.129.153:0
File type Web Open Font Format, TrueType, length 41472, version 2.2097\012- data
Hash 1e97dfafb57fb87f40f5cc9941fdab7e
2df97632b25215b1befcd86999b40db1a27c03d0
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Rg.woff HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/font-woff
Content-Length: 41472
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-a200"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.woff
95.161.129.153200 OK 37 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.woff
IP 95.161.129.153:0
File type Web Open Font Format, TrueType, length 36892, version 2.2621\012- data
Hash 5f90fdbed7642f0f8e97ad31db27a26f
456776c5717c5f966415d7f8175c8b57c233e0b1
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.woff HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/font-woff
Content-Length: 36892
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-901c"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-versicherungen-s-einkommens-schutz-plus-pvr/_jcr_content/onesys/one/image.img.jpg/1616159871368.jpg
95.161.129.153200 OK 144 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-versicherungen-s-einkommens-schutz-plus-pvr/_jcr_content/onesys/one/image.img.jpg/1616159871368.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 144 kB (143975 bytes)
Hash ced30b778d4ee02859476c9e7e3cab9a
841de2d016220be49fbabc1e7577a034ac98715a
43ab85c7cf87fa85ea4775ace7cf414a6aa53e1672ff45a3c8d72df0512f7336
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-versicherungen-s-einkommens-schutz-plus-pvr/_jcr_content/onesys/one/image.img.jpg/1616159871368.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 143975
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-23267"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/1603894527857.jpg
95.161.129.153200 OK 140 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/1603894527857.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 140 kB (139915 bytes)
Hash 10449247544e43caeeb614bc198235f0
1e1e13b24c9a544b44e927c0842eeda5a80dc87c
a7febee88f640d815eaaa144f0a723f79299674fdb201bf34020a9b339d6fa01
Analyzer Verdict Alert openphish Sparkasse Bank
GET /1603894527857.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 139915
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-2228b"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.woff
95.161.129.153200 OK 30 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.woff
IP 95.161.129.153:0
File type Web Open Font Format, TrueType, length 30032, version 1.65\012- data
Hash 5a911fc2334116b54575054fced6701d
6899d742b7e6dde8ca93591bfd30cbace9e23f36
eb726e7747d06812f1fd551161fb45b9aaa733f97e616eb1272ec9fc0501fa86
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.woff HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/font-woff
Content-Length: 30032
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-7550"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-deka-abraeumsparen-1-3/_jcr_content/onesys/one/image.img.jpg/1651431919449.jpg
95.161.129.153200 OK 120 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-deka-abraeumsparen-1-3/_jcr_content/onesys/one/image.img.jpg/1651431919449.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 120 kB (119997 bytes)
Hash 10f82b96ed9aa8a522c7fef376a86c99
fcac5ff68495535d06501b8b0ba8980268f187e4
e4e9194e5069a8f21615ebb9ada4cfce7b423b6937a51873b69b4b30c7bbc60c
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/pk-deka-abraeumsparen-1-3/_jcr_content/onesys/one/image.img.jpg/1651431919449.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 119997
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-1d4bd"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/logos/spk-logo-druck.png
95.161.129.153200 OK 9.9 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/logos/spk-logo-druck.png
IP 95.161.129.153:0
File type PNG image data, 1000 x 386, 8-bit/color RGBA, non-interlaced\012- data
Hash ee48c4ccac24580a908a7d13fcacdeed
bc8f63e45ee90466ffed3f199822d02d21fbba09
970ca1634a12428ec5e46a4282727cdac73bc180b5eca27c8cb7afd51137e4ce
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/dam/myif/kskkoeln/work/bilder/logos/spk-logo-druck.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/png
Content-Length: 9901
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-26ad"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.ttf
95.161.129.153200 OK 60 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.ttf
IP 95.161.129.153:0
File type TrueType Font data, 18 tables, 1st "GDEF", 10 names, Microsoft, language 0x409, \251 Dalton Maag Ltd 2002. For exclusive use by Deutscher Sparkassen und Giroverband. All right\012- data
Hash 7ee1088cfc1ec7f948d40564b4e82ef9
8be0d0f946ba1342c16450b771bc0758374c729a
98912c98211f9b7ef0f476283615194f1b730587d79f49a3e5cafde5545ebf93
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale/fonts/Sparkasse_web_Bd.ttf HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/octet-stream
Content-Length: 59684
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-e924"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/1649759214133.jpg
95.161.129.153200 OK 35 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/1649759214133.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 816x357, components 3\012- data
Hash 94f527314e2fb451a28199595aa6ac2c
4457701f1d4fc6c5dad64516f01ec0b1bf2625b6
c857a9e168fabc66ce7eee428c84a33c6813abcdc295312b90f0b3ec665b2382
Analyzer Verdict Alert openphish Sparkasse Bank
GET /1649759214133.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 35379
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-8a33"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/1646124509476.jpg
95.161.129.153200 OK 61 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/1646124509476.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 816x357, components 3\012- data
Hash 624b22740fa37494b5ea79e5835fdb7d
98aae58a44bbae55d131c349e23f619df32acbf0
0d6e36049ed4a97be83dff9ac088cfd0ec959274b0c70a7f48f31476b613b922
Analyzer Verdict Alert openphish Sparkasse Bank
GET /1646124509476.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 61140
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-eed4"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/1649165134253.jpg
