188.241.39.200200 OK 24 kB URL User Request GET HTTP/1.1 IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (375)
Hash 72d39079ef43b2740e6f2e1c7676878f
45e20d2f4202c9b5e6ed393508fb17020191102c
2e6c62c20b9be8bbb97758b247cb9bf09db97027795a3ac94bb845ef72c15f44
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET / HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:49 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
secure.fircib.com/css/cropper.min.css
188.241.39.200200 OK 3.8 kB URL GET HTTP/1.1 secure.fircib.com/css/cropper.min.css
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (3620)
Hash 66cd0a337a39f9ea0b72fa32b2a48659
fe87c0c52c35becba7d180ef105eddcf9797c2da
055b9c1ce54007be24408e3d02e584e82c60a9a52cd1c780e5ff08318a1d787f
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /css/cropper.min.css HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:24:22 GMT
Accept-Ranges: bytes
Content-Length: 3804
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
secure.fircib.com/css/style.css
188.241.39.200200 OK 156 kB URL GET HTTP/1.1 secure.fircib.com/css/style.css
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Size 156 kB (155857 bytes)
Hash ec92f5fa78aae07ed67f3b40c58fe547
413e1f5f9101f1068f4c2769d96f6be94a1a4c92
958f426233104571ea4af14baf51acfe399d37a5e58f4a76328ef5fbeca6f691
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /css/style.css HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:24:23 GMT
Accept-Ranges: bytes
Content-Length: 155857
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
secure.fircib.com/js/jquery.bgswitcher.js
188.241.39.200200 OK 12 kB URL GET HTTP/1.1 secure.fircib.com/js/jquery.bgswitcher.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash 7a3f745bf700d0a97e206d4f7170a28d
7da50e46836d8bf623f0cbf33adf8e243fcbee15
92852c91b0b884881092fc1d1b418d6636b64e42d937ae3227138c0c6d14a808
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/jquery.bgswitcher.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:10 GMT
Accept-Ranges: bytes
Content-Length: 11714
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/js/jquery.cookie.js
188.241.39.200200 OK 1.8 kB URL GET HTTP/1.1 secure.fircib.com/js/jquery.cookie.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash baf18d6913475e10be6d0c967ef7dd1f
6e75f1106755c8ae2e0c005568e89f0f0c672a7a
bd8e82b2d81e27738a88c8273d2fcec3b40894544d25b581d4dcaee502f06338
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/jquery.cookie.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:11 GMT
Accept-Ranges: bytes
Content-Length: 1755
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/js/source-jquery.crs.js
188.241.39.200200 OK 7.2 kB URL GET HTTP/1.1 secure.fircib.com/js/source-jquery.crs.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text
Hash 56d2f5cd220b38701e7c8185a504518f
9a4333bf301aeb7368928097ef6183081be444c2
fc692159b85b319080e342ab2126c71b41237c7ad3f896ee76c2567e7360e1a5
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/source-jquery.crs.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:12 GMT
Accept-Ranges: bytes
Content-Length: 7150
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/js/jquery-2.1.3.min.js
188.241.39.200200 OK 84 kB URL GET HTTP/1.1 secure.fircib.com/js/jquery-2.1.3.min.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32180)
Hash 32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/jquery-2.1.3.min.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:09 GMT
Accept-Ranges: bytes
Content-Length: 84320
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/js/country-city.js
188.241.39.200200 OK 62 kB URL GET HTTP/1.1 secure.fircib.com/js/country-city.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1877)
Hash f801498a1c17dde623d03ebceb99fb05
c21bc73680da56762c9e14b68d9673754f4199b8
14d709cedb83de8c0fe5b3784d869ce4ff488d7f674a7ce64726d4eee1603ec4
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/country-city.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:05 GMT
Accept-Ranges: bytes
Content-Length: 61883
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/images/loading.gif
188.241.39.200200 OK 5.2 kB URL GET HTTP/1.1 secure.fircib.com/images/loading.gif
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 52 x 52
Hash 6927ea8955aa0a0e56a960b59ce5242e
4cee03fde8234bd88be6cad26bbae4d142597158
d65044a51defa0cf7197befc5cbf13f15fbc2f196d8233b2895217c9d2af2267
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/loading.gif HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:54 GMT
Accept-Ranges: bytes
Content-Length: 5220
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
secure.fircib.com/images/logo.png
188.241.39.200200 OK 24 kB URL GET HTTP/1.1 secure.fircib.com/images/logo.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 400 x 60, 8-bit/color RGBA, non-interlaced
Hash 3a6d5354b9ce44108e5c2efac5de5a17
081290fea378599eb50d8e5708871ae7c30dc46b
096e54edf55f3b821a79549d59fbe429652905f81febbedc999f63ed95629cc8
