r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7885
Expires: Sun, 05 Feb 2023 09:35:39 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4429
Expires: Sun, 05 Feb 2023 08:38:03 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 06:33:54 GMT
content-type: application/json
age: 3020
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15568
Expires: Sun, 05 Feb 2023 11:43:42 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tjImBqXibYXb5DhfvMAEs6OWq3qFuNpkqxeUok8F7grOvUTKpcLBms7mJUGtdOJjIYV4ApdWQc0=
x-amz-request-id: K74NG42HG407SS96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 06:53:10 GMT
age: 1864
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 07:24:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 0efdfdd076560c0c4f71a3d388dd638c
28e2ed7f8d467e55189634768c87247b5764c688
b2163c1511be8fc6ff384bb80cd662f639907e489220278b85506eee6b140487
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B2163C1511BE8FC6FF384BB80CD662F639907E489220278B85506EEE6B140487"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3025
Expires: Sun, 05 Feb 2023 08:14:39 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 0efdfdd076560c0c4f71a3d388dd638c
28e2ed7f8d467e55189634768c87247b5764c688
b2163c1511be8fc6ff384bb80cd662f639907e489220278b85506eee6b140487
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B2163C1511BE8FC6FF384BB80CD662F639907E489220278B85506EEE6B140487"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Sun, 05 Feb 2023 08:14:33 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 0efdfdd076560c0c4f71a3d388dd638c
28e2ed7f8d467e55189634768c87247b5764c688
b2163c1511be8fc6ff384bb80cd662f639907e489220278b85506eee6b140487
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "B2163C1511BE8FC6FF384BB80CD662F639907E489220278B85506EEE6B140487"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Sun, 05 Feb 2023 08:14:33 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
acount-management-and-update-of-security.com/step5.htm
192.185.46.63200 OK 107 kB URL HTTP/1.1 acount-management-and-update-of-security.com/step5.htm
IP 192.185.46.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (63534), with CRLF line terminators
Size 107 kB (107221 bytes)
Hash d4081eaa7132e1ae1cb745a7b2dbaaf2
1c56df7571ff971e72c1bbd4065374461a692420
907be7908faf8c9c216726471b950620552dcb87d4b93ae5fd35cdd191ec15e0
Analyzer Verdict Alert openphish Bank of America
fortinet Phishing
GET /step5.htm HTTP/1.1
Host: acount-management-and-update-of-security.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:24:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 13:25:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
192.229.133.92200 OK 4.5 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
IP 192.229.133.92:0
File type GIF image data, version 89a, 45 x 45\012- data
Hash 1064816bae09ca9b6273d87bf9c4a7ff
9dc87e8ddd24ba835f5959d7ce16f8ab90ade9c8
3a1b52b7233dfe08972f5f53d864d752f45809f9fd298966de4802dc13bf1d77
GET /sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/gif
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "1193-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F71A)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vBZv7uQ6INXzyeqC3XdgAAAMU
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 4499
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-header-lock-CSX1f35fd71.png
192.229.133.92200 OK 52 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-header-lock-CSX1f35fd71.png
IP 192.229.133.92:0
File type PNG image data, 10 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash a86676a23cf698c92603069a6ee6dc65
54e430c27af1b2bc1cde3b7f4e5cbfe51aaf99e6
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-header-lock-CSX1f35fd71.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 233250
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "cc36-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F6FD)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vKfJ5MH1Fjjzm-L65QtgAAAhg
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 52278
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv1@2x-CSXec3bc565.png
192.229.133.92200 OK 44 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv1@2x-CSXec3bc565.png
IP 192.229.133.92:0
File type PNG image data, 286 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 63cf4d72dedefaccb2c44195f5b255fe
e2265d6d6fa17e8daad2f58297db7bb2c1d135b9
f831295258274780ec6638f8644cfc0e3532d0826f98d373b2ef5de888d50e43
GET /sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv1@2x-CSXec3bc565.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "adb1-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F712)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vBZjXbFeQ2tlLoUTAQgwAAAd8
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 44465
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
192.229.133.92200 OK 1.0 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
IP 192.229.133.92:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ee579729333a40e6ec2e4025bf6fc84
6d5a2a15a37eb8b9d75e3297e77c4a31858fdac2
8bec640ab2c43a35cea153f4f5efd4dfae1c2f0ee98ed637c2d20ab706be4a0f
GET /sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/svg+xml
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "7d7-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F705)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vBZkOeUy8cU6yKl77M-AAAAU4
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 1009
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-timeout-icon_red_error-CSX50a7cb02.png
192.229.133.92200 OK 787 B URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-timeout-icon_red_error-CSX50a7cb02.png
IP 192.229.133.92:0
File type PNG image data, 39 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash be6958b211ca86111fabef07c41e7fc5
ad48bf6257dfafcd2629f8ac05f3d50acd8e8075
e370992dd3acb665187ed9eefaf8de0102db12b22153de534ac8c019d0b84136
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-timeout-icon_red_error-CSX50a7cb02.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "313-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F6FC)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vBZjXbFeQ2tlLoUTAQhAAAAeM
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 787
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
192.229.133.92200 OK 343 B URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
IP 192.229.133.92:0
File type PNG image data, 12 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash c577e2bea8cf9b70cc39827debe61198
0b78f70baeed5b061f0d08127d262368da3e62a1
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "157-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F716)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vBZutjw5bRpHl5lNHkBQAAAes
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 343
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg
192.229.133.92200 OK 1.6 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg
IP 192.229.133.92:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8fca89216999aaa83cd49cdd64718983
e5ca753509b6419158235c1d4ead6308f5fd2cfe
bb46da660fc18bdd67ba4672ea42c7cd10de00f1a4161e5a5d2f0b61563f201c
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/svg+xml
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "dc7-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F710)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vBZs-_c3AtHX-bP2DQcQAAAcA
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 1603
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png
192.229.133.92200 OK 7.0 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png
IP 192.229.133.92:0
File type PNG image data, 520 x 250, 8-bit colormap, non-interlaced\012- data
Hash aa61e93047bdf720eed1287976acee97
0fc3251f1c4687afcd227294eb99a73fa63a6d33
36936c7545dae08fd958b2d652f646e772a2554f52a26c49b34d05a7372309af
GET /sparta/auth/enroll/spa-assets/images/assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 10671852
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "1b6a-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F70C)
strict-transport-security: max-age=31536000
x-boa-requestid: YzyCsqoAwF8XqV5McOaDswAAAY4
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 7018
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-Xmark@2x-gray-CSX98b2f672.png
192.229.133.92200 OK 2.9 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-Xmark@2x-gray-CSX98b2f672.png
IP 192.229.133.92:0
File type PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash 0faa8ed463bd9a78b0f12188a85d6cfb
4b7fbddf4e2660f2724433eff4b6e02111b72d3b
164d28ad78b8fe33d8e42864920d7647cc505b93b3fd266f0d66e63c566e0ef6
GET /sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-Xmark@2x-gray-CSX98b2f672.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 233250
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "b83-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F70D)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vKfMliA62Ned2Z2HHLawAAAno
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 2947
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv2@2x-CSX5f638a68.png
192.229.133.92200 OK 63 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv2@2x-CSX5f638a68.png
IP 192.229.133.92:0
File type PNG image data, 276 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 845c2498d59a4f506997d6cc301ba233
7de183fac581e1449a49483a242f21ba197c1aab
f970c0e040cdc56f52d1d1b89b2357ec587ee5a0a7d1e00f7354ae65e074b4dc
GET /sparta/auth/enroll/spa-assets/images/assets-images-site-login-common-com_cvv2@2x-CSX5f638a68.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235576
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "f6c3-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F710)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vBZkOeUy8cU6yKl77M-QAAAVI
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 63171
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/platform/babel-polyfill.js
192.229.133.92200 OK 33 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/platform/babel-polyfill.js
IP 192.229.133.92:0
File type Unicode text, UTF-8 text, with very long lines (32008), with LF, NEL line terminators
Hash 9354854b95b6ca0d3f43be46511c2abf
4baca29a6ddf56d0d6f03280419c59293a31940a
49875c9b95c9af0a972df0cedc11061f5c68aeab55c689ac99ba4eeb1c3a4f6a
GET /sparta/auth/enroll/spa-assets/components/utilities/platform/babel-polyfill.js HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 235578
cache-control: max-age=31536000, public
content-type: application/x-javascript
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "17e38-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F70E)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vBZJ5MH1Fjjzm-L65I_AAAAlU
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 32867
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1378
Cache-Control: max-age=134629
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:24:14 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 20:48:03 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
sofa.bankofamerica.com/cookie-id.js?fn=saveCMCookieToDDO
54.144.151.173200 OK 65 B URL HTTP/1.1 sofa.bankofamerica.com/cookie-id.js?fn=saveCMCookieToDDO
IP 54.144.151.173:0
File type ASCII text, with no line terminators
Hash d2673e00a77d014384b757ea9778795a
e969e2f948253544a72f74de9e0cab193415594a
51f380e4abbdf4b680c54f673835d4dd976e5355955a71f3b12191dbff588a82
GET /cookie-id.js?fn=saveCMCookieToDDO HTTP/1.1
Host: sofa.bankofamerica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:24:14 GMT
Server: Apache
Vary: Host
Content-Length: 65
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Connection: close
Content-Type: application/x-javascript
tags.tiqcdn.com/utag/bofa/main/prod/utag.js
2.18.173.203200 OK 70 kB URL HTTP/1.1 tags.tiqcdn.com/utag/bofa/main/prod/utag.js
IP 2.18.173.203:0
File type ASCII text, with very long lines (364)
Hash 6ecca511ca2638a807d0eb1b093ec59e
025af3a8ab9d097eb01b57f5393e7d435bb13d6b
351af340351e812bde9781130b4067da1b66031c80878e2722a9214c1d4354f4
GET /utag/bofa/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "06f278fcd83e39ddb6310d252454e496:1670628831.947296"
Last-Modified: Fri, 09 Dec 2022 23:33:51 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=300
Expires: Sun, 05 Feb 2023 07:29:14 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js
104.17.25.14200 OK 2.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js
IP 104.17.25.14:0
Hash 25ba6cf71f56fb6f70738a4a73257a10
95b2f9d962ad149cb94f336a69c2627e94f1eb43
907bed0c556e0dd60a67eca19c4d684445a4e3d45af5e78a1320fa35777894da
GET /ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:24:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 2306
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-284d"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 896795
expires: Fri, 26 Jan 2024 07:24:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zDJJJgN2samcC%2FR2VsSyateYMbqXoVFfNMA%2BZsMMzqnAJtqb40eacGx59V8mHBz1B1TaIlABD%2FLNk217G750vkDZ7vjE11ZuJ6s9JTuz61kQIK10jgtTf1TfRBnZJ8DbiEpRbTU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7949e7bfc986b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg
192.229.133.92200 OK 257 B URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg
IP 192.229.133.92:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (353), with no line terminators
Hash f7b7b471074c1b70613c4e7372a54d11
33b0c1c900471bb51eb17250a44f5af9e0c410b0
5b5b1d5852445084f5061b607d21702ddfcc1b67eec76aa6cd610c42b1a9cc85
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 233250
cache-control: max-age=26920000, public
content-type: image/svg+xml
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "161-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F71C)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vKfPCmLp6WF5LFCg2yDAAAAg8
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 257
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1256cc58b44c815cbbc8d6a8120f5deb
9171ab1b0bd3f9953609e1adfde02b8152dcee71
36f9e66b1ddda859eb5597ecebd3beefa804a26c3f7255ab6d08fa58cfb4967a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36F9E66B1DDDA859EB5597ECEBD3BEEFA804A26C3F7255AB6D08FA58CFB4967A"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3215
Expires: Sun, 05 Feb 2023 08:17:49 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1256cc58b44c815cbbc8d6a8120f5deb
9171ab1b0bd3f9953609e1adfde02b8152dcee71
36f9e66b1ddda859eb5597ecebd3beefa804a26c3f7255ab6d08fa58cfb4967a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36F9E66B1DDDA859EB5597ECEBD3BEEFA804A26C3F7255AB6D08FA58CFB4967A"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3253
Expires: Sun, 05 Feb 2023 08:18:27 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg
192.229.133.92200 OK 1.2 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg
IP 192.229.133.92:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1709)
Hash cf9353dda4f03236b0404e784729d26c
1860bf478017fad5598ef39c8a69df789679b2d0
39c4b155e3d3ff2ca548cf534afa641b3d961868cf96ab03ad3e9a11d3cadc43
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 233250
cache-control: max-age=26920000, public
content-type: image/svg+xml
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "84c-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F706)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vKfJb4529BW6jQWYkjFAAAAj0
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 1201
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1256cc58b44c815cbbc8d6a8120f5deb
9171ab1b0bd3f9953609e1adfde02b8152dcee71
36f9e66b1ddda859eb5597ecebd3beefa804a26c3f7255ab6d08fa58cfb4967a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36F9E66B1DDDA859EB5597ECEBD3BEEFA804A26C3F7255AB6D08FA58CFB4967A"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3309
Expires: Sun, 05 Feb 2023 08:19:23 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 07:07:20 GMT
age: 1014
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff2
192.229.133.92200 OK 12 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff2
IP 192.229.133.92:0
File type Web Open Font Format (Version 2), TrueType, length 11608, version 1.197\012- data
Hash 46b5329e8e4e5925129ab2c36b336d0f
63cd5fbcbe5331e7d8059a4caee8d2510f834d68
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff2 HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 234255
cache-control: max-age=31536000, public
content-type: application/font-woff2
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "2d58-5991547a657c0"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Sat, 07 Dec 2019 04:05:59 GMT
server: ECS (ska/F70F)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vGj6DjTjahpHocWZbYDgAAAjg
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 11608
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.woff2
192.229.133.92200 OK 12 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.woff2
IP 192.229.133.92:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.197\012- data
Hash 79e7bc718644146e98b5d55f19c8ed4a
9d0c5c674b242443a055a654e1ef0fa0e31642e2
d48faa13adcd567a29299db487912dd91fd45f777cadf153520f52023b58cee7
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.woff2 HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 234255
cache-control: max-age=31536000, public
content-type: application/font-woff2
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "2e18-5991547789100"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Sat, 07 Dec 2019 04:05:56 GMT
server: ECS (ska/F715)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vGj4NZKvSSzeIl91v9zwAAAj0
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 11800
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff2
192.229.133.92200 OK 12 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff2
IP 192.229.133.92:0
File type Web Open Font Format (Version 2), TrueType, length 11984, version 1.197\012- data
Hash 50d39f33c7179280df5acb6a5bb2716b
eb19d2940c727bb4e7f66e1e5c89ecff30725875
a431986817e5d309cdd61c623a5259d6ea5840375876ffb41f5a2cab65ddd2e3
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff2 HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 234255
cache-control: max-age=31536000, public
content-type: application/font-woff2
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "2ed0-5991547971580"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Sat, 07 Dec 2019 04:05:58 GMT
server: ECS (ska/F717)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vGj7fomlriXoS-EcyyYwAAAXw
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 11984
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 1256cc58b44c815cbbc8d6a8120f5deb
9171ab1b0bd3f9953609e1adfde02b8152dcee71
36f9e66b1ddda859eb5597ecebd3beefa804a26c3f7255ab6d08fa58cfb4967a
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "36F9E66B1DDDA859EB5597ECEBD3BEEFA804A26C3F7255AB6D08FA58CFB4967A"
Last-Modified: Sat, 04 Feb 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3231
Expires: Sun, 05 Feb 2023 08:18:05 GMT
Date: Sun, 05 Feb 2023 07:24:14 GMT
Connection: keep-alive
public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=nm0o770yj1c&version=20180716
104.110.2.75200 OK 12 kB URL HTTP/2 public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=nm0o770yj1c&version=20180716
IP 104.110.2.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (43766)
Hash 9466edea5b690a8dcc94a8aee5255448
8200790330fb146fdc254fb694871e0e9d73e974
f59a6c07012c632c6d0014640439abdd1e0de1f6b4cb557c43531c43af88d24c
GET /rely/storage/ll_storage_html5.html?context=nm0o770yj1c&version=20180716 HTTP/1.1
Host: public.cobrowse.oraclecloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "b7b7e70ac037b592aef8c274d8e66a71:1634875896.03281"
last-modified: Thu, 21 Oct 2021 23:11:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 05 Feb 2023 07:24:14 GMT
content-length: 11698
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff
192.229.133.92200 OK 16 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff
IP 192.229.133.92:0
File type Web Open Font Format, TrueType, length 15648, version 1.0\012- data
Hash db12fee09df2fe82185361bef82283f7
9634aa7fe9c8a30bb8e6cfd8274841376e21d5bb
6b0a734c5d1f0eb6a65da6e72b8cb2b57f4df5f3fb24cd2fd39bd34aa8284478
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 234254
cache-control: max-age=31536000, public
content-type: application/font-woff
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "3d20-5991547a657c0"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Sat, 07 Dec 2019 04:05:59 GMT
server: ECS (ska/F706)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vGkdXruvt8DwzSjXeROwAAAg0
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 15648
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.woff
192.229.133.92200 OK 16 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.woff
IP 192.229.133.92:0
File type Web Open Font Format, TrueType, length 15920, version 1.0\012- data
Hash e5c808f05ff56b6ad54c51b2f3dc308a
b0e61bf5f1eb0aa2ee19be3645edabd0d68cdc9f
d91d3ce91a4e63475ad24023d5697eb570499ff65bd342768b4b3077f7e517c1
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.woff HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 234254
cache-control: max-age=31536000, public
content-type: application/font-woff
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "3e30-5991547789100"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Sat, 07 Dec 2019 04:05:56 GMT
server: ECS (ska/F705)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vGketjw5bRpHl5lNHkHAAAAYQ
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 15920
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff
192.229.133.92200 OK 16 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff
IP 192.229.133.92:0
File type Web Open Font Format, TrueType, length 15992, version 1.0\012- data
Hash 128668a075c4f264d2e981b8b209b3d9
66e16397d123a07d1f9b3cc5fc816b0f86d0e4f5
66012a69bf24d036818928db1858817600cd028616d8adddc7f3de5936453fec
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 234254
cache-control: max-age=31536000, public
content-type: application/font-woff
date: Sun, 05 Feb 2023 07:24:14 GMT
etag: "3e78-5991547971580"
expires: Mon, 05 Feb 2024 07:24:14 GMT
last-modified: Sat, 07 Dec 2019 04:05:58 GMT
server: ECS (ska/F70F)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vGkJvMBeZD9T73lNvENgAAAis
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 15992
X-Firefox-Spdy: h2
acount-management-and-update-of-security.com/images/cont.png
192.185.46.63200 OK 1.2 kB URL HTTP/1.1 acount-management-and-update-of-security.com/images/cont.png
IP 192.185.46.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 76b3be12495c3bfbff557f9c4e8f5ef5
675584d83f43110af13ba60936073ddb435927bc
f7dfb7dcebfc42b969f996d08b96b8fc531ef67cf990669de50f8d10f6cf6c30
Analyzer Verdict Alert openphish Bank of America
GET /images/cont.png HTTP/1.1
Host: acount-management-and-update-of-security.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/step5.htm
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:24:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 22 Mar 2020 01:01:36 GMT
Accept-Ranges: bytes
Content-Length: 1179
Keep-Alive: timeout=5, max=75
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a8f191b6804fc7779af2631165a23cb
d64c7ccd78c831820e1fbe0f96f012bd8a1ea7f8
3d1128de7ff22ad54dc569850cff7895140ead9c34009a0be3a7872694f03869
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: max-age=86485
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:24:15 GMT
Etag: "63ddf5ff-1d7"
Expires: Mon, 06 Feb 2023 07:25:40 GMT
Last-Modified: Sat, 04 Feb 2023 06:06:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1379
Cache-Control: max-age=134629
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 07:24:15 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 20:48:04 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.ttf
192.229.133.92200 OK 16 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.ttf
IP 192.229.133.92:0
File type TrueType Font data, 17 tables, 1st "FFTM", 19 names, Microsoft, language 0x409, Copyright (c) 2013 Parachute\256. Exclusively designed for the Bank of America. All rights reser\012- data
Hash 1d946121f832012245ac3e6d5db32a20
618ad569442fdfb88dd3e7889995167ae57e305a
566ce6dcb452ef59f616479b89df958f60c208e8d8fcb9502fdd7b7b9d13a6b0
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.ttf HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 234253
cache-control: max-age=31536000, public
content-type: application/font-sfnt
date: Sun, 05 Feb 2023 07:24:15 GMT
etag: "70ac-5991547a657c0"
expires: Mon, 05 Feb 2024 07:24:15 GMT
last-modified: Sat, 07 Dec 2019 04:05:59 GMT
server: ECS (ska/F70F)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vGktXruvt8DwzSjXeRPAAAAgw
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 15479
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.ttf
192.229.133.92200 OK 16 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.ttf
IP 192.229.133.92:0
File type TrueType Font data, 17 tables, 1st "FFTM", 19 names, Microsoft, language 0x409, Copyright (c) 2013 Parachute\256. Exclusively designed for the Bank of America. All rights reser\012- data
Hash 0dc02956bdbb283ad3e4458415cdcf68
b9764655cdd73c70b2059201e1cfcfa2e3096541
bd97fc4e8fd50f25e67e928b0a86a91e4d5db3c393b746d536fd0ea7687b9e5f
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-bold/cnx-bold.ttf HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 234253
cache-control: max-age=31536000, public
content-type: application/font-sfnt
date: Sun, 05 Feb 2023 07:24:15 GMT
etag: "72c0-5991547789100"
expires: Mon, 05 Feb 2024 07:24:15 GMT
last-modified: Sat, 07 Dec 2019 04:05:56 GMT
server: ECS (ska/F705)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vGko51glyofSsPSkGkDgAAAbE
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 15737
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.ttf
192.229.133.92200 OK 16 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.ttf
IP 192.229.133.92:0
File type TrueType Font data, 17 tables, 1st "FFTM", 17 names, Microsoft, language 0x409, Copyright (c) 2013 Parachute\256. Exclusively designed for the Bank of America. All rights reser\012- data
Hash 150378dcf7fda416b461bdf93d27720a
e5024f2fc8b091c7eb8d2eedae55bdc761e703ab
7181c5de10a1a490600afe7bc3ea0a64dce35f34a6568681692c183e7b8c6654
GET /sparta/auth/enroll/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.ttf HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 234253
cache-control: max-age=31536000, public
content-type: application/font-sfnt
date: Sun, 05 Feb 2023 07:24:15 GMT
etag: "7110-5991547971580"
expires: Mon, 05 Feb 2024 07:24:15 GMT
last-modified: Sat, 07 Dec 2019 04:05:58 GMT
server: ECS (ska/F713)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-boa-requestid: Y9vGkgg3W7ru3K67NdYPJQAAARc
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 15833
X-Firefox-Spdy: h2
aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTUlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MzklMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTY1NTQwNyU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=y_nblagxgwfsmdtv&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
44.194.85.55200 OK 0 B URL HTTP/2 aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTUlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MzklMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTY1NTQwNyU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=y_nblagxgwfsmdtv&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
IP 44.194.85.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTUlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MzklMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTY1NTQwNyU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=y_nblagxgwfsmdtv&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F HTTP/1.1
Host: aero.bankofamerica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:24:15 GMT
content-type: text/html
content-length: 0
server: haile
set-cookie: LSESSIONID=deleted;domain=.bankofamerica.com;path=/;expires=Thu, 01 Jan 1970 00:00:01 GMT;
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Firefox-Spdy: h2
aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MTclMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTY2MDI4NSU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=zsgobwxvdfqlsprr&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
44.194.85.55200 OK 0 B URL HTTP/2 aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MTclMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTY2MDI4NSU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=zsgobwxvdfqlsprr&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
IP 44.194.85.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MTclMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTY2MDI4NSU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=zsgobwxvdfqlsprr&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F HTTP/1.1
Host: aero.bankofamerica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:24:15 GMT
content-type: text/html
content-length: 0
server: haile
set-cookie: LSESSIONID=deleted;domain=.bankofamerica.com;path=/;expires=Thu, 01 Jan 1970 00:00:01 GMT;
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_orgid=A9893BC75245B1D70A490D4D@AdobeOrg&d_ver=2
52.211.241.210200 OK 104 B URL HTTP/1.1 dpm.demdex.net/id?d_orgid=A9893BC75245B1D70A490D4D@AdobeOrg&d_ver=2
IP 52.211.241.210:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90a8ce4aa172e4b63430c93639257805
d30e7b2034df83180b28f024556a5534dce531c3
093ac6be731cba244fff837ea4fa57ab36e1fde5a5a53d9b36a467184eae87f5
GET /id?d_orgid=A9893BC75245B1D70A490D4D@AdobeOrg&d_ver=2 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://acount-management-and-update-of-security.com
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://acount-management-and-update-of-security.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0492369ce.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 198
X-TID: uC9urcMuRmI=
Content-Length: 104
Connection: keep-alive
aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MjIlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTU5MzAyJTdEJTdEJTVE&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=d_kpmgkvycaobzog&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
44.194.85.55200 OK 0 B URL HTTP/2 aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MjIlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTU5MzAyJTdEJTdEJTVE&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=d_kpmgkvycaobzog&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
IP 44.194.85.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MjIlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTU5MzAyJTdEJTdEJTVE&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=d_kpmgkvycaobzog&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F HTTP/1.1
Host: aero.bankofamerica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:24:15 GMT
content-type: text/html
content-length: 0
server: haile
set-cookie: LSESSIONID=deleted;domain=.bankofamerica.com;path=/;expires=Thu, 01 Jan 1970 00:00:01 GMT;
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4831
Expires: Sun, 05 Feb 2023 08:44:46 GMT
Date: Sun, 05 Feb 2023 07:24:15 GMT
Connection: keep-alive
aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTQlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MjklMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTg5MTYxMyU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=rvwlzqntgrpddkfz&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
44.194.85.55200 OK 0 B URL HTTP/2 aero.bankofamerica.com/30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTQlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MjklMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTg5MTYxMyU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=rvwlzqntgrpddkfz&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F
IP 44.194.85.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /30306/C5ib?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZzZWN1cmUuYmFua29mYW1lcmljYS5jb20lMkZhdXRoJTJGZW5yb2xsJTJGZW5yb2xsLWVudHJ5JTJGJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmJhbmtvZmFtZXJpY2EuY29tJTJGJTIyJTJDJTIycGlkJTIyJTNBOTYyNzA3NzgxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTQlMkMlMjJ0cyUyMiUzQTE1ODQ4MDU1MjklMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmNoYW5nZV9kZXRhaWxzJTIyJTdEJTJDJTIycmFuZCUyMiUzQTg5MTYxMyU3RCU3RCU1RA%3D%3D&cid=8&si=0&e=https%3A%2F%2Fsecure.bankofamerica.com&LSESSIONID=jLd1oKQU64Ehdi2GJhwh3jsPov%2BSoX%2FdUki2EXavFtPX08UvNcNz48K7Y3CL1oAPQEqWHKQghBYULlKXeg%3D%3D&t=jsonp&__tp=change_details&c=rvwlzqntgrpddkfz&eu=https%3A%2F%2Fsecure.bankofamerica.com%2Fauth%2Fenroll%2Fenroll-entry%2F HTTP/1.1
Host: aero.bankofamerica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 07:24:15 GMT
content-type: text/html
content-length: 0
server: haile
set-cookie: LSESSIONID=deleted;domain=.bankofamerica.com;path=/;expires=Thu, 01 Jan 1970 00:00:01 GMT;
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-Firefox-Spdy: h2
202.29.22.167/arcmforum/adm/style/submit2.png
202.29.22.167200 OK 658 B URL HTTP/1.1 202.29.22.167/arcmforum/adm/style/submit2.png
IP 202.29.22.167:0
ASN #132879 Rajabhat Mahasarakham University
File type PNG image data, 282 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 3796e45e038fbc2fa3df8314c7f4fb5f
de899f9391f078343b7ddfd7f9aec6f2c97fa15f
d7550418dacf37a73a469fde15c7f42ab5a497040ea5900221ec77d7ce726dbd
Analyzer Verdict Alert quad9 Sinkholed
GET /arcmforum/adm/style/submit2.png HTTP/1.1
Host: 202.29.22.167
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 07:24:42 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 09 Dec 2019 05:06:52 GMT
ETag: "292-5993e5d1f0c19"
Accept-Ranges: bytes
Content-Length: 658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
tags.tiqcdn.com/dle/bofa/main/prod-_-osp-tool-multi-get-started.js
2.18.173.203200 OK 406 B URL HTTP/1.1 tags.tiqcdn.com/dle/bofa/main/prod-_-osp-tool-multi-get-started.js
IP 2.18.173.203:0
Hash 804fe5dfcebbc5213200f486e7b2a8d0
4c74ff812d297dc6343fd1e868b3dee0bb275cac
3eaf3b67983204de43ec09b71d06211bf1e4a7b0a15003cfa660b2ed365fbf15
GET /dle/bofa/main/prod-_-osp-tool-multi-get-started.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
HTTP/1.1 200 OK
x-amz-id-2: A9Vo/fub4WfjfWru5KRhDMVCXMBfOEsGf+mfDPPikclZTHT0is4ypd80jnNenKR5bIDtHGqOLLs=
x-amz-request-id: DSGB4S1M65WXHFC4
Last-Modified: Thu, 15 Dec 2022 18:35:52 GMT
ETag: "646f0064c8a5c0307b92bf5b75301860"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 406
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 08:24:15 GMT
Date: Sun, 05 Feb 2023 07:24:15 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.3.63101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.3.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q6c7pKDYKVIpADamHU2rCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6KNKAkAw012e3Kw2WGH5q1MalSc=
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-android-chrome-192x192-CSXafb7d716.png
192.229.133.92200 OK 8.4 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-android-chrome-192x192-CSXafb7d716.png
IP 192.229.133.92:0
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced\012- data
Hash 67af3bbd46f9947739538d49395d573d
03a34b0aa432274f88862b27ab109f8e26311e72
b47bfe9d7333188f5b2f8690785ccd966d882c2364a5e4e5ae293e02554ad8d8
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-android-chrome-192x192-CSXafb7d716.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235395
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:15 GMT
etag: "20a2-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:15 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F70B)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vCHVFJwzUP7p98mvcw4wAAAMM
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 8354
X-Firefox-Spdy: h2
secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-favicon-16x16-CSXaaa5ca4e.png
192.229.133.92200 OK 15 kB URL HTTP/2 secure2.bac-assets.com/sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-favicon-16x16-CSXaaa5ca4e.png
IP 192.229.133.92:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash cb64c30b1249dbac9691a3a2cc418631
2c36d5247a84049dea63ced5ad35666d6589413e
9a092ddd265dc1651c83cdbd0e7d5d523dc51c3cacfc9b4ec98a6ddb58ee364e
GET /sparta/auth/enroll/spa-assets/images/assets-images-global-favicon-favicon-16x16-CSXaaa5ca4e.png HTTP/1.1
Host: secure2.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://acount-management-and-update-of-security.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 235395
cache-control: max-age=26920000, public
content-type: image/png
date: Sun, 05 Feb 2023 07:24:15 GMT
etag: "39d3-58bc25f0a9a80"
expires: Mon, 05 Feb 2024 07:24:15 GMT
last-modified: Thu, 20 Jun 2019 14:43:38 GMT
server: ECS (ska/F70D)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9vCHRqC3x8L4t0nVIm9mwAAAmM
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 14803
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Sun, 05 Feb 2023 08:06:34 GMT
Date: Sun, 05 Feb 2023 07:24:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Sun, 05 Feb 2023 08:06:34 GMT
Date: Sun, 05 Feb 2023 07:24:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Sun, 05 Feb 2023 08:06:34 GMT
Date: Sun, 05 Feb 2023 07:24:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 71629
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WVfpilnwhnRXBhJkHBWjxxoP09f7SqlRk8CdWRWOubIIwe0CX89bUA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 33258
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:30:27 GMT
age: 71629
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 34850
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 34370
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e0c38abfcd86f8074d4182d49fc354f
1367bebb73fa652695242100b26c394f1bfe4457
e42d110060133ac05e6cdfafa6473c55473220fdc7eaf03e3a89f58aa3603670
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11056
x-amzn-requestid: 4acc3364-4a33-4934-bdcb-41284d952113
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPFrwEW4IAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8317-33872f461a2faab552322837;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4xmWa9XVzQ3xzjzIZyrdv3GpFSaTcoacse6b0lgGch2IMvV69AZ57w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:45:28 GMT
age: 34728
etag: "1367bebb73fa652695242100b26c394f1bfe4457"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2