firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 20:08:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XEabU1fxXZA1W1A2yy4R8cr_ilFp4HtoclKh6WI9RRLSD3DQiN9_6w==
Age: 958
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2908
Expires: Mon, 12 Sep 2022 21:12:45 GMT
Date: Mon, 12 Sep 2022 20:24:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BN6Cy0yU9di-K7Qz3DuBESgyTFKpAGAmiaRdD69P37YO0hX70R6eYQ==
age: 47225
X-Firefox-Spdy: h2
regentinfo.org/apply
68.142.179.79301 Moved Permanently 162 B IP 68.142.179.79:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /apply HTTP/1.1
Host: regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 12 Sep 2022 20:24:17 GMT
Content-Type: text/html
Content-Length: 162
Location: http://regentinfo.org/apply/
Connection: keep-alive
Keep-Alive: timeout=5
regentinfo.org/apply/
68.142.179.79302 Found 0 B IP 68.142.179.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /apply/ HTTP/1.1
Host: regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 12 Sep 2022 20:24:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Location: https://www.regentinfo.org/apply/index.cfm?isndsl
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:24:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 19:56:07 GMT
Expires: Mon, 12 Sep 2022 20:36:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cgr0pR23rIwT9YZc3Hfc6q4-5KieM6zIHno4GrdN33ngXkqmyVekIA==
Age: 1691
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:18 GMT
Last-Modified: Mon, 12 Sep 2022 20:16:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 270e8d7f6679deb644e095f80082eba3
7cd06a90c1d1252c5b92c08ac75b103654355b6e
05f053af91bdb9016af433ed13031d0820926d80c8620d663bf4c94445e3da8d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:24:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 09:49:44 GMT
Expires: Fri, 16 Sep 2022 09:49:43 GMT
Etag: "7cd06a90c1d1252c5b92c08ac75b103654355b6e"
Cache-Control: max-age=306924,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749b5dab2e79b506-OSL
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uZl3x9PdZ0Y3ZBedLz/qYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oxIG9R969Fk432ozN5h/S1A2MSE=
www.regentinfo.org/apply/index.cfm?isndsl
68.142.179.79200 OK 25 kB URL HTTP/1.1 www.regentinfo.org/apply/index.cfm?isndsl
IP 68.142.179.79:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (926), with CRLF, LF line terminators
Hash 4566e2c5e6c74e34c647592059d0d5ad
7c22ff790fac22f143ffd86733daffdd290fa327
311041999ae537a214e73de66434e194ef988cffa6c6a424e60198694854483c
Analyzer Verdict Alert fortinet Phishing
GET /apply/index.cfm?isndsl HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:18 GMT
Content-Type: text/html; charset=windows-1252
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Vary: Accept-Encoding
Expires: Sun, 10 Oct 2010 12:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
www.regentinfo.org/apply/style-data-collection.css
68.142.179.79200 OK 7.6 kB URL HTTP/1.1 www.regentinfo.org/apply/style-data-collection.css
IP 68.142.179.79:0
File type ASCII text, with very long lines (42888)
Hash 398505f7411e48b713bb0fece47a0eea
eb8bae32f0b52387b63f816713b20bbfbf516fed
18bc0694bf91b17ab6ff6d68057ae9ceac9aee0b297b260ed877c9e0665167e3
GET /apply/style-data-collection.css HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Vary: Accept-Encoding
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Content-Encoding: gzip
www.regentinfo.org/global/rte/js/default/royall-runtime.js
68.142.179.79200 OK 19 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime.js
IP 68.142.179.79:0
Hash 67576de990979d3c2f9d60818b985b03
a1373391219ad9dd9296464e0e13937587df553d
a7d0dc684de96e3f909e651886df820cf13e56ba51b87ce4e297ab0263feb6ee
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 18597
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
use.typekit.net/jva8vxn.css
184.31.15.74200 OK 636 B URL HTTP/2 use.typekit.net/jva8vxn.css
IP 184.31.15.74:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 9dbb1582e64ce32d090a971a0708e0b7
915d08921f9cf4512d883ca9fcacf26af0109b5d
ceb9d5b61d03f02776f170e0e8330b49f63f0962de053d1a8c6ae65df6a12050
GET /jva8vxn.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 636
date: Mon, 12 Sep 2022 20:24:19 GMT
X-Firefox-Spdy: h2
www.regentinfo.org/global/rte/js/default/royall-runtime-json.js
68.142.179.79200 OK 1.9 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-json.js
IP 68.142.179.79:0
Hash 7fe817a7e118e78836de20ddadeadae6
784f50590500bd5c3ab6ddf12bd31e1cec0eb0bb
89d5ebcf4ce88697d5955abdf507e368900bf773576b863d2bc49b02ced75f13
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-json.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 1918
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
p.typekit.net/p.css?s=1&k=jva8vxn&ht=tk&f=8482.8486&a=17456552&app=typekit&e=css
184.31.15.48200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=jva8vxn&ht=tk&f=8482.8486&a=17456552&app=typekit&e=css
IP 184.31.15.48:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=jva8vxn&ht=tk&f=8482.8486&a=17456552&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Mon, 12 Sep 2022 20:24:19 GMT
X-Firefox-Spdy: h2
www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.widget.menu.js
68.142.179.79200 OK 16 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.widget.menu.js
IP 68.142.179.79:0
Hash 4e607e4f9e834f83696c1a4abdf6ce55
4be679b69cfb17e11b30ac3b66f943f3cb20f065
1e7d4ffe167ac468751a808313cb44a1054690bf1e893d360ffba0f79df14555
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery-ui-1.10.2.widget.menu.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 16435
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.widget.autocomplete.js
68.142.179.79200 OK 16 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.widget.autocomplete.js
IP 68.142.179.79:0
Hash 5826528f37d7d37e198a5bc200ee8afb
324e3f0683df12f74ec5a7820f26afb63f53c4d0