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/logo.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:03 GMT
Accept-Ranges: bytes
Content-Length: 24199
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/samp1.webp
188.241.39.200200 OK 9.5 kB URL GET HTTP/1.1 secure.fircib.com/images/samp1.webp
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 304x194, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 173f9287cd31765a0c56d1a2f7a3c9aa
1c32f7e4346aa0d936c930690abaa96db7528acc
fbe240520ac06a89f4bc6dd3bd580d5ee2ffa5c2adcf8f5934abf16ac8eeccd3
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/samp1.webp HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:14 GMT
Accept-Ranges: bytes
Content-Length: 9458
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp
secure.fircib.com/images/samp2.jpg
188.241.39.200200 OK 34 kB URL GET HTTP/1.1 secure.fircib.com/images/samp2.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 970x485, components 3
Hash 84432ac1807c4228ebdba910e98c2a89
bb4b9ca8b506fc9cb231abd097435601cf9facd3
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/samp2.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:15 GMT
Accept-Ranges: bytes
Content-Length: 33574
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/samp4.jpg
188.241.39.200200 OK 15 kB URL GET HTTP/1.1 secure.fircib.com/images/samp4.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 489x234, components 3
Hash 22b4fda650e5f9f9827dc62c51ddde72
f2672e2b6e90fbeaf59ee216d318c9c9359cffd5
599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/samp4.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:16 GMT
Accept-Ranges: bytes
Content-Length: 14770
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/js/cropper.min.js
188.241.39.200200 OK 114 kB URL GET HTTP/1.1 secure.fircib.com/js/cropper.min.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1341)
Size 114 kB (113547 bytes)
Hash 41f1957bd1d5037df811ced592739b4e
d83c0e2c461df607219cb74bfaf298ab4e8fbab4
c0553feb5f55fe672675749182e776b78c0fa95ea9d4b93ea83bc7252463446c
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/cropper.min.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:06 GMT
Accept-Ranges: bytes
Content-Length: 113547
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/js/jquery-ui.js
188.241.39.200200 OK 471 kB URL GET HTTP/1.1 secure.fircib.com/js/jquery-ui.js
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (547)
Size 471 kB (470591 bytes)
Hash 76a373cbc22e2c69aaa47190e7ec5e04
7f591a7aba4056e6a941c373eb621d1d791f41b2
df677ac885e0eaee16079e7fcc775e81cc48702a12139fe0b5989822aaf3cf95
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/jquery-ui.js HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:10 GMT
Accept-Ranges: bytes
Content-Length: 470591
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/images/samp6.jpg
188.241.39.200200 OK 31 kB URL GET HTTP/1.1 secure.fircib.com/images/samp6.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 970x485, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 879c66aeb8e3c322f11a0841c7596791
a79e6e66f3c68ff4d5b9513738db3fe338d8c742
aee5245049750ff1e0f9368e3f69e0804e637539bb95c22db5325f884fbe5e9e
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/samp6.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:19 GMT
Accept-Ranges: bytes
Content-Length: 31394
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/ATS-calculator1.png
188.241.39.200200 OK 228 kB URL GET HTTP/1.1 secure.fircib.com/images/ATS-calculator1.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 971 x 579, 8-bit/color RGBA, non-interlaced
Size 228 kB (228096 bytes)
Hash 61c86874239d36fda8fc7f16eac507a9
d4e7dbab9a79c4671f3e31d0d056b61a9b8c3e17
b7d043f240daa0bd325a0db7c5f2c4b6f011a34723d307800c86e95ca83f79c1
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/ATS-calculator1.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:15 GMT
Accept-Ranges: bytes
Content-Length: 228096
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/js/script.js?v=1713977809
188.241.39.200200 OK 376 kB URL GET HTTP/1.1 secure.fircib.com/js/script.js?v=1713977809
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (936)
Size 376 kB (376163 bytes)
Hash f3e35025149266d23a440262879cacc6
9cfa009cd0f28eda2a4a1a0f6e54fac299ade119
e7cd6b8af2bd0fa9c8460b543a4cf09e025d815a8d114b26e493a18f348dbb39
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /js/script.js?v=1713977809 HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:27:13 GMT
Accept-Ranges: bytes
Content-Length: 376163
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
secure.fircib.com/images/samp5.jpg
188.241.39.200200 OK 35 kB URL GET HTTP/1.1 secure.fircib.com/images/samp5.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 970x485, components 3
Hash 0ae6b7f013ef25adc455993d7ace2e34
3dbd9d6795f969425e514b54f2f1634829118e3c
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/samp5.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:17 GMT
Accept-Ranges: bytes
Content-Length: 34654