95.161.129.153200 OK 147 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/1649165134253.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 147 kB (146567 bytes)
Hash c83e098972e65eb8f6dd0374b8ea4846
7f709830ec2bf948c8a1a78011113a8ba1786a01
1c19d55c4aa49dfff6bce92779cfce19d0c303a95bee759f66ed3ce28c0b56fc
Analyzer Verdict Alert openphish Sparkasse Bank
GET /1649165134253.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 146567
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-23c87"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/ms-stellenausschreibung/_jcr_content/onesys/one/image.img.jpg/1653290155987.jpg
95.161.129.153200 OK 232 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/ms-stellenausschreibung/_jcr_content/onesys/one/image.img.jpg/1653290155987.jpg
IP 95.161.129.153:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x560, components 3\012- data
Size 232 kB (231559 bytes)
Hash 174f8b733598159f9f115e8d2d3f176e
fa16b903eace62a44e1654014e1cc7ef74791ea2
53b2c834b4e9e5fd0180ec209e969f945952907b61a30dd83507afe8e5df8337
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/myif/kskkoeln/work/admin/admin_einstieg/ifep/de/referenzelemente/ms-stellenausschreibung/_jcr_content/onesys/one/image.img.jpg/1653290155987.jpg HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: image/jpeg
Content-Length: 231559
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-38887"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.ttf
95.161.129.153200 OK 50 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.ttf
IP 95.161.129.153:0
File type TrueType Font data, 17 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2015 Deutscher Sparkassen und Giroverband - All Rights Reserved.\177\177Version 1.001D\012- data
Hash 35d156a4f93eebc8e5ced9730828e40e
16e3f38ee7cadb4d45940c469f054ded2ad9197d
b96b0955a3e83cbeeef925cbfc6f8ebf3cd5c19f1d259ddc0576eecd8e45aade
Analyzer Verdict Alert openphish Sparkasse Bank
fortinet Phishing
GET /etc/clientlibs/myif/master/base/internetfiliale/fonts/SparkasseHead_web_Rg.ttf HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/etc/clientlibs/myif/master/base/internetfiliale.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:31 GMT
Content-Type: application/octet-stream
Content-Length: 49484
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-c14c"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11646
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:56:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11646
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:56:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11646
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 09:56:32 GMT
Connection: keep-alive
ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/icons/apple-touch-icon-180x180px.png
95.161.129.153200 OK 1.8 kB URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/icons/apple-touch-icon-180x180px.png
IP 95.161.129.153:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 6371e51806dc8417fdca081a5b3b790f
60f6247a2d7d9656e4042c31cdf5323f4265875b
70718559e06e4f00752feb8a7ced473f42875d45b181d89d49d76991e7cb5d7a
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/dam/myif/kskkoeln/work/bilder/icons/apple-touch-icon-180x180px.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:32 GMT
Content-Type: image/png
Content-Length: 1829
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-725"
Accept-Ranges: bytes
ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/icons/favicon1x.png
95.161.129.153200 OK 296 B URL HTTP/1.1 ksk-koeln.de.sicherheitsupdates.com/content/dam/myif/kskkoeln/work/bilder/icons/favicon1x.png
IP 95.161.129.153:0
File type MS Windows icon resource - 1 icon, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Hash 47eb2096b512df6bf2295ef2b3ff1bbf
4110aab4d22d8337dbfdb71051f46dc5d4b226a1
e5f816492f591a3d16c6468aaee7710c96f401939fa1041cd78f29a4b80395a1
Analyzer Verdict Alert openphish Sparkasse Bank
GET /content/dam/myif/kskkoeln/work/bilder/icons/favicon1x.png HTTP/1.1
Host: ksk-koeln.de.sicherheitsupdates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ksk-koeln.de.sicherheitsupdates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:56:32 GMT
Content-Type: image/png
Content-Length: 296
Last-Modified: Sun, 18 Sep 2022 18:59:30 GMT
Connection: keep-alive
ETag: "63276a92-128"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 43373
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 22353
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 21721
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 43159
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f2b49224f40b4ea819e0c66fc155eec
d37b9b044bdb469678433766470ed36a2384817f
b94b1d4e0df0bac9b4a2b5c86bee900248614756fb24e2b7b182a871b425b2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11345
x-amzn-requestid: 6b78aa51-b7d1-494b-93f9-6906911efa7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YowwkHc9IAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632694d0-0f0b85eb5172e8014f0db2a9;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:47:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: en9bQR-hlcvBUJkgkKnLgBtYNUbSywwHJ4GZE76oN8eP6m8EnlDgdw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 07:21:09 GMT
age: 9323
etag: "d37b9b044bdb469678433766470ed36a2384817f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 43373
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7ad2cc-ef0a-4973-a3a0-8f53198682d9.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7ad2cc-ef0a-4973-a3a0-8f53198682d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3a1bdabe9e06373a1aa3977c3040f37
a422bffed31da9795094e54d332e5e369b59ae0b
782aa735026b1a1b506faa41a25f811c1ae94a863a3d5629b843fb6c82e75606
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7ad2cc-ef0a-4973-a3a0-8f53198682d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6121
x-amzn-requestid: ecd63e6f-2a92-4922-987f-48c1fc072efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGhuGjeoAMFakw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ead7-3957c807450da6df59484d6c;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:17:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iXtwXkO-t5kSaOjPoIO3hPpAXeMnvCiHPCOw4tZSuEaHO_D2MRNUIw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 06:21:28 GMT
age: 12910
etag: "a422bffed31da9795094e54d332e5e369b59ae0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2