91500e9218aec4c86fdccd8af11b381812af878e540d1981a2a061b92e1988fe
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery-ui-1.10.2.widget.autocomplete.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 15797
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-e.js
68.142.179.79200 OK 34 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-e.js
IP 68.142.179.79:0
Hash 9f8855b3ce30846ce9484b203dfe3899
f68182e6a2fc57acca152a900bbf5ede21b2807a
075b7e05867ea5de86ca75fa5127ee8cbe0ab3f1320b8943b8566618d1fd1693
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-e.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 34471
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.core.all.js
68.142.179.79200 OK 43 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.core.all.js
IP 68.142.179.79:0
Hash 1810383ded33d8444236c2211ca65fe7
9c84dcaf9a9013c19c07024d5877fac985faa6b7
936d7c17b6099e8a2c413e3bb95f0ae2f8f01d0d1e70354497097160d741b852
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery-ui-1.10.2.core.all.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 42786
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.effects.all.js
68.142.179.79200 OK 56 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery-ui-1.10.2.effects.all.js
IP 68.142.179.79:0
File type ASCII text, with very long lines (390)
Hash 1e79f14dd9edc54f76db9b54f7fd921f
366523904766a264ad46ef73f7f717e751bb2253
f6748e99cf27f5488664813c15429a339fd3e883f7775b3b77551c354b3aa223
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery-ui-1.10.2.effects.all.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 56263
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-lookup.js
68.142.179.79200 OK 9.5 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-lookup.js
IP 68.142.179.79:0
File type ASCII text, with very long lines (5758)
Hash 2e524720b4c9a8f955b394709d281cb2
9a3c1abcbdb27c9cde262dc28ac7a50e952f98d8
919ad2ea31e2b2aa409c8da4a77189f807312bfda0852c6429496e844fd46113
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-lookup.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 9536
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-validations.js
68.142.179.79200 OK 5.5 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-validations.js
IP 68.142.179.79:0
Hash 372402e3f7bde63c2312bd07167a6a6b
2604d0711d042eacff43753dec8b3f6f0639d89d
b60445044fe63e4234e4e1438f9e559c1a71b4138dc77db362c5247be0d13c5a
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-validations.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 5508
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-section.js
68.142.179.79200 OK 2.9 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-section.js
IP 68.142.179.79:0
Hash ada86349b7e5f283a18b0cb575c2f74f
7b8b40e2dd3e5c8355249e81c4190cca774bbb13
18c9732cf6db36ff32b8256258cf90169d33fbf1c6f7d7410fdb63cda9cbe6bc
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-section.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 2854
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery-1.8.3.js
68.142.179.79200 OK 94 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery-1.8.3.js
IP 68.142.179.79:0
File type ASCII text, with very long lines (65483)
Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery-1.8.3.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 93636
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f4f41e80dd59c1fce770e48225027daf
0d5959285e89589a5c8312c2d3e3138e1ee042f9
9a643a764ab149bff94a7b0486354251f49e7ce1314e8a84e18b469ec9fa4d83
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 20:24:19 GMT
Last-Modified: Mon, 12 Sep 2022 18:46:47 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: t5fwH4Ur-nLbU7vuITCZ1CYXjCATgogq-yGSCHwjk3We-8Qryo97Dg==
Age: 5852
www.regentinfo.org/global/rte/js/default/royall-runtime-group.js
68.142.179.79200 OK 8.2 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-group.js
IP 68.142.179.79:0
Hash 3edbb1fe68de5bb31db6aa10042299db
93c1c12b22a6b2f74c38d2c218f2d55b72d78136
28fff9e838340b759ab41957d02432106a8dc99626116b44d971f68fd3e9ef70
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-group.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 8222
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regentinfo.org/global/rte/js/default/royall-runtime-question.js
68.142.179.79200 OK 2.2 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-question.js
IP 68.142.179.79:0
Hash 7fa4ad4db8795df9a9175863bc78ac47
0af78dc960d629bf5da8bc8fb56c8aa9e0e8cceb
5e2d924f979327627af65d6b76f725e53be68e9b46ba2e64351645fdadb79d20
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-question.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 2230
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royallet-hsl.js
68.142.179.79200 OK 18 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royallet-hsl.js
IP 68.142.179.79:0
Hash 7290c57ab69f41776ac54aba3e58565d
f68c447e50a0fecaa1a22546d857ea4cb8b84fb7
615a3035f17f3ca569eccb4317f903918e712e2bb6e2d25197cec7c6e75b4ecd
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royallet-hsl.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 18391
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-highschoollookup.js
68.142.179.79200 OK 27 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-highschoollookup.js
IP 68.142.179.79:0
Hash 6ed35c9ba19f51fdc2b183b97a20b57e
25d36edc13e2fb2526b1febb1789b6c3b80f18c0
46fe67a2ce682ebc25cd4b356ce89edd9588f5305029483cbdbd471902236235
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-highschoollookup.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 26855
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-ceeb.js
68.142.179.79200 OK 17 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-ceeb.js
IP 68.142.179.79:0
Hash 15a1513027fe3fea6ee5ab7721ff1273
8d9b9db05743b9986994a00ca8471c269bdfd521
67a217b5a867993dbed1edbee3554a7bee56ec0338388b7b126f5c9596dcc07d
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-ceeb.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 17126
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-church.js
68.142.179.79200 OK 18 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-church.js
IP 68.142.179.79:0
Hash 6619653e3f0e3d3112a32d8e090c5921
a38668e1fe66743813c3dbdd329071da526aa938
d5046de97b32169b81315cbd62670799df74195c915ca5ef55c0e5e88dd30f6b
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-church.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 17830
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-NW9CTDV
142.250.74.72200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NW9CTDV
IP 142.250.74.72:0
File type ASCII text, with very long lines (22398)
Hash 0d91d3c2dd7f67b3e1723160b640123d
254c6136ab0df63b690eac2cc0134dacce3eba69
3d35d57772142e0d3e101bacc7b746b59a33d45fecd86b1819c4f1fac58839fe
GET /gtm.js?id=GTM-NW9CTDV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 20:24:19 GMT
expires: Mon, 12 Sep 2022 20:24:19 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regentinfo.org/global/rte/js/default/royall-runtime-textarea.js
68.142.179.79200 OK 521 B URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-textarea.js
IP 68.142.179.79:0
Hash ba91c2e48c52d2bd295ac95e43713814
d869cf83b94e06cc14866d9ca7fe2eb131c11120
4eedc186cb7f02dff6a8cc4b82b1ce75c33b6fe53b067ecb628c86a0d3aa85f4
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-textarea.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 521
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-customessay.js
68.142.179.79200 OK 462 B URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-customessay.js
IP 68.142.179.79:0
Hash 3b256f924b32f7052ed866addd1edf25
acc6df1bb52620f43946f38d9479ca35611656e6
9b690cd37b5c7e3d212c85b665e77ef4ec5a2bb1eada5c29f6ed65f3ee4e9c68
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-customessay.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 462
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-rendermacro.js
68.142.179.79200 OK 4.2 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-rendermacro.js
IP 68.142.179.79:0
Hash 0fceea3f9b1da25ffdd98be7522e2786
e08fff1c4aa1a0f935562aa12484002558d67453
6d8104110f4304d9fc5e44bedc85e6801da0b4febce81fbdcb38e18f051dcbf1
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-rendermacro.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 4171
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery.maskedinput-1.2.1.js
68.142.179.79200 OK 7.9 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.maskedinput-1.2.1.js
IP 68.142.179.79:0
Hash 0d5cd22ce2f8ff2f868f12d5077c5f8a
b93cd0e74926a7b0bae4ebb5548a706928ab6c1e
1a343d7869bc90f0402c11f5af9d5bd98b6c2883987ecc343527e2779d4ec59a
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.maskedinput-1.2.1.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 7900
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/facebox.js
68.142.179.79200 OK 11 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/facebox.js
IP 68.142.179.79:0
File type HTML document text\012- HTML document, ASCII text
Hash 102b68d24aad78be487268fdd59d0334
13b3dc810c1d2aba7c2bc2cd73b7c0fec87f91b4
069d1d14f0692ff1263943c0edce8dfa5723890ae4083a67a26106a981e0a23d
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/facebox.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 11321
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery.fancybox.js
68.142.179.79200 OK 48 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.fancybox.js
IP 68.142.179.79:0
Hash 03007157c686cff2b443eac22fef0175
9fb09d21f123db1ecb3a81f3e70da387a840139a
8a8dfca9210afccced83565898d83b27db4c75776e1e59f053a5784e7c14d146
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.fancybox.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 47975
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/sifr.js
68.142.179.79200 OK 10 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/sifr.js
IP 68.142.179.79:0
File type HTML document, ASCII text, with very long lines (10118)
Hash b9f3548ccbd33225c25d08ad246ccd3f
59e048fccd25d67d1df390608c854d4aa4d08209
77156f5f92e77af0f6f1717965339832830119fda05b25a29e2d596b545555e0
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/sifr.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 10470
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery.cycle.min.js
68.142.179.79200 OK 19 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.cycle.min.js
IP 68.142.179.79:0
File type ASCII text, with very long lines (18936)
Hash c2356a4c390b59455dec800def8c92ae
e080f5b79722e21bc9f41ea1e0d94ff8737eebcd
483cb4a1a943368996198edbd13f14a734ce98c8b0a68d1eef4ccb81a3dff292
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.cycle.min.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 19285
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/dd_belatedpng_008.js
68.142.179.79200 OK 13 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/dd_belatedpng_008.js
IP 68.142.179.79:0
File type ISO-8859 text, with very long lines (305)
Hash 961fa56ff93e5501159fbab397da64b0
cdf5e6ca53cc9a571dc2cb7aad3cb3f9d8a79e2b
f26b1f3ac786e00b7a989ede7bc8aaf3fddabc1bb214c62b061b33e08d544d28
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/dd_belatedpng_008.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 12678
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery.backstretch.js
68.142.179.79200 OK 4.0 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.backstretch.js
IP 68.142.179.79:0
Hash 218e485a201844d6a2da2c2113f07d1f
f5088b4cb26869f4076ac0a2c71ec4085caa34ef
e8fb478a4c1977820f828f979d9bd93168a6b7ffa83701c8e5adeee6a118501f
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.backstretch.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 3971
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jqModal.js
68.142.179.79200 OK 3.4 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jqModal.js
IP 68.142.179.79:0
Hash f901bbdab848edc289188dab74ba78da
9a0c15cdb74f2723b6ffb3a871aef537dd7e57fd
181e06889ccbf8337649caad5ffeec65342510d9687f8411cb169322fe20ade0
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jqModal.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 3355
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-popout.js
68.142.179.79200 OK 1.1 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-popout.js
IP 68.142.179.79:0
Hash d33e21df31725b6218b800431ebfee8f
491e8a7518ad1f57a70f4dfbb9265c9ecae25cb4
9619c7c04a0c17d560043471aed467ef9570d3deef2572cb70f02f7f0706f5d4
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-popout.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 1105
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17657
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:24:19 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17657
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:24:19 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17657
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:24:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:13:41 GMT
age: 47438
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:04:42 GMT
age: 58778
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 81749
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:14 GMT
age: 81366
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UxATqmWDCTwVqA3ORIXXObWZZj158TSRUoaAr48b08sxdAxBicw5zA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:27:45 GMT
age: 46595
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:16:58 GMT
age: 79642
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regentinfo.org/global/rte/js/default/jquery.autolookup.js
68.142.179.79200 OK 14 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.autolookup.js
IP 68.142.179.79:0
Hash a9cff9f7e2cdf53eaff6a57106535294
f9359f32084d181fab64f3e4b36731c2c4d2059c
faa36200c31d25ead02e1b8c3c00b0458c248d0bf5b5c01972e67ae8822c87ca
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.autolookup.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 13646
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-linktrack.js
68.142.179.79200 OK 525 B URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-linktrack.js
IP 68.142.179.79:0
Hash 45026c7a35890cca50cfdefad6d74eac
145400ad95bf05b09490ac0e1b0aafa1605f1ef3
1378dae73d73d9cac4a82098c3239b34dbc966f33e62c9ed49de82a66056ccb6
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-linktrack.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 525
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-am.js
68.142.179.79200 OK 3.9 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-am.js
IP 68.142.179.79:0
Hash 5722e69cb559c00795389d2c5fca749f
442e2fb03743ad3aff9c40d613f2b7b4b0a1bda8
c3d12f73797be395f8486129939a9e2916e14b522f3c40b94eb1a85b8dab9e7b
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-am.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 3897
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/royall-runtime-as.js
68.142.179.79200 OK 18 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/royall-runtime-as.js
IP 68.142.179.79:0
Hash e2481d71ceab011f9bd4ad914d59df19
c1a37c89d88cc3681dfcf3fde9a4534ee6035c6e
b6d47fb3f8ad534cfdb1a3f87c2a705861b859f96a644a885530bf67b8a0b6ea
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/royall-runtime-as.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:19 GMT
Content-Type: application/javascript
Content-Length: 18288
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.youvisit.com/tour/Embed/js3?data-platform=eseab&utm_campaign=30349&estid=.642
54.230.111.21200 OK 5.1 kB URL HTTP/2 www.youvisit.com/tour/Embed/js3?data-platform=eseab&utm_campaign=30349&estid=.642
IP 54.230.111.21:0
File type ASCII text, with very long lines (2059)
Hash 9dc10ca4985a40cc973a96d7d6efe4f0
d08cef1e604126c0516cc6851c5b05cb8878beb3
4458252d5f6d04b32550485dc88ed9c8fba2c1856b4e3d24e2d0a01883d824e9
GET /tour/Embed/js3?data-platform=eseab&utm_campaign=30349&estid=.642 HTTP/1.1
Host: www.youvisit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 5147
date: Mon, 12 Sep 2022 20:24:19 GMT
server:
expires: Mon, 12 Sep 2022 20:54:19
pragma: cache
cache-control: max-age=1800
user-cache-control: max-age=1800
set-cookie: PHPSESSID=8ddsnsba7trmkn1e2sms0aaajm; path=/; domain=.youvisit.com; secure; HttpOnly; SameSite=none
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
vary: X-Forwarded-Proto,Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SmGruHEgWidFAZHMUI3fZxWFE8bsk5LXlZXgcE8QhWb_K3qVbOJq2g==
X-Firefox-Spdy: h2
www.regentinfo.org/global/rte/js/default/cj/royall-runtime-cj.js
68.142.179.79200 OK 5.7 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/cj/royall-runtime-cj.js
IP 68.142.179.79:0
Hash cada46147068aa5bb752ed1c32219616
45eb1199b6d12ca3e93db66c6fe046db8f0f973a
4610bfead52418f4f00bff147f5f7d11e0c6fc8a1bcc0043c3402f362025b4a8
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/cj/royall-runtime-cj.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 5676
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/cj/royall-runtime-cj-action.js
68.142.179.79200 OK 8.2 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/cj/royall-runtime-cj-action.js
IP 68.142.179.79:0
Hash 962640c447b5ded3a848da97328efd03
1085abc93913656e2ac071910bc7082a839b933f
136413be90d53b979d6a5aa98daa56f81043cd448dbd244f1adb0fd2875ac016
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/cj/royall-runtime-cj-action.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 8231
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/cj/royall-runtime-cj-criteria.js
68.142.179.79200 OK 2.8 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/cj/royall-runtime-cj-criteria.js
IP 68.142.179.79:0
Hash 8a105e2d7afd58a4e25f03eb129a5a0a
4d01f37589bb1011a1d57c69a1ca2e3ffe4d9d88
79de4203919feb6438a12544a6c7287125ccb302c5c315bb632c3964627680a8
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/cj/royall-runtime-cj-criteria.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 2805
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery.swfobject.1-1-1.js
68.142.179.79200 OK 5.0 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.swfobject.1-1-1.js
IP 68.142.179.79:0
Hash 8c9fe37305f0b8f546c02a7d5bd4fc3e
0435aec909fb8621df049b8f96ae34a9b60b8038
518de7b5ab1da24432eee81f8b0b8f7d4f30b308746c2fb43157d7c26b764e4b
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.swfobject.1-1-1.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 4995
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/modernizr.custom.2.6.2.b99627.js
68.142.179.79200 OK 13 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/modernizr.custom.2.6.2.b99627.js
IP 68.142.179.79:0
File type HTML document, ASCII text, with very long lines (12532)
Hash bc1e0e1e3c430d21f1d7c7a89f2d9c6e
f19246344c909e54befd19e0f790cf587a0dc133
5d4865ebd334e5aaa51f9c6b7c34b9313e590a6b0fe4f773b47d09e96b3b1804
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/modernizr.custom.2.6.2.b99627.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 12879
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/jquery.smooth-scroll.js
68.142.179.79200 OK 6.0 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/jquery.smooth-scroll.js
IP 68.142.179.79:0
Hash 48064ffe3565eb36b7b08ab6299197a9
ac1496c3ddc05f3f627a80236c7cb55e23d889d5
208263c74b3e15a959ac7956e276c73421eeb7041364c60302f52b6805a9c78f
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/jquery.smooth-scroll.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 6039
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/default/rads-ext.js
68.142.179.79200 OK 771 B URL HTTP/1.1 www.regentinfo.org/global/rte/js/default/rads-ext.js
IP 68.142.179.79:0
Hash b23165834cc9bcc91a7715d3df0d80dc
cb4523d0e22361ebbacef598e933b7f845b2e57f
89b64e657bb987245ff3799888bead873886facca28b5a835ede72b10898a903
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/default/rads-ext.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 771
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/apply/plugincode.js?i=6.31.0
68.142.179.79200 OK 56 kB URL HTTP/1.1 www.regentinfo.org/apply/plugincode.js?i=6.31.0
IP 68.142.179.79:0
File type ASCII text, with very long lines (55621)
Hash 13f9e1f623ad4d8b8d42ad2fc9ca7f7a
03841d161a9def611fa562595d1afe4f0508d5ff
739af3e57f17f39b91839db1b3189362138734e9a40adc7532849f46bffe38bd
GET /apply/plugincode.js?i=6.31.0 HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 55835
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.regentinfo.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:28:30 GMT
expires: Thu, 07 Sep 2023 19:28:30 GMT
cache-control: public, max-age=31536000
age: 435350
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.regentinfo.org/global/rte/css/custom.upload.css
68.142.179.79200 OK 1.7 kB URL HTTP/1.1 www.regentinfo.org/global/rte/css/custom.upload.css
IP 68.142.179.79:0
Hash 363282b45db18946db226022561e0da9
863433366ac1b51e466b2b44b48516bb6cecb4f9
3f0a494643543e3b10e01ece58fd43e9a4b1b5e51e4912e677dfce1538c8ff63
GET /global/rte/css/custom.upload.css HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Vary: Accept-Encoding
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Content-Encoding: gzip
www.regentinfo.org/global/rte/js/royall.docshot.js
68.142.179.79200 OK 7.3 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/royall.docshot.js
IP 68.142.179.79:0
Hash 331a09dddabad115b2583bc315488e8c
84933ffc37975b8239eca33d0faf549297ae08ff
8b1ebcc45a8bbfc44ac0744170c87439d7c5cedd0245c8ce582484994f13feec
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/royall.docshot.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 7308
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/js/custom.upload.js
68.142.179.79200 OK 25 kB URL HTTP/1.1 www.regentinfo.org/global/rte/js/custom.upload.js
IP 68.142.179.79:0
File type ASCII text, with very long lines (460)
Hash fda4877b6eae0d3fbaad797306a61e64
f97d3df091411c21e3983f414e632a3575718148
41ba35275f84333cc40bd2d2ff1b111ea342052cf18662ceac7840472e1f1bba
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/js/custom.upload.js HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript
Content-Length: 24595
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.regentinfo.org/apply/jquery.fancybox.css
68.142.179.79200 OK 2.4 kB URL HTTP/1.1 www.regentinfo.org/apply/jquery.fancybox.css
IP 68.142.179.79:0
Hash 6108760e0b1286b49d3649efb52875af
44105c22b125f26900d8f01e14e3f4a278b2251d
a624fbb93f8f89e294becd9072b9f5086104ef61391fb317b337402e29662204
GET /apply/jquery.fancybox.css HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: text/css
Content-Length: 2401
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Accept-Ranges: bytes
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.regentinfo.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:26:57 GMT
expires: Thu, 07 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 435443
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.typekit.net/af/68efc1/000000000000000000012d69/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
184.31.15.74200 OK 99 kB URL HTTP/2 use.typekit.net/af/68efc1/000000000000000000012d69/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
IP 184.31.15.74:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 99284, version 1.0\012- data
Hash cad1a240e54b91126abb280146ba36ae
e1de19b8ec00b15282d681cc4071194c99220fec
ff6c4ff619194ae93ba12f33acb7e998aa01b9d63e938de8082a146990493eb1
GET /af/68efc1/000000000000000000012d69/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.regentinfo.org
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 99284
etag: "241134ab848966fb764f1dcdc02e74f5e3577466"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 12 Sep 2022 20:24:20 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/3cbd9b/000000000000000000012d68/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
184.31.15.74200 OK 98 kB URL HTTP/2 use.typekit.net/af/3cbd9b/000000000000000000012d68/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 184.31.15.74:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 97876, version 1.0\012- data
Hash d2e435c04ec53de1b71bea942c0935cc
e2562b794851561a7fbe04dcb8af80b13dfee582
bca374ae1def0e8b8dbfc914ec67dc5725b96ac7901fc43040864bceba381a8d
GET /af/3cbd9b/000000000000000000012d68/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.regentinfo.org
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 97876
etag: "1462b66c12ce096aa475e042101f2be931b9fa8c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 12 Sep 2022 20:24:20 GMT
X-Firefox-Spdy: h2
www.regentinfo.org/apply/img-app-title-white.svg
68.142.179.79200 OK 7.8 kB URL HTTP/1.1 www.regentinfo.org/apply/img-app-title-white.svg
IP 68.142.179.79:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash aa4c46a10055ddf67a080700cde388db
51a4ff70ced20186ddfee8ec827291e0782f9793
7248e4d43017719a88bdb110f49934e165f386ec496f089c18e7a69bbcc27517
Analyzer Verdict Alert fortinet Phishing
GET /apply/img-app-title-white.svg HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/style-data-collection.css
Cookie: _gcl_au=1.1.458367554.1663014248
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: image/svg+xml
Content-Length: 7799
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Accept-Ranges: bytes
www.regentinfo.org/apply/Regent-University-Logos_Horiz-Logo-w-Tagline.png
68.142.179.79200 OK 5.2 kB URL HTTP/1.1 www.regentinfo.org/apply/Regent-University-Logos_Horiz-Logo-w-Tagline.png
IP 68.142.179.79:0
File type PNG image data, 301 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash e89987589047b6eb96d80e90909e4544
d99de78edc170e4322f1f5ef073821039296824b
af0af262a89f29536a2318ff6eec7d6eb43c8b3f764391e2c994e52cdfba635f
GET /apply/Regent-University-Logos_Horiz-Logo-w-Tagline.png HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/style-data-collection.css
Cookie: _gcl_au=1.1.458367554.1663014248
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: image/png
Content-Length: 5235
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Accept-Ranges: bytes
www.regentinfo.org/apply/img-bg-campus-sky-2.jpg
68.142.179.79200 OK 105 kB URL HTTP/1.1 www.regentinfo.org/apply/img-bg-campus-sky-2.jpg
IP 68.142.179.79:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1199, components 3\012- data
Size 105 kB (104760 bytes)
Hash a7903515aa21f26fb6a59df13ce1ea11
7ed75e524fc5b90a65a58e18973e2c2227a17d69
33aa058ed37a372eab6ac84bcdacb0cb96773834cb91fd892ad4d79da52af77f
GET /apply/img-bg-campus-sky-2.jpg HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/style-data-collection.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: image/jpeg
Content-Length: 104760
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Accept-Ranges: bytes
www.regentinfo.org/global/rte/css/password.ttf
68.142.179.79200 OK 128 kB URL HTTP/1.1 www.regentinfo.org/global/rte/css/password.ttf
IP 68.142.179.79:0
File type TrueType Font data, digitally signed, 20 tables, 1st "DSIG", 67 names, Unicode, type 1 string\012- data
Size 128 kB (127740 bytes)
Hash 0bf6c6d477f09bc6c4fb1c371f760b58
6caf2339fb3f4ceecae4481b8aab0418463133ae
5585d482c2eee6acbeca5fe3d9ffaad32b15c5b26995ee345b0208f557571155
Analyzer Verdict Alert fortinet Phishing
GET /global/rte/css/password.ttf HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/global/rte/css/custom.upload.css
Cookie: _gcl_au=1.1.458367554.1663014248
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Length: 127740
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Tue, 05 Apr 2022 13:37:56 GMT
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b484285361ec795fa474895122e1be2e
2a033ba52d635a89ad6a05d3d83c16bb7dde60f5
272b0d940a57098e62e4d5b42d4125e810d5f66c0cc3dfdbba8f1fb6de428e3b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 12 Sep 2022 15:19:42 GMT
Expires: Mon, 19 Sep 2022 15:19:41 GMT
Etag: "2a033ba52d635a89ad6a05d3d83c16bb7dde60f5"
Cache-Control: max-age=585920,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 749b5db8e968b506-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9e2d067fb55be8f87891600934ddf5a1
aacdebaca7f056d5f5a46a2d980ed8d8eb231936
ca174dffd02cd530a56e6bd641f0a583251bc90acb4bf840336f2aaa4c51e029
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA174DFFD02CD530A56E6BD641F0A583251BC90ACB4BF840336F2AAA4C51E029"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 13 Sep 2022 02:24:18 GMT
Date: Mon, 12 Sep 2022 20:24:20 GMT
Connection: keep-alive
api.qaxis.net/script.js
68.142.178.29200 OK 13 kB IP 68.142.178.29:0
File type ASCII text, with very long lines (13154), with no line terminators
Hash e6c098ce68ab08d965bb27ba21c09d46
5f0db2c53ad8afdae3d9179813e4073a45d58ece
06eaaf8cf37e991a3907b1b4addfbce7e26eb43241afc9c8cec22347e5b377ab
GET /script.js HTTP/1.1
Host: api.qaxis.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:20 GMT
Content-Type: application/javascript; charset=ISO-8859-1
Content-Length: 13154
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: api.qaxis.net
Access-Control-Allow-Credentials: true
api.qaxis.net/t.gif?j={cx:{base_url:%22https:%2F%2Fwww.regentinfo.org%2F%22,lettercd:%22%22,id:%22-1%22,name:%22%22,pid:%2230349%22,pin:%22%22,webstatus:%22-1%22,temail:%22%22,trk_cd:%22%22,temail_enc:%22%22,links:%5B{href:%22login.htm%22,id:%22%22,label:%22Log%20back%20in%22,tag:%22A%22}%5D,buttons:%5B{type:%22button%22,page:%22step_two.htm%22,id:%22%22,label:%22%3Cspan%3ESave%20%26amp%3B%20Continue%3C%2Fspan%3E%22,tag:%22BUTTON%22}%5D,radsother:%5B%5D},_chron:2,_bwr:{n:%22Netscape%22,v:%225.0%20(X11)%22,p:%22Linux%20x86_64%22},_scn:{aw:1280,ah:1002,w:1280,h:1024,c:24,t:0,l:0,at:0,al:0,orientation:{},pt:false},_win:{url:%22https:%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl%22,origin:%22https:%2F%2Fwww.regentinfo.org%22,https:true,hn:%22www.regentinfo.org%22,pn:%22%2Fapply%2Findex.cfm%22,search:%22%3Fisndsl%22},_doc:{_w:1280,_h:939}}
68.142.178.29200 OK 43 B URL HTTP/1.1 api.qaxis.net/t.gif?j={cx:{base_url:%22https:%2F%2Fwww.regentinfo.org%2F%22,lettercd:%22%22,id:%22-1%22,name:%22%22,pid:%2230349%22,pin:%22%22,webstatus:%22-1%22,temail:%22%22,trk_cd:%22%22,temail_enc:%22%22,links:%5B{href:%22login.htm%22,id:%22%22,label:%22Log%20back%20in%22,tag:%22A%22}%5D,buttons:%5B{type:%22button%22,page:%22step_two.htm%22,id:%22%22,label:%22%3Cspan%3ESave%20%26amp%3B%20Continue%3C%2Fspan%3E%22,tag:%22BUTTON%22}%5D,radsother:%5B%5D},_chron:2,_bwr:{n:%22Netscape%22,v:%225.0%20(X11)%22,p:%22Linux%20x86_64%22},_scn:{aw:1280,ah:1002,w:1280,h:1024,c:24,t:0,l:0,at:0,al:0,orientation:{},pt:false},_win:{url:%22https:%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl%22,origin:%22https:%2F%2Fwww.regentinfo.org%22,https:true,hn:%22www.regentinfo.org%22,pn:%22%2Fapply%2Findex.cfm%22,search:%22%3Fisndsl%22},_doc:{_w:1280,_h:939}}
IP 68.142.178.29:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t.gif?j={cx:{base_url:%22https:%2F%2Fwww.regentinfo.org%2F%22,lettercd:%22%22,id:%22-1%22,name:%22%22,pid:%2230349%22,pin:%22%22,webstatus:%22-1%22,temail:%22%22,trk_cd:%22%22,temail_enc:%22%22,links:%5B{href:%22login.htm%22,id:%22%22,label:%22Log%20back%20in%22,tag:%22A%22}%5D,buttons:%5B{type:%22button%22,page:%22step_two.htm%22,id:%22%22,label:%22%3Cspan%3ESave%20%26amp%3B%20Continue%3C%2Fspan%3E%22,tag:%22BUTTON%22}%5D,radsother:%5B%5D},_chron:2,_bwr:{n:%22Netscape%22,v:%225.0%20(X11)%22,p:%22Linux%20x86_64%22},_scn:{aw:1280,ah:1002,w:1280,h:1024,c:24,t:0,l:0,at:0,al:0,orientation:{},pt:false},_win:{url:%22https:%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl%22,origin:%22https:%2F%2Fwww.regentinfo.org%22,https:true,hn:%22www.regentinfo.org%22,pn:%22%2Fapply%2Findex.cfm%22,search:%22%3Fisndsl%22},_doc:{_w:1280,_h:939}} HTTP/1.1
Host: api.qaxis.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: qaxis=8cc8ec31ac79edb0145c99d8044643a0;Path=/;Expires=Mon, 06-Sep-2027 20:24:21 GMT
qsxis=a99d47c44399fd03af1a05c3f1d89681;Path=/
my.regentinfo.org/mtc.js
35.245.131.29200 OK 28 kB IP 35.245.131.29:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (28305)
Hash 92c6cc945f8b2d8ede90c6247f833bdd
2f86f759bcf56e56749b8252a4a1c18cc5c673c9
0f935b7f9421a2074b2c3e5a436b91df6a3387fec9185cfe44e2bb34226659b7
Analyzer Verdict Alert fortinet Phishing
GET /mtc.js HTTP/1.1
Host: my.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Cookie: _gcl_au=1.1.458367554.1663014248
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:24:21 GMT
content-type: application/javascript
content-length: 28017
cache-control: public, max-age=60
link: <https://my.regentinfo.org/api/v2/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0b93bf10aa6a1c704f00fe526ad647b
0a19767b3b99aa79469aadc9b88ec5d3df93d442
852466649bb58710c5a9a42d6fcc2ada0d5062ba42351cc503ed2fdd46588e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Last-Modified: Mon, 12 Sep 2022 18:43:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 18:41:12 GMT
expires: Mon, 12 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 6189
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Sep 2022 20:24:21 GMT
expires: Mon, 12 Sep 2022 20:24:21 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 7FCIo2WNLzTSv70zFnj2orf/25JTSFZIsRIeLt2Yadx+zattQI0chmZbaXmMqmdQLayJuLBA0EX8y+xj5oEUog==
content-length: 26737
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 20:24:21 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.regentinfo.org/apply/favicon.ico
68.142.179.79200 OK 1.2 kB URL HTTP/1.1 www.regentinfo.org/apply/favicon.ico
IP 68.142.179.79:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 0109bbaabc37bb369b964bf957c85144
8e68d432837a7cfeed9018d2fb7c4f2c62df50a5
9d71ee78d8963db7126314de75da40c4d45b2765cb58771d80f5da045292835e
GET /apply/favicon.ico HTTP/1.1
Host: www.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/apply/index.cfm?isndsl
Cookie: _gcl_au=1.1.458367554.1663014248
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:24:21 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Keep-Alive: timeout=5
Last-Modified: Mon, 15 Aug 2022 18:25:41 GMT
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0b93bf10aa6a1c704f00fe526ad647b
0a19767b3b99aa79469aadc9b88ec5d3df93d442
852466649bb58710c5a9a42d6fcc2ada0d5062ba42351cc503ed2fdd46588e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Last-Modified: Mon, 12 Sep 2022 18:43:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/849978368/?random=1663014249091&cv=9&fst=1663014249091&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg970&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&tiba=World%20Changer%20Application%20%7C%20Regent%20University&auid=458367554.1663014248&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849978368/?random=1663014249091&cv=9&fst=1663014249091&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg970&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&tiba=World%20Changer%20Application%20%7C%20Regent%20University&auid=458367554.1663014248&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2306), with no line terminators
Hash 6305287fe69983d98905b1747929b88c
897fce7dacc60fc6a11125b67366a16c8e3c8061
2a852b688710e24041edbd50e2ca79973e7bcd5f9c6ee841ccb2a944fd1c13cb
GET /pagead/viewthroughconversion/849978368/?random=1663014249091&cv=9&fst=1663014249091&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg970&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&tiba=World%20Changer%20Application%20%7C%20Regent%20University&auid=458367554.1663014248&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 20:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1057
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Sep-2022 20:39:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.regentinfo.org/mtc/event
35.245.131.29204 No Content 0 B URL HTTP/2 my.regentinfo.org/mtc/event
IP 35.245.131.29:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /mtc/event HTTP/1.1
Host: my.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Referer: https://www.regentinfo.org/
Origin: https://www.regentinfo.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 20:24:21 GMT
cache-control: no-cache, private, max-age=1209600
expires: Mon, 26 Sep 2022 20:24:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=645508302314222&ev=PageView&dl=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&rl=&if=false&ts=1663014249378&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663014249377.123713275&it=1663014249097&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=645508302314222&ev=PageView&dl=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&rl=&if=false&ts=1663014249378&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663014249377.123713275&it=1663014249097&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=645508302314222&ev=PageView&dl=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&rl=&if=false&ts=1663014249378&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1663014249377.123713275&it=1663014249097&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Mon, 12 Sep 2022 20:24:21 GMT
expires: Mon, 12 Sep 2022 20:24:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/849978368/?random=1663014249091&cv=9&fst=1663012800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&tiba=World%20Changer%20Application%20%7C%20Regent%20University&async=1&fmt=3&is_vtc=1&random=3286523726&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849978368/?random=1663014249091&cv=9&fst=1663012800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&tiba=World%20Changer%20Application%20%7C%20Regent%20University&async=1&fmt=3&is_vtc=1&random=3286523726&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849978368/?random=1663014249091&cv=9&fst=1663012800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg970&sendb=1&frm=0&url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&tiba=World%20Changer%20Application%20%7C%20Regent%20University&async=1&fmt=3&is_vtc=1&random=3286523726&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 20:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:24:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100582740-1&cid=966160059.1663014249&jid=697345706&gjid=485871433&_gid=78438018.1663014249&_u=YEBAAEAAAAAAAC~&z=1299832401
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100582740-1&cid=966160059.1663014249&jid=697345706&gjid=485871433&_gid=78438018.1663014249&_u=YEBAAEAAAAAAAC~&z=1299832401
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100582740-1&cid=966160059.1663014249&jid=697345706&gjid=485871433&_gid=78438018.1663014249&_u=YEBAAEAAAAAAAC~&z=1299832401 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.regentinfo.org
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.regentinfo.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Sep 2022 20:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.regentinfo.org/mtracking.gif?page_title=World%20Changer%20Application%20%7C%20Regent%20University&page_language=en-US&preferred_locale=en_US&page_referrer=&page_url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&counter=0&timezone_offset=0&resolution=1280x1024&platform=UNIX&do_not_track=false&timezone=UTC
35.245.131.29200 OK 43 B URL HTTP/2 my.regentinfo.org/mtracking.gif?page_title=World%20Changer%20Application%20%7C%20Regent%20University&page_language=en-US&preferred_locale=en_US&page_referrer=&page_url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&counter=0&timezone_offset=0&resolution=1280x1024&platform=UNIX&do_not_track=false&timezone=UTC
IP 35.245.131.29:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /mtracking.gif?page_title=World%20Changer%20Application%20%7C%20Regent%20University&page_language=en-US&preferred_locale=en_US&page_referrer=&page_url=https%3A%2F%2Fwww.regentinfo.org%2Fapply%2Findex.cfm%3Fisndsl&counter=0&timezone_offset=0&resolution=1280x1024&platform=UNIX&do_not_track=false&timezone=UTC HTTP/1.1
Host: my.regentinfo.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Cookie: _gcl_au=1.1.458367554.1663014248; _ga=GA1.2.966160059.1663014249; _gid=GA1.2.78438018.1663014249; _gat_UA-100582740-1=1; _fbp=fb.1.1663014249377.123713275
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:24:22 GMT
content-type: image/gif
content-length: 43
set-cookie: mautic_device_id=yeua1n5zr2dpln3ezgjmapn; expires=Tue, 12-Sep-2023 20:24:22 GMT; Max-Age=31536000; path=/; secure; SameSite=None
mtc_id=800818; path=/; secure; SameSite=None
mtc_sid=yeua1n5zr2dpln3ezgjmapn; path=/; secure; SameSite=None
cache-control: max-age=0, must-revalidate, no-cache=Set-Cookie, private, proxy-revalidate
content-encoding: none
expires: Mon, 12 Sep 2022 20:24:22 GMT
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
pragma: no-cache
link: <https://my.regentinfo.org/api/v2/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,600;1,300&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,600;1,300&display=swap
IP 142.250.74.10:0
GET /css2?family=Source+Sans+Pro:ital,wght@0,300;0,600;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 20:24:19 GMT
date: Mon, 12 Sep 2022 20:24:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youvisit.com/SmartScript/latest/smartscript.js?v=2022.11.1
54.230.111.21200 OK 0 B URL HTTP/2 www.youvisit.com/SmartScript/latest/smartscript.js?v=2022.11.1
IP 54.230.111.21:0
GET /SmartScript/latest/smartscript.js?v=2022.11.1 HTTP/1.1
Host: www.youvisit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regentinfo.org/
Cookie: PHPSESSID=8ddsnsba7trmkn1e2sms0aaajm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 16:31:29 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 12 Sep 2022 04:57:49 GMT
etag: W/"15c3af3ff3fb3e71e0fc3a3deb7c57db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3FNMlOLW31wp7QusA7hg9tRKb8UItl10L2OEyoB9U-ySqapF0x8dGQ==
age: 55734
X-Firefox-Spdy: h2