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/award_footer_2015.gif
188.241.39.200200 OK 17 kB URL GET HTTP/1.1 secure.fircib.com/images/award_footer_2015.gif
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 431 x 91
Hash dccbdb0617d17d33b6a3a6daf34dc512
62e55eaba76fa6cdce818ff60cb761a03d7bf940
1d34389a99792da220647e5afabf7ebb699a1b38faaff35aea7702c7dcca19b1
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/award_footer_2015.gif HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:16 GMT
Accept-Ranges: bytes
Content-Length: 16912
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
142.250.74.35200 OK 4.0 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP 142.250.74.35:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type ASCII text, with very long lines (20367), with no line terminators
Hash 72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:44:30 GMT
expires: Fri, 18 Apr 2025 02:44:30 GMT
cache-control: public, max-age=31536000
age: 569540
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.fircib.com/images/li-marker.png
188.241.39.200200 OK 170 B URL GET HTTP/1.1 secure.fircib.com/images/li-marker.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 7 x 5, 8-bit/color RGBA, interlaced
Hash 9a139b0a2b42a4eb27bc6405c8dc0d03
03402387f7194a7f9527076a0ca2d7223aa377b6
54c22e0c4ecbfc9d32635be15de47fbf94dd4a04df084f37344939f01d5233b4
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/li-marker.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/css/style.css
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:53 GMT
Accept-Ranges: bytes
Content-Length: 170
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/campaignSlideshowNav-arrows.png
188.241.39.200200 OK 1.6 kB URL GET HTTP/1.1 secure.fircib.com/images/campaignSlideshowNav-arrows.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 93 x 113, 8-bit/color RGBA, non-interlaced
Hash 9c706fe4bd490db7881b637b2b7c1278
3e59793054c078f28baa8353d936bb0fbc0697f3
86465aba19430956ad2869391dc92d0bb77d12fb9bc00d34824d1db2b47481a8
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/campaignSlideshowNav-arrows.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/css/style.css
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:24 GMT
Accept-Ranges: bytes
Content-Length: 1577
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/home.png
188.241.39.200200 OK 611 B URL GET HTTP/1.1 secure.fircib.com/images/home.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 58 x 15, 8-bit/color RGBA, interlaced
Hash b95a437e7742c2b33b313124c09ede42
48595631c85fdb05296961f588d22bf0dfbcf070
f5972aebe23b53c255b54966dff7dfca7da316e26da8bae8b9eed25494e2acf0
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/home.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/css/style.css
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:44 GMT
Accept-Ranges: bytes
Content-Length: 611
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/file.png
188.241.39.200200 OK 673 B URL GET HTTP/1.1 secure.fircib.com/images/file.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 20 x 22, 8-bit/color RGBA, non-interlaced
Hash 8c1bb5b0eaf446f2f86302072a97b6c6
0020ef015972f6785449181d83b166fbeaee4b00
2e8452dffea35da57a5f41bba6410599295cf73b36ffb9840571b769e40ff154
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/file.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/css/style.css
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:34 GMT
Accept-Ranges: bytes
Content-Length: 673
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/pp_mark.png
188.241.39.200200 OK 2.7 kB URL GET HTTP/1.1 secure.fircib.com/images/pp_mark.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 22 x 21, 8-bit/color RGBA, non-interlaced
Hash 33d8021dccac50e009f4c60eee36257c
f2bcb57044a9aee464539bda23416fbcb3983c9a
3dd97ca6747bc86c32db6052ad866b179ddccf76cb49c2d08fb5effdad2b0c77
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/pp_mark.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/css/style.css
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:12 GMT
Accept-Ranges: bytes
Content-Length: 2670
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/grey-panel.png
188.241.39.200200 OK 46 kB URL GET HTTP/1.1 secure.fircib.com/images/grey-panel.png
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 1384 x 869, 8-bit/color RGBA, non-interlaced
Hash 6977b8f61677b9ef9660ea4ee96660d7
db94d69de9fbd3b1ba36ca83132cc032d8a92f1a
dcfd3dd73143f177572881afd2c7a4b081fdd951e3c57556d09d53a1da02a95d
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/grey-panel.png HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/css/style.css
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:43 GMT
Accept-Ranges: bytes
Content-Length: 45925
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
secure.fircib.com/images/slide2.jpg
188.241.39.200200 OK 63 kB URL GET HTTP/1.1 secure.fircib.com/images/slide2.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 11:59:11], progressive, precision 8, 1700x500, components 3
Hash 091e8ce921905e062af4a15515369e46
5c3f4ea85c3939a487abc34f0a4b2cd12ff15365
873ab46702f7957ef5ce99883e4ac71bc8ade8049eb8f5567441c1b51e09a823
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide2.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:25 GMT
Accept-Ranges: bytes
Content-Length: 63155
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/samp3.jpg
188.241.39.200200 OK 12 MB URL GET HTTP/1.1 secure.fircib.com/images/samp3.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=10, description=Happy couple standing among carton boxes and hugging, looking over their new apartment. Medium shot. New home concept, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=150, yresolution=158, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2020:08:30 21:50:51], baseline, precision 8, 5760x3840, components 3
Size 12 MB (11650797 bytes)
Hash 2f3ad34811301a7f05ed172b78b901fb
1b4549692853877a355840fc637792e929ba9f47
b0e52852de0fd184c92ea6919b948d72aadf19a078c57bf67cdecefd8f82bebf
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/samp3.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:21 GMT
Accept-Ranges: bytes
Content-Length: 11650797
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/slide1.jpg
188.241.39.200200 OK 48 kB URL GET HTTP/1.1 secure.fircib.com/images/slide1.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 11:56:59], progressive, precision 8, 1700x500, components 3
Hash 053ffd72945ef875219271fafebf0ca2
cb395a8961de1a004e8affd0dfc81155f6f70d0b
96602cff30ae351491f1f4ff58c5bad320f6b7ce15042335430f92a3c46b231b
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide1.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:25 GMT
Accept-Ranges: bytes
Content-Length: 47900
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/slide4.jpg
188.241.39.200200 OK 52 kB URL GET HTTP/1.1 secure.fircib.com/images/slide4.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 12:03:09], progressive, precision 8, 1700x500, components 3
Hash c1fe8e4c38dbd908e22025fcd3747c80
660f8b6f3993ebc9adfa231fe9e90fae0cecd71a
1e59acabf3920266ad107e77d28bb4ab1eb539f8bb6ae3b2f8a9656d0dfec5a1
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide4.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:26 GMT
Accept-Ranges: bytes
Content-Length: 52130
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/slide5.jpg
188.241.39.200200 OK 55 kB URL GET HTTP/1.1 secure.fircib.com/images/slide5.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 12:04:27], progressive, precision 8, 1700x500, components 3
Hash e02b9e2d1febfd1059c6ea8bfaeaa8c6
63e0d4a34e51d327779e960f8fc51f84a36a9229
cc5622928a024e0280663aff9fb671aa1e727d38f5a4efb8819fe8badd9d924c
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide5.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:28 GMT
Accept-Ranges: bytes
Content-Length: 54827
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/slide6.jpg
188.241.39.200200 OK 70 kB URL GET HTTP/1.1 secure.fircib.com/images/slide6.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 12:16:04], progressive, precision 8, 1700x500, components 3
Hash 3cd9480b1722abce4850c0c111a99dfb
442550cfdc5f338d84d66d1e0ae30f4c724e93ba
6e4dbdd26042c281192c48838e7a2a4d4a3031ea29ca65e03d8b8f3bfffd2965
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide6.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:28 GMT
Accept-Ranges: bytes
Content-Length: 69787
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/slide3.jpg
188.241.39.200200 OK 63 kB URL GET HTTP/1.1 secure.fircib.com/images/slide3.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 12:01:55], progressive, precision 8, 1700x500, components 3
Hash 5809466b1be067fea3477f7123975aad
d9ef7dae3f45db0ff25c6cfd85cb2410577e6164
4e563c6021879e32dfcb508ef3269a12d80395f5840a200cdae83181ea32df98
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide3.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:50 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:26 GMT
Accept-Ranges: bytes
Content-Length: 63287
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/slide7.jpg
188.241.39.200200 OK 86 kB URL GET HTTP/1.1 secure.fircib.com/images/slide7.jpg
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2022:02:09 12:18:19], progressive, precision 8, 1700x500, components 3
Hash d131b54bf5be501eefe088a890e3db7c
60b7814d4a2256bfccb856e7eb8617556f164618
56361b816e4e33dd8de72fe30d4a821be9ce2165c6c3b7dab0376b32e287f93d
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/slide7.jpg HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:51 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:26:30 GMT
Accept-Ranges: bytes
Content-Length: 86006
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
secure.fircib.com/images/favicon.ico
188.241.39.200200 OK 4.3 kB URL GET HTTP/1.1 secure.fircib.com/images/favicon.ico
IP 188.241.39.200:443
ASN #25369 Hydra Communications Ltd
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Hash fd1d27f423fbc3eb4405fb3c9b48bf9f
6ab3d0557f529c287a6bd5429978e4047c06b354
fbee6d88708a48fa23e90c886e63bd7e0efd667d65081764b1aa6b6337734294
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET /images/favicon.ico HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 16:56:53 GMT
Server: Apache
Last-Modified: Wed, 03 Apr 2024 08:25:33 GMT
Accept-Ranges: bytes
Content-Length: 4286
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main
142.250.74.106200 OK 73 kB URL GET HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main
IP 142.250.74.106:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File type JavaScript source, ASCII text, with very long lines (2308)
Hash b78a598053844b5ae2d3c1d98851d54a
f75001b57e8d501345f9f6a24bb05b4da381022d
c1e457211fafb84677e66e20fa411e5d6875dfced5e2e8727615589aa3434d02
GET /_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 17:35:04 GMT
expires: Wed, 23 Apr 2025 17:35:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:10:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 84109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.35200 OK 910 B URL GET HTTP/3 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.35:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 14:17:57 GMT
expires: Wed, 23 Apr 2025 14:17:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
age: 95936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
142.250.74.99200 OK 3.3 kB URL GET HTTP/2 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP 142.250.74.99:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File type SVG Scalable Vector Graphics image
Hash 2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:43:59 GMT
expires: Wed, 23 Apr 2025 01:43:59 GMT
cache-control: public, max-age=31536000
age: 141174
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.106 1.4 kB URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.106:0
Hash a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 24 Apr 2024 16:56:53 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=XQTR3SmfQxSmfMAuO4esozXQ8Q_Y2HFwuTpmb-gU353wUxny6wLOl-vEf1jvJHZcPZ4XpofvU9D-EqKWyjZipp0HLeAAt3NrzsSOAGSkedIkQV_ceZpj4GeFlj5uEJ_v7glUgDoihuhNtISTgUCPn0ePrgMEf7IHPHcsunoiQ2s; expires=Thu, 24-Oct-2024 16:56:53 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Wed, 24 Apr 2024 16:56:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240422
216.58.211.14204 No Content 0 B URL GET HTTP/3 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240422
IP 216.58.211.14:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240422 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 16:56:53 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-gXn9Zt3UBGtMIG3ar7Cj1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmII0JBicEqfwRoExEI8HFc_L9nIJrDj_OQVjAB1wwmz"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=rVatpOfW4EnlgEJvB_CdeMKmmwLZo0hvr873x5w6TAowS_ejtn9pvwVVeDKd57qNdOVtF-n5bGG8EzCdZE-0QVejIQ5th-PCdQZyl1RMWI21HshKQbx6tAJLGu-Hrm2IbcNHX8k48juaWJe4MpbvHAGiU6e7KiEDmJwYp9qCgKg; expires=Sun, 25-May-2025 09:15:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
142.250.74.106200 OK 0 B URL POST HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP 142.250.74.106:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://secure.fircib.com/
Origin: https://secure.fircib.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://secure.fircib.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 24 Apr 2024 16:57:03 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
142.250.74.106200 OK 131 B URL POST HTTP/3 translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP 142.250.74.106:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.fircib.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1189
Origin: https://secure.fircib.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://secure.fircib.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 24 Apr 2024 16:57:03 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 90 kB URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:443
Requested by https://secure.fircib.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File type JavaScript source, ASCII text, with very long lines (2064)
Hash e249ccc731a4492b3d080b9c5c1b705e
73ead1b8f42c919f2651f3ec5273a8d889b0234f
fb728382b6be0a4979161e08e9993e09ff5b4727c5362216acd8906d536dbed8
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 16:56:50 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.fircib.com/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by https://secure.fircib.com/
Certificate IssuercPanel, Inc.
Subjectsecure.fircib.com
Fingerprint0D:ED:EB:B5:04:1C:7A:39:B0:69:A0:1F:A5:41:0B:10:9A:B5:39:CF
ValidityWed, 03 Apr 2024 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing First Citizens Bank
GET / HTTP/1.1
Host: secure.fircib.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.fircib.com/
Cookie: PHPSESSID=0e44e7c426f385d7876d1f39507b3817
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache