{"report_id":"103d4042-5df4-486b-a37a-c6bd79df91dc","version":6,"status":"done","tags":[],"date":"2025-10-02T17:09:00Z","url":{"schema":"http","addr":"login.northlane.com/","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"login.mypaymentvault.com/","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"title":"MyPaymentVault"},"submit":{"url":{"schema":"http","addr":"login.northlane.com/","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-06T17:09:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"login.mypaymentvault.com","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-09-16","domain_rank":268711,"first_seen":"2023-08-28T20:36:52Z","last_seen":"2025-09-30T15:05:33.063136Z","alert_count":0,"request_count":18,"received_data":4563437,"sent_data":12293,"comment":"","tags":null,"fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"logs.mypaymentvault.com","ip":{"addr":"52.230.151.60","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-09-16","domain_rank":2765601,"first_seen":"2024-11-30T19:51:07.730787Z","last_seen":"2025-09-30T15:05:33.036813Z","alert_count":0,"request_count":1,"received_data":169,"sent_data":647,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"external.onbe.io","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2021-03-09","domain_rank":2964736,"first_seen":"2022-12-20T18:35:11Z","last_seen":"2025-09-30T15:05:33.509323Z","alert_count":0,"request_count":2,"received_data":61271,"sent_data":1109,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-28T22:11:46.369912Z","alert_count":0,"request_count":2,"received_data":32564,"sent_data":1054,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-09-28T22:11:46.355495Z","alert_count":0,"request_count":3,"received_data":80063,"sent_data":1816,"comment":"","tags":null,"fingerprints":null},{"fqdn":"1.b406929acabac9b095f124c81bdfcf57f.com","ip":{"addr":"13.33.235.97","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2019-03-20","domain_rank":166079,"first_seen":"2020-11-23T09:04:27Z","last_seen":"2025-09-30T13:09:46.494839Z","alert_count":0,"request_count":1,"received_data":701,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","ip":{"addr":"13.33.235.60","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2019-03-20","domain_rank":165871,"first_seen":"2020-11-23T09:04:27Z","last_seen":"2025-09-30T13:09:46.806455Z","alert_count":0,"request_count":1,"received_data":701,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"login.northlane.com","ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2001-09-14","domain_rank":2439389,"first_seen":"2022-06-10T01:48:39Z","last_seen":"2025-09-07T05:03:02.339981Z","alert_count":0,"request_count":7,"received_data":106623,"sent_data":3127,"comment":"","tags":null,"fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-09-28T22:11:46.419999Z","alert_count":0,"request_count":5,"received_data":2550092,"sent_data":2381,"comment":"","tags":null,"fingerprints":null},{"fqdn":"wups.mypaymentvault.com","ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2022-09-16","domain_rank":2067313,"first_seen":"2024-11-30T19:51:07.732582Z","last_seen":"2025-09-30T15:05:32.928817Z","alert_count":0,"request_count":4,"received_data":3971,"sent_data":2026,"comment":"","tags":null,"fingerprints":null},{"fqdn":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com","ip":{"addr":"13.33.235.113","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2019-03-20","domain_rank":166102,"first_seen":"2020-11-23T09:04:27Z","last_seen":"2025-09-30T13:09:47.230575Z","alert_count":0,"request_count":1,"received_data":701,"sent_data":535,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ae5d8819c18f8a65f1afc42e5a42c40d","sha1":"88e32a771977846c85cf49a35606287d41a8da77","sha256":"a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a","sha512":"63e0c5d288ab37767ffdc941c18b4021d844185c4cb32e57fa39b1b7d1243b36e37e835140e8f793ea0fe8f71d290f27a5c2d1584b10db1781eac661afc60581","ssdeep":"96:CkOdsTdPDdAoEfM87nL86ZsRXXe3EHcjplEnTheVmHIS7J:CkOdsTdJxEU+LTKRXOyqEeVbS7J","tlshash":"01f1201f6884243851b3f379ee6fa904f231163b0156a48a7d2dc5a2af3591ba771fcc","size":7740,"data":"","first_seen":"2025-06-27T23:44:17.978807Z","last_seen":"2026-04-02T15:02:41.261108Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/google.integration.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"517dfc28767a0ac9733f943bfe17a611","sha1":"dd8b9d3a2e94ac1bdcc964cae72bbaa89a7173a2","sha256":"e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7","sha512":"d361c995aa2da63d471e9ef0d6328cac32aec14706bed1fc74888960564699d9da17dc8321ddf50f723503d16b77c312e59602f21217dae6ee82bb366fb849d9","ssdeep":"192:fqjsaWlGrkTR9lFjjUY6Q1sEZ4SSlqcBJJ7Ku/XI:fEWlV3YQglqSlKuA","tlshash":"2102928db6e2f06153b7a5a7812f500fb33d6969906c9058f245c8f17db44ae4227fbc","size":8685,"data":"","first_seen":"2025-06-27T23:44:17.974857Z","last_seen":"2026-04-02T15:02:41.292948Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea6a4dbf7f9ec90349d007ce4e4f9a1b","sha1":"7d112aa33ea4dbef2f04d6ebe45753f7b5743d41","sha256":"37ccef9acf52ce8c90014063e05c7de3ee70d532588394ce896b3f3818d40bc6","sha512":"ced7a98183332fb769fc58757845728b14350921700aa22c91624383f481f5e3b3964c75c75578397e5e45eb4cbd921133497dd12b26ad8f33a4bcef8b8830c3","ssdeep":"384:08YpuiXL8lGyqY6Nso6zpDazqhMpILc6i:0RusLPFao6zpoqCeLQ","tlshash":"83c2d78c694612551c73b77a672b607af7be4b63222c4501b8fc97805f75c10c2e6fea","size":27863,"data":"","first_seen":"2025-06-27T23:44:17.977791Z","last_seen":"2026-04-02T15:02:41.291427Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html","fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","domain":"c81358859121583b7adf2ace89cb39f44.com","tld":"com"},"ip":{"addr":"13.33.235.60","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2e4d7d52e5909922bf021f1cc09b8932","sha1":"dc20df92c388423464243e53c7a378f0016effc9","sha256":"0242c236e7c83d9c9d5281fc2614b82c4bf516e7e2552c4e042ecbf9fcf45027","sha512":"3688150585a105000ce97509bdc6f57458ba180e835e6312a1fc386da30e41738b9ab08c87d90dabb5a2508d806346fd2b91373dff46fe215f54a9700685e7e3","ssdeep":"","tlshash":"dfb012c09c7480cb242120370855c0d010339e3b2b805116724095390511024031d2e0","size":87,"data":"","first_seen":"2025-03-14T16:11:06.601637Z","last_seen":"2026-04-19T19:15:46.35633Z","times_seen":173,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js","fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","domain":"c81358859121583b7adf2ace89cb39f44.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ee48a4da9c402e8a23ad085fb71f28f","sha1":"f0c59306d6313f9bee02b53ca8903991bd24bfd7","sha256":"9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622","sha512":"2c25a0ba0b95622da682d5f1d238c77a3858d621655ecf352bd49be5fa7d92c6417410accf16f50e039fe1c2863c575fa725c23a6f3587ac95a061e53b90e6d3","ssdeep":"","tlshash":"8c613fc432d0fc9622e671e4200b3525f03bc86a246e74c1f6358cd5ade448d93b6fb6","size":3227,"data":"","first_seen":"2023-03-07T12:09:16Z","last_seen":"2026-04-19T19:15:46.356855Z","times_seen":373,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"375f0b69a4e4dbd746c05efdedec01d7","sha1":"356f0097b89796fcfee31c0005b8118608a56d0f","sha256":"9c240632dc629fdb2f175190c4f1ea4f30f9e3f979cde1c71610653a66779934","sha512":"d9e9f7eb3430d6bce037064abc560aa726da68b92b5640bbfca0bbaed1367fb0957f0ee95a4fadb3c4bc3e8cf925d30702a7bfbaba5111b031c616823ab0fddf","ssdeep":"","tlshash":"0811efcbb3601408b96b302ffc5a3358113610779c4eac19b598846d2c76d3e8a0fdcd","size":999,"data":"","first_seen":"2025-10-02T17:09:09.45165Z","last_seen":"2026-03-29T13:26:02.37776Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"9e01d14895deb8d754f979c52c3a7e25","sha1":"33e79869d664a9460f8345ccfadfff45604c640a","sha256":"b9263bb8505c7f27e86a530436a541a8e2573fb5928fc527e4430289027cd75c","sha512":"7e23bb3131eb9866c93796a9600415bbf5a8136f75487fcd6d29f574433630472f86c009f0588dda857001b57d991500a876ca07a7b21348e389051e6fe741e4","ssdeep":"","tlshash":"ed70008a2c08200c02223020288f2a080222080080028c00000000802c3002e000380e","size":22,"data":"","first_seen":"2025-09-25T07:14:11.88127Z","last_seen":"2025-10-07T06:04:34.00588Z","times_seen":2805,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"79d46b9e2a42785f28f64082a61eabbf","sha1":"c1b66a198b40bcd1f6cce34704173f997ecd8608","sha256":"6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690","sha512":"820943d8b4d684933ce756b9d59c499147aae8336a811b042d8ee8bf035ecb20be12ff815d0ba4a8676c815b9e6bf2d687591d434bedfbbf07e56dae34f39c49","ssdeep":"12288:iF/YdSVcst0yzYy0Vqqog/cT6eKb54lptHAgR1BoOdy3aWKi:QQozYJog/Y6fV4lbpR1BRdyKK","tlshash":"b70529c870257a624332b5f6707b209da36e5966d45c095d70a6c4f03fb098db0baebf","size":820265,"data":"","first_seen":"2025-10-01T09:12:21.067891Z","last_seen":"2026-04-11T20:17:01.44274Z","times_seen":7911,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/bundle.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"179048763d43d8cc4c0028db808bb3a2","sha1":"d38c3aa44e760baa988fc8f971059b89579d8ba3","sha256":"9f2ecafcc26ebf474c212b7f93bb2caa792fe9521a7fdb1076934ad3dbb1cf65","sha512":"8eb936e72d7708b63450d6864e990d9f799aa036b09824a0f87f321000b8d123f251444144c33a3f1fbd2c5ae3b16c807dd49f372129041f3b540f62f82c7a6f","ssdeep":"49152:l/Ip90MPXPe772bhuuoGG+n5gt1xKvkryM:kt1k+C","tlshash":"49856db476a4b46a467708e5106f040c76396a4f981d80a0f37aecd62cbc54df6b7fac","size":1851081,"data":"","first_seen":"2025-09-30T15:05:38.137637Z","last_seen":"2025-10-02T17:09:09.453642Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"79d46b9e2a42785f28f64082a61eabbf","sha1":"c1b66a198b40bcd1f6cce34704173f997ecd8608","sha256":"6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690","sha512":"820943d8b4d684933ce756b9d59c499147aae8336a811b042d8ee8bf035ecb20be12ff815d0ba4a8676c815b9e6bf2d687591d434bedfbbf07e56dae34f39c49","ssdeep":"12288:iF/YdSVcst0yzYy0Vqqog/cT6eKb54lptHAgR1BoOdy3aWKi:QQozYJog/Y6fV4lbpR1BRdyKK","tlshash":"b70529c870257a624332b5f6707b209da36e5966d45c095d70a6c4f03fb098db0baebf","size":820265,"data":"","first_seen":"2025-10-01T09:12:21.067891Z","last_seen":"2026-04-11T20:17:01.44274Z","times_seen":7911,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"376a5a3bf3a642596b92fb2bbefb2042","sha1":"4dc081b33adf4020d2af75f76ff4dc9716e9aae5","sha256":"73659276ec66ec71919f400787662b838a80204775a284f5d69a6fa606301856","sha512":"ae77dd2314d960412cc538038651fd4e8268878c52c806598eff0c12b7121af1840753327085e4a712f760e1cec5018543389e9353ef5d9f08dff349e4233e28","ssdeep":"","tlshash":"2370000a2c08200c2222302028cf2a08022a0c0000028000000200802c3000a0203c0c","size":22,"data":"","first_seen":"2025-09-25T07:14:11.885669Z","last_seen":"2025-10-07T06:04:33.980769Z","times_seen":2802,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/s2p.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"33bc245c5c4e6f5830f32e09231da0da","sha1":"d6751920d7ee63a2036b5b981a4075cc1851195b","sha256":"2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20","sha512":"d9140df05ed26a144a673e47d0795a452d929584c746db1a54d7934322e56002f99587ffa74620f09672b9949c55cedc57f22a4dd21b040702beb498d48111a8","ssdeep":"3072:MqzK7cIHfts229ga4KOaEiwet/HkllleFLsm:5zicIHftOga4KbEimLleFLsm","tlshash":"17a37cd23f70b5570a3785b170df208bb6f6451bac2a4ca1f020d4859fa6d4e50a7fba","size":101996,"data":"","first_seen":"2025-06-27T23:44:17.984628Z","last_seen":"2026-04-02T15:02:41.286039Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?render=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6454306b094d909eddddb9845297788","sha1":"304824b0e53db74d11a8a06ee2a3b4faf058e5c4","sha256":"80c33b3ad4277cbf7c9a6b9b71581dac286b8de0bea4bc514362519f18192e82","sha512":"d54defd2ca25a1e078bab685747c53bd9013cb5f7b43b9e0bcbb34c2f18b9523a2c78aab6b7057a57f63d7f754cb06116285b27ea6ba698b6de681682dcf1e7f","ssdeep":"","tlshash":"c2111f731a28a0394b320ae1a1ffcbb1e892741cf11889e8a515ebd42e79ddbce05448","size":1051,"data":"","first_seen":"2025-10-02T17:09:09.442004Z","last_seen":"2025-10-02T17:09:09.442004Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-04-20T13:53:47.750167Z","times_seen":404185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"37e1ea9c1bdcee00fa5eeb8c53d1fcd5","sha1":"b752c3f8edcac4a2f81079fe0650cf977c45121c","sha256":"d57744b8a6bc209fb4fba817208cc0348521c28ecbd2f0bd1f8c4685e24b0413","sha512":"407549c0ddfe910aea8c64481d9ce18c09c024cce8b4ee8a7ed24471bf7e661890ed43d42fda501c247e34d7272dbea8f76f3e9ffe20991d06d19ecbc4a0501c","ssdeep":"384:0xmqQZU+tuhf1/o6w13vjr87veLfwucnaepgwjtCheK7z:z++cl1/ol1fjrA6Sae5qh7z","tlshash":"4f82a6da7593f05d53b3a0b144ff110ab2fb2c547a845468f108c6e06f36bca906ef6a","size":18954,"data":"","first_seen":"2025-09-25T07:14:11.888593Z","last_seen":"2025-10-07T06:04:33.974705Z","times_seen":2798,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"89299b03bfa482e4371cec2f26056f74","sha1":"6bb4ae2cedfee45c7fc7b9e83918d73c71294e4b","sha256":"aed4010e01cb9d2c0d61c63605eb92f3aa8a15471706831094948e53346da1d4","sha512":"b70143ec0c4a5820a0e76d360cb9ddc05ad641f93f652c691d4841e1b6927375b868d6a48a474fa7f9c4525e82f78e6db687dd4c06b604f556031677de4bbb19","ssdeep":"1536:pB8xQC7APovAfwJz55eRYwUk091NxNrUPgARVY3MNh+tB1JdvMp/Opmv:YL0o7j9LvUPgARJEtB1DvMpimv","tlshash":"0f63ae35ab0230ffef7ecf80afe6629c527ea18b554219dc22af05c104799d76b5909c","size":67374,"data":"","first_seen":"2025-10-02T17:09:09.456406Z","last_seen":"2025-10-02T17:09:09.456406Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4a43566369b682b5a8fe50c414404ff9","sha1":"b6a486d97f0137d4959a9b3eeac6544a2ba81e56","sha256":"c99a50d35e102b20e7713c37976afc34b94377de7dbfb03fc6bab6134bc033cf","sha512":"b34fb173ae3627eee75ba808cf9fd3f2f6bb70657d2962dfad9ee167e443feb18314d6bf46fb2dd51cc0b72e98062eb242c1b29184bf78f8953b55aa39198904","ssdeep":"","tlshash":"01a0228f3acc800c8233b032ecca2000c03000333000003828c08ac0232c002c2823c3","size":64,"data":"","first_seen":"2025-09-25T07:14:11.877159Z","last_seen":"2025-10-07T06:04:33.999964Z","times_seen":2803,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7a137edc0403b62192cce9dea9a21d0f","sha1":"a6f1a0c2cf9b5836a49b68749531e312e69657bb","sha256":"1f0560a3e5dbf5a19795893679dee5672601a253d7aba7283b919776422cf62f","sha512":"a15cdfb1566b58af0a7f046bbd2d6788e2956b1801d47ee6bb74a7ea88dd5dc4e19fb3ba119ca1a6a87e27548adc3781a2efef7142f39fbfa2776f607b22a5fa","ssdeep":"384:1bmqQZU+tuhf1/o6w13vjr87veLfwucnaepgwjtCheK/L:e++cl1/ol1fjrA6Sae5qh/L","tlshash":"b2b296daf593b05d52b361b140ff110aa2f72d54fa84546cf108c6e06f36bca906ef66","size":25333,"data":"","first_seen":"2025-10-02T17:09:09.458126Z","last_seen":"2025-10-02T17:09:09.458126Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d7945.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"51c1e2b7a1107ce548d964575cbd50eb","sha1":"6bc0c9faa88d2ba500adab735fcc9f67084f14de","sha256":"be7ffc35ca9c7ade4ec05ef4cc2ec41ce7ea95ea5d2a5a3003e53e0a6d3e5e03","sha512":"9a0511558fe21dd96a7b68f1eea7d6b23c1cb00b0bf09f7d3766dcf66f3f06bec15121a7ac6eae2dee7a2079fe4b877013528ee30dba7f488f23fad6932b025b","ssdeep":"24576:I/R8AJN8qUm0rp5Ok/fSCHat3jxpBh6oMj:I/R8AD8qUm0rp5Ok/fSCHat3jxpBh6og","tlshash":"651508987560b87242c7526a113f110bb23869f294ac80d4b235eced6efd8d9536bf3d","size":927335,"data":"","first_seen":"2025-06-27T23:44:17.973841Z","last_seen":"2025-10-30T15:01:45.592729Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html","fqdn":"1.c81358859121583b7adf2ace89cb39f44.com","domain":"c81358859121583b7adf2ace89cb39f44.com","tld":"com"},"ip":{"addr":"13.33.235.60","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:47.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.c81358859121583b7adf2ace89cb39f44.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 06 Apr 2025 00:00:00 GMT","end":"Tue, 07 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9A:52:6D:BC:41:3F:18:96:1D:A3:7C:CB:98:2A:71:2F:68:F5:F8:9D","sha256":"DA:E2:63:98:39:F5:01:E8:F2:73:1A:2A:80:00:FA:95:92:4D:15:03:A7:0B:07:47:50:92:7F:20:07:83:A8:B4"}}},"request":{"raw":"GET /scripts/prod/crossdomain.html HTTP/1.1\r\nHost: 1.c81358859121583b7adf2ace89cb39f44.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 221\r\ndate: Thu, 02 Oct 2025 09:30:09 GMT\r\nlast-modified: Tue, 13 Oct 2020 12:04:25 GMT\r\netag: \"21e34cf6a03f570df49e212018a567d0\"\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 e491995f66315775a90fd3554512b836.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P7\r\nx-amz-cf-id: vPxRm_x-uSpstgQNlr7HVwTbZZpa6206uRjVZyyXvuAeBa7FRAfvlQ==\r\nage: 27519\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"21e34cf6a03f570df49e212018a567d0","sha1":"f0be4058936850ae0163f5137600d14b6632bbb3","sha256":"0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6","sha512":"85f32ea67b64f49cb438a32c9f77d2d746cf67d3387c4c9d5e78ee181b7fb11f444d6dc17dea19a69f8efa5d4d52ac016e6eea78a741a6658cf86c15b7fdace9","ssdeep":"","tlshash":"37d023cd6c71d14b146070551465f0d42073af7a3343c50022c1e0750d107bc8f0f3d4","first_seen":"2023-04-07T05:40:57Z","last_seen":"2026-04-19T19:15:46.280204Z","times_seen":383,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":115,"dns":55,"connect":15,"send":0,"wait":15,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/sw.css","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.northlane.com/","date":"2025-10-02T17:08:38.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET /sw.css HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:38 GMT\r\ncontent-type: text/css\r\ncontent-length: 11951\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 15 Aug 2023 13:07:58 GMT\r\naccept-ranges: bytes\r\netag: \"7e1e6b8379cfd91:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":40919,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (337), with CRLF line terminators","md5":"c7c39cfa2d74ce30600a15425c79c824","sha1":"286f79bc918136b857f31f3eb15acfdbfa2c6b7a","sha256":"b27f1db57227dd67c2b03ddc6898889209789143f13ef6db50fc41e8b8a29667","sha512":"f2843360943edff8438700e36085e39fb15197e539b884209edb5ca195158004555f9806f61ed8d14927214cb7a74c13ae75903d8308492482eb8373394c7e88","ssdeep":"768:IwTT8jXYTLs4omH4DMoBHGNrCXl1lWynrYiEo68uWlJeYOeJ/+:IwTT8jXYa54Nr4nkynMiusIeN+","tlshash":"ac037621e7c1200e716fc3a1ff32a7857a2a4065d24a6bbd79ac3638f55c8b615723cd","first_seen":"2025-09-07T05:03:05.56242Z","last_seen":"2026-03-29T13:26:02.357502Z","times_seen":4,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/google.integration.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/google.integration.min.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:33 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 29fb0330-801e-0009-61be-335718000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvs\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L2_T2\r\nx-cache: TCP_REMOTE_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":8685,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (530), with CRLF line terminators","md5":"517dfc28767a0ac9733f943bfe17a611","sha1":"dd8b9d3a2e94ac1bdcc964cae72bbaa89a7173a2","sha256":"e44729dfb9922a6991b111c10474455c663120c7f1dd0b9f29a45587cb2e4ee7","sha512":"d361c995aa2da63d471e9ef0d6328cac32aec14706bed1fc74888960564699d9da17dc8321ddf50f723503d16b77c312e59602f21217dae6ee82bb366fb849d9","ssdeep":"192:fqjsaWlGrkTR9lFjjUY6Q1sEZ4SSlqcBJJ7Ku/XI:fEWlV3YQglqSlKuA","tlshash":"2102928db6e2f06153b7a5a7812f500fb33d6969906c9058f245c8f17db44ae4227fbc","first_seen":"2025-06-27T23:44:17.974857Z","last_seen":"2026-04-02T15:02:41.292948Z","times_seen":12,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/paymentvault_logo.svg","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/paymentvault_logo.svg HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T13:59:59.325235Z","times_seen":13977692,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:46.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 349597\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 14:02:53 GMT\r\nexpires: Fri, 02 Oct 2026 14:02:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 29 Sep 2025 12:04:53 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 11153\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":820265,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (611)","md5":"79d46b9e2a42785f28f64082a61eabbf","sha1":"c1b66a198b40bcd1f6cce34704173f997ecd8608","sha256":"6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690","sha512":"820943d8b4d684933ce756b9d59c499147aae8336a811b042d8ee8bf035ecb20be12ff815d0ba4a8676c815b9e6bf2d687591d434bedfbbf07e56dae34f39c49","ssdeep":"12288:iF/YdSVcst0yzYy0Vqqog/cT6eKb54lptHAgR1BoOdy3aWKi:QQozYJog/Y6fV4lbpR1BRdyKK","tlshash":"b70529c870257a624332b5f6707b209da36e5966d45c095d70a6c4f03fb098db0baebf","first_seen":"2025-10-01T09:12:21.067891Z","last_seen":"2026-04-11T20:17:01.44274Z","times_seen":7911,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":51,"dns":0,"connect":8,"send":0,"wait":9,"receive":33,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","date":"2025-10-02T17:08:46.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 349597\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 14:02:53 GMT\r\nexpires: Fri, 02 Oct 2026 14:02:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 29 Sep 2025 12:04:53 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 11153\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":820265,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (611)","md5":"79d46b9e2a42785f28f64082a61eabbf","sha1":"c1b66a198b40bcd1f6cce34704173f997ecd8608","sha256":"6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690","sha512":"820943d8b4d684933ce756b9d59c499147aae8336a811b042d8ee8bf035ecb20be12ff815d0ba4a8676c815b9e6bf2d687591d434bedfbbf07e56dae34f39c49","ssdeep":"12288:iF/YdSVcst0yzYy0Vqqog/cT6eKb54lptHAgR1BoOdy3aWKi:QQozYJog/Y6fV4lbpR1BRdyKK","tlshash":"b70529c870257a624332b5f6707b209da36e5966d45c095d70a6c4f03fb098db0baebf","first_seen":"2025-10-01T09:12:21.067891Z","last_seen":"2026-04-11T20:17:01.44274Z","times_seen":7911,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","date":"2025-10-02T17:08:46.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 16:38:22 GMT\r\nexpires: Thu, 09 Oct 2025 16:38:22 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 1824\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-20T13:55:50.122017Z","times_seen":564152,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"logs.mypaymentvault.com/api/v1/sendLogs?cid=osiris\u0026cdsnum=1759424927056-sjn0000187-662d0e77-ecf4-445a-94fd-005003f67939\u0026csid=63350447-ce7a-4971-bde3-77a6bbd39922\u0026ds=js\u0026sdkVer=2.40.1.1968.8d77d8e","fqdn":"logs.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"52.230.151.60","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:49.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /api/v1/sendLogs?cid=osiris\u0026cdsnum=1759424927056-sjn0000187-662d0e77-ecf4-445a-94fd-005003f67939\u0026csid=63350447-ce7a-4971-bde3-77a6bbd39922\u0026ds=js\u0026sdkVer=2.40.1.1968.8d77d8e HTTP/1.1\r\nHost: logs.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1440\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Thu, 02 Oct 2025 17:08:50 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T13:59:59.325235Z","times_seen":13977692,"resource_available":true,"data":null}},"time_used":2175,"timings":{"blocked":1028,"dns":795,"connect":116,"send":0,"wait":119,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag","fqdn":"external.onbe.io","domain":"onbe.io","tld":"io"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:53.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"external.onbe.io","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Sun, 24 Aug 2025 00:00:00 GMT","end":"Tue, 24 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:B5:5F:92:17:14:A5:11:2A:76:36:CC:15:2E:9F:92:F6:AD:4C:3F","sha256":"BD:8D:0A:3A:5D:1B:7E:70:34:32:91:C2:D3:EB:3E:FD:4A:88:00:99:7C:61:63:03:25:28:22:98:8B:F6:20:E4"}}},"request":{"raw":"POST /mypaymentvaultapi/v1/generic/getCopyTag HTTP/1.1\r\nHost: external.onbe.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json;charset=UTF-8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json;charset=UTF-8\r\nx-client-ip: 0.0.0.0\r\nContent-Length: 47\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:53 GMT\r\ncontent-type: application/json;charset=UTF-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nvary: Origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-frame-options: DENY\r\naccess-control-allow-origin: https://login.mypaymentvault.com\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: Transfer-Encoding,Connection,X-Content-Type-Options,X-XSS-Protection,Strict-Transport-Security,X-Frame-Options,Date,traceparent,Vary\r\nrequest-context: appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde\r\nset-cookie: ASLBSA=000362f652bb64c44d9d2af530facadeb0009d1213790b92de39d936a45f9077a2cd; Path=/; Secure; HttpOnly;\nASLBSACORS=000362f652bb64c44d9d2af530facadeb0009d1213790b92de39d936a45f9077a2cd; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170853Z-r1f97b5f7b5wc8qphC1SVG725000000008vg000000003cve\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":59698,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"5714681b402ec3a63133f654fcfbda33","sha1":"fb337cec0204cebebb33294149f44f37754a582e","sha256":"90c3a16e378d23b8e749914853c49d6bd458129c6c49769f238719cc92f3d93e","sha512":"d3c4f3a45c18d4414467a3b2841697ab7ed8d34ceed47d7b75bf7f9cff4ec6d70fe97f4410d61cf38decfd704a7f910d2fa28394c5309fba0b39df51708c1969","ssdeep":"768:K9wL/kHgAT47ZtTmZ2ft53uAn2y+YTd1hZFnNC4Ip3yMThoi6:+GL/5dv+YlMvgMT8","tlshash":"2043f83ee11955f2f7130ac074ca9e2cb654f164eb18474d89ad80ee0bf2ec57e8b256","first_seen":"2025-08-04T06:53:41.199778Z","last_seen":"2025-10-02T17:09:09.425108Z","times_seen":3,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"external.onbe.io/mypaymentvaultapi/v1/generic/getCopyTag","fqdn":"external.onbe.io","domain":"onbe.io","tld":"io"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"external.onbe.io","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Sun, 24 Aug 2025 00:00:00 GMT","end":"Tue, 24 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E7:B5:5F:92:17:14:A5:11:2A:76:36:CC:15:2E:9F:92:F6:AD:4C:3F","sha256":"BD:8D:0A:3A:5D:1B:7E:70:34:32:91:C2:D3:EB:3E:FD:4A:88:00:99:7C:61:63:03:25:28:22:98:8B:F6:20:E4"}}},"request":{"raw":"OPTIONS /mypaymentvaultapi/v1/generic/getCopyTag HTTP/1.1\r\nHost: external.onbe.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-client-ip\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:53 GMT\r\ncontent-length: 0\r\nvary: Origin\r\naccess-control-allow-headers: content-type,x-client-ip\r\naccess-control-allow-origin: https://login.mypaymentvault.com\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 300\r\naccess-control-allow-methods: POST\r\nrequest-context: appId=cid-v1:1ea1b7c6-5b23-47e5-806f-19f70df3efde\r\nx-azure-ref: 20251002T170853Z-r1f97b5f7b5wc8qphC1SVG725000000008vg000000003cub\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T13:59:59.325235Z","times_seen":13977692,"resource_available":true,"data":null}},"time_used":14969,"timings":{"blocked":7151,"dns":6645,"connect":12,"send":0,"wait":666,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/partner.css","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.northlane.com/","date":"2025-10-02T17:08:38.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET /partner.css HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:38 GMT\r\ncontent-type: text/css\r\ncontent-length: 1647\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 17 Aug 2022 11:20:28 GMT\r\naccept-ranges: bytes\r\netag: \"0a68d5a2bb2d81:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":6054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"a5dcb1eaa89c9b88fbfb7e73e1d84d71","sha1":"5d3aeb119c2b69b8eb3c4800aa456ccbc5801f19","sha256":"ac9b22ecdf42ca25fcf73be8d9b67f28ab83e9d07f19e041a870f8b629d35c85","sha512":"2d960b279d48b2922081e74668abb119d2fd55aaac162e7605cafbd207784a273838a5db5fa779f936a1fdd6aa128017b2dac83b497223d161f42589ef002140","ssdeep":"96:mILXyxw/JLypsBuBuNxTa9AsvsEsGsZSVwhrK1M5BSIjLs8YqN0lEASD+MX:mxxwBLk5MNRyCX","tlshash":"dac12164e5c1500ef13bc4a86b71fb44eb6cc88687465b7f7ebdb2b8fb156885831680","first_seen":"2025-09-07T05:03:05.571163Z","last_seen":"2026-03-29T13:26:02.353096Z","times_seen":4,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/favicon.ico","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.northlane.com/","date":"2025-10-02T17:08:39.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:39 GMT\r\ncontent-type: text/html\r\ncontent-length: 1492\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 31 Mar 2024 05:21:45 GMT\r\naccept-ranges: bytes\r\netag: \"807a64522b83da1:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":4124,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"ee1d7b4a6ac3e29125958c97d827b5c4","sha1":"ce8ecd5464f0ffb3b0d9ac070003062a8f9a4f35","sha256":"ee21eeef473152772b087175f36a34ebd113e4ea4d90f510f552c1acb1ffce46","sha512":"662683dee9c0d41753e5c0d2ed4a17476cec522a8d78bc88f5cbbec3a6d5222ff537683cb8a95a1a8f8724a1a8f3634ccf4601e73d63fcdc2cb3eedbbc99c25a","ssdeep":"48:jmMp6n47kSVkXQvNeaJ6bEJXxv5q8Fc4lMMkUrU6EkhJUXOXdVXOXKD/V3yvcqL8:3247kSVkA1FkbP4SYU6UXsdVXsKdcEbF","tlshash":"f881952b340d900ea36f20ddb3b12b2adc36805bd74be2f9f9a51121e9d445d47a97cc","first_seen":"2025-10-02T17:09:09.428154Z","last_seen":"2026-03-29T13:26:02.37235Z","times_seen":3,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/js/d6a9d7945.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/js/d6a9d7945.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 23:32:52 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: ef07f33c-601e-005c-55bb-334793000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvn\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L2_T2\r\nx-cache: TCP_REMOTE_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":927335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63879), with CRLF line terminators","md5":"51c1e2b7a1107ce548d964575cbd50eb","sha1":"6bc0c9faa88d2ba500adab735fcc9f67084f14de","sha256":"be7ffc35ca9c7ade4ec05ef4cc2ec41ce7ea95ea5d2a5a3003e53e0a6d3e5e03","sha512":"9a0511558fe21dd96a7b68f1eea7d6b23c1cb00b0bf09f7d3766dcf66f3f06bec15121a7ac6eae2dee7a2079fe4b877013528ee30dba7f488f23fad6932b025b","ssdeep":"24576:I/R8AJN8qUm0rp5Ok/fSCHat3jxpBh6oMj:I/R8AD8qUm0rp5Ok/fSCHat3jxpBh6og","tlshash":"651508987560b87242c7526a113f110bb23869f294ac80d4b235eced6efd8d9536bf3d","first_seen":"2025-06-27T23:44:17.973841Z","last_seen":"2025-10-30T15:01:45.592729Z","times_seen":8,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/initAddToAppleWallet.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:35 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 3af19307-801e-0019-5cbe-339270000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvq\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L2_T2\r\nx-cache: TCP_REMOTE_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":7740,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"ae5d8819c18f8a65f1afc42e5a42c40d","sha1":"88e32a771977846c85cf49a35606287d41a8da77","sha256":"a7007e8c8fefb6e577d464e7189211646e9f4741b63d5a478e1ca2a5f723f54a","sha512":"63e0c5d288ab37767ffdc941c18b4021d844185c4cb32e57fa39b1b7d1243b36e37e835140e8f793ea0fe8f71d290f27a5c2d1584b10db1781eac661afc60581","ssdeep":"96:CkOdsTdPDdAoEfM87nL86ZsRXXe3EHcjplEnTheVmHIS7J:CkOdsTdJxEU+LTKRXOyqEeVbS7J","tlshash":"01f1201f6884243851b3f379ee6fa904f231163b0156a48a7d2dc5a2af3591ba771fcc","first_seen":"2025-06-27T23:44:17.978807Z","last_seen":"2026-04-02T15:02:41.261108Z","times_seen":12,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/s2p.min.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/s2p.min.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:31 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: a6c26108-401e-0029-14bb-332cbf000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvr\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L2_T2\r\nx-cache: TCP_REMOTE_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":101996,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"33bc245c5c4e6f5830f32e09231da0da","sha1":"d6751920d7ee63a2036b5b981a4075cc1851195b","sha256":"2909792115c79b7612cb4e256830f95418c5717b8abbad0829b7b4b49dd5eb20","sha512":"d9140df05ed26a144a673e47d0795a452d929584c746db1a54d7934322e56002f99587ffa74620f09672b9949c55cedc57f22a4dd21b040702beb498d48111a8","ssdeep":"3072:MqzK7cIHfts229ga4KOaEiwet/HkllleFLsm:5zicIHftOga4KbEimLleFLsm","tlshash":"17a37cd23f70b5570a3785b170df208bb6f6451bac2a4ca1f020d4859fa6d4e50a7fba","first_seen":"2025-06-27T23:44:17.984628Z","last_seen":"2026-04-02T15:02:41.286039Z","times_seen":12,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/icons/inputbox-error.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/icons/inputbox-error.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T13:59:59.325235Z","times_seen":13977692,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","date":"2025-10-02T17:08:46.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15344\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 12:44:57 GMT\r\nexpires: Fri, 02 Oct 2026 12:44:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 15829\r\nlast-modified: Mon, 16 Oct 2017 17:32:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15344, version 1.0","md5":"5d4aeb4e5f5ef754e307d7ffaef688bd","sha1":"06db651cdf354c64a7383ea9c77024ef4fb4cef8","sha256":"3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc","sha512":"7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48","ssdeep":"384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw","tlshash":"5162e16aef76dc7e4f1af1361c01b45404462290ba6155eff00d6e1d4eed1aff461392","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T14:01:13.375495Z","times_seen":538004,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":33,"dns":3,"connect":8,"send":0,"wait":10,"receive":6,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/partner.css","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.northlane.com/","date":"2025-10-02T17:08:38.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET /partner.css HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:38 GMT\r\ncontent-type: text/css\r\ncontent-length: 1647\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 17 Aug 2022 11:20:28 GMT\r\naccept-ranges: bytes\r\netag: \"0a68d5a2bb2d81:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":6054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"a5dcb1eaa89c9b88fbfb7e73e1d84d71","sha1":"5d3aeb119c2b69b8eb3c4800aa456ccbc5801f19","sha256":"ac9b22ecdf42ca25fcf73be8d9b67f28ab83e9d07f19e041a870f8b629d35c85","sha512":"2d960b279d48b2922081e74668abb119d2fd55aaac162e7605cafbd207784a273838a5db5fa779f936a1fdd6aa128017b2dac83b497223d161f42589ef002140","ssdeep":"96:mILXyxw/JLypsBuBuNxTa9AsvsEsGsZSVwhrK1M5BSIjLs8YqN0lEASD+MX:mxxwBLk5MNRyCX","tlshash":"dac12164e5c1500ef13bc4a86b71fb44eb6cc88687465b7f7ebdb2b8fb156885831680","first_seen":"2025-09-07T05:03:05.571163Z","last_seen":"2026-03-29T13:26:02.353096Z","times_seen":4,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/cac94907833ae55f0a4c.otf","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /cac94907833ae55f0a4c.otf HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/styles.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: font/otf\r\ncontent-length: 86528\r\ncache-control: no-store\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fx3\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":86528,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"1f55925e52b9e71fd57108874184060d","sha1":"e8acc9022336f58bb5ee2e2d4d98b51bebf45990","sha256":"f02b5750f291a5bd474f7cdbcb7b3fa79f2016c6af20d661b490b9bf945d41fc","sha512":"9e8625cf49c03508965022ca62577fd7b7a54a6355d6ad4cf5e9d86d42eb505068c268d657993aeff6600d3b0da84e4352cbd3a5a17b5864e8ceeca4063ef25a","ssdeep":"1536:oHYux/E0UqYn9jYOoQf/Z9IlWwLMpQQPNB8wZXdg:QY9FbIAwQQQVGiXdg","tlshash":"23834a78f185e695e5d76e3613b2eb38e133fb6c6b9a46092ef1a74c84448453e38d03","first_seen":"2023-05-02T01:06:50Z","last_seen":"2026-04-19T08:05:08.89641Z","times_seen":231,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":42,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/FaviconOnbeMarkBlack300ppi.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:46.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /FaviconOnbeMarkBlack300ppi.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=2; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\ncontent-type: text/html\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170846Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fy0\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":939,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (939), with no line terminators","md5":"d0565201355753333c0b005801abe584","sha1":"0196f42dc0d4704059d0cbccc068788277a31cf3","sha256":"80881c58b46be63268dc7e710c297f0113135d21674760a2db8b817ee14e42b9","sha512":"02f3ddd998911aff7fba540fb117d41b8bbe58d0783dc39ce65e38e2481f93867a88ec73e3a85f5ac989ee3341b3cfd4905478e24e8a50897bcaeed24c7eeda9","ssdeep":"","tlshash":"76119cd2ec1ac58ca502af76c522f01c966dec4cfa51acd4ade610788ed4fa54da3403","first_seen":"2025-06-27T23:44:17.969124Z","last_seen":"2026-04-02T15:02:41.265721Z","times_seen":11,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-02T17:08:38.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:38 GMT\r\ncontent-type: text/html\r\ncontent-length: 1492\r\ncontent-encoding: gzip\r\nlast-modified: Sun, 31 Mar 2024 05:21:45 GMT\r\naccept-ranges: bytes\r\netag: \"807a64522b83da1:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":4124,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"ee1d7b4a6ac3e29125958c97d827b5c4","sha1":"ce8ecd5464f0ffb3b0d9ac070003062a8f9a4f35","sha256":"ee21eeef473152772b087175f36a34ebd113e4ea4d90f510f552c1acb1ffce46","sha512":"662683dee9c0d41753e5c0d2ed4a17476cec522a8d78bc88f5cbbec3a6d5222ff537683cb8a95a1a8f8724a1a8f3634ccf4601e73d63fcdc2cb3eedbbc99c25a","ssdeep":"48:jmMp6n47kSVkXQvNeaJ6bEJXxv5q8Fc4lMMkUrU6EkhJUXOXdVXOXKD/V3yvcqL8:3247kSVkA1FkbP4SYU6UXsdVXsKdcEbF","tlshash":"f881952b340d900ea36f20ddb3b12b2adc36805bd74be2f9f9a51121e9d445d47a97cc","first_seen":"2025-10-02T17:09:09.428154Z","last_seen":"2026-03-29T13:26:02.37235Z","times_seen":3,"resource_available":true,"data":null}},"time_used":814,"timings":{"blocked":325,"dns":0,"connect":162,"send":0,"wait":164,"receive":0,"ssl":162},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/icons/inputbox-error.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/icons/inputbox-error.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 499\r\nlast-modified: Thu, 25 Sep 2025 20:51:36 GMT\r\netag: 0x8DDFC75518308C6\r\nvary: Origin\r\nx-ms-request-id: b4ab11f8-501e-0057-5cbb-33bcf8000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fx0\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":499,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"3af344cee1c8584049d8a591af117473","sha1":"b0d8c911a350921a8281920912466db56b140908","sha256":"627ebb0812c94e3db367536399589a89ed2ace20c175dd269db2714f7ede0b40","sha512":"38266b96939915faef308aa49761499f514ceeaadf263be1770ce022ee7506bd3b9cd87914d333e9be59ca8ed09f5dc45b2e7fdff896b923de374183f1c23efd","ssdeep":"","tlshash":"7ef054eba7a53cde40e9cae6c0db01f2a4ea5e0d25834b1c3a0134d6366d8086435f27","first_seen":"2024-11-28T04:52:13.496066Z","last_seen":"2026-04-16T00:41:36.404449Z","times_seen":34,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2","date":"2025-10-02T17:08:46.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 349597\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 14:02:53 GMT\r\nexpires: Fri, 02 Oct 2026 14:02:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 29 Sep 2025 12:04:53 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 11153\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":820265,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (611)","md5":"79d46b9e2a42785f28f64082a61eabbf","sha1":"c1b66a198b40bcd1f6cce34704173f997ecd8608","sha256":"6159c42218db471f012088abd52e60fe39e5c1dcf2981ff7d80f38d8bd36a690","sha512":"820943d8b4d684933ce756b9d59c499147aae8336a811b042d8ee8bf035ecb20be12ff815d0ba4a8676c815b9e6bf2d687591d434bedfbbf07e56dae34f39c49","ssdeep":"12288:iF/YdSVcst0yzYy0Vqqog/cT6eKb54lptHAgR1BoOdy3aWKi:QQozYJog/Y6fV4lbpR1BRdyKK","tlshash":"b70529c870257a624332b5f6707b209da36e5966d45c095d70a6c4f03fb098db0baebf","first_seen":"2025-10-01T09:12:21.067891Z","last_seen":"2026-04-11T20:17:01.44274Z","times_seen":7911,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:47.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1128\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 666\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 54e12513-4e7b-4d3e-aaf3-2d773d6cf24c\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":666,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b1974513b4e1ffb6cdb23baa43dfc70c","sha1":"076947a038b2bb7e5acf1d8d04882a4578f090af","sha256":"9d9c46b7626e07570585e6ddb858f62dc23c6f70c154ba93562eafd512998e18","sha512":"eda288aa422311ff1e86ed1d22dcf3146a70286517cdbe006fe28ed5503d338ea38730829d463a1d355a4ea59fc3ef98587611d7fed048e68d83893ef15ea5a7","ssdeep":"","tlshash":"7101833e1049e0b35856e9c270ec41759f80b449331122a61dcb5ecb6a17b10fb0a12a","first_seen":"2025-10-02T17:09:09.43583Z","last_seen":"2025-10-02T17:09:09.43583Z","times_seen":1,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:47.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 929\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 626\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 9e9950c8-0a9c-419e-a35d-f76694cd16f8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":626,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"52bb7514ed9b9ee5edb1e82727d2749a","sha1":"5248d77296faf0c4b5133a90d13196b34403cea8","sha256":"36a20d624f1afd117ef0c2d1fe654f1ad8abd89ea3803a515d48048a1a3cb5cc","sha512":"c76a8977be8549bf154b0dd27852602039c9d853f5b2597d9673ed2fb5630f2ccd4f8be9affa1c15021c22b3d217297f9ef282a687119ea56eeeac1a65f1a4e3","ssdeep":"","tlshash":"d1f068712a4df9ba584012d4110e1a777e65ef7e0d9420513ee71859d2bce01d101076","first_seen":"2025-10-02T17:09:09.436877Z","last_seen":"2025-10-02T17:09:09.436877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html","fqdn":"1.a79ab95c1589a13f8a4cab612bc71f9f7.com","domain":"a79ab95c1589a13f8a4cab612bc71f9f7.com","tld":"com"},"ip":{"addr":"13.33.235.113","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:47.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.a79ab95c1589a13f8a4cab612bc71f9f7.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 01 Apr 2025 00:00:00 GMT","end":"Sat, 04 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F2:85:27:88:79:3D:C8:09:05:B0:B9:D5:B6:5B:FC:1B:29:55:A7:7D","sha256":"62:3E:00:D6:55:CE:3F:4A:BD:C9:4F:0B:81:03:03:5A:90:F4:C0:D0:55:67:05:F5:42:FD:D8:EA:A5:30:93:0D"}}},"request":{"raw":"GET /scripts/prod/crossdomain.html HTTP/1.1\r\nHost: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 221\r\ndate: Thu, 02 Oct 2025 09:30:09 GMT\r\nlast-modified: Tue, 13 Oct 2020 12:04:25 GMT\r\netag: \"21e34cf6a03f570df49e212018a567d0\"\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 75f4291192c5049e8954d5f7e2362e22.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P7\r\nx-amz-cf-id: nXeaMyqvFGd_q7o88Y4WMhG1kr3ay0ZzlQGSLeTXMxAIsvZ48M-wlQ==\r\nage: 27520\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"21e34cf6a03f570df49e212018a567d0","sha1":"f0be4058936850ae0163f5137600d14b6632bbb3","sha256":"0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6","sha512":"85f32ea67b64f49cb438a32c9f77d2d746cf67d3387c4c9d5e78ee181b7fb11f444d6dc17dea19a69f8efa5d4d52ac016e6eea78a741a6658cf86c15b7fdace9","ssdeep":"","tlshash":"37d023cd6c71d14b146070551465f0d42073af7a3343c50022c1e0750d107bc8f0f3d4","first_seen":"2023-04-07T05:40:57Z","last_seen":"2026-04-19T19:15:46.280204Z","times_seen":383,"resource_available":false,"data":null}},"time_used":3386,"timings":{"blocked":1675,"dns":1607,"connect":15,"send":0,"wait":36,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/mypaymentvault.png","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.northlane.com/","date":"2025-10-02T17:08:38.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET /mypaymentvault.png HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:38 GMT\r\ncontent-type: image/png\r\ncontent-length: 2292\r\nlast-modified: Tue, 15 Aug 2023 14:30:47 GMT\r\naccept-ranges: bytes\r\netag: \"3de4f51485cfd91:0\"\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":2292,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 32, 8-bit/color RGBA, non-interlaced","md5":"0bc88433d01a62f8b08bb4b24f5224ec","sha1":"a8fc4591dcec778afe32e4ea4ff69721772cd66f","sha256":"b5f9716acc6e83d58a75b8c6d3764d6ad92e59182d91865f0adb91cf9255afc4","sha512":"8c986bec8802c739ff5c92e6ad1491dfb5b3bec3728212f01457565c598677c63a849a286119a11cc6d594c2e1d52d0168a565fb61e52735c3d5c893e060f048","ssdeep":"","tlshash":"8b412bfc7d43657218e37ef327c54912f0973cc720967514de1a108da08a2b5b641b2b","first_seen":"2025-09-07T05:03:05.569722Z","last_seen":"2026-03-29T13:26:02.366285Z","times_seen":4,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-02T17:08:45.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: text/html\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvc\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":939,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (939), with no line terminators","md5":"d0565201355753333c0b005801abe584","sha1":"0196f42dc0d4704059d0cbccc068788277a31cf3","sha256":"80881c58b46be63268dc7e710c297f0113135d21674760a2db8b817ee14e42b9","sha512":"02f3ddd998911aff7fba540fb117d41b8bbe58d0783dc39ce65e38e2481f93867a88ec73e3a85f5ac989ee3341b3cfd4905478e24e8a50897bcaeed24c7eeda9","ssdeep":"","tlshash":"76119cd2ec1ac58ca502af76c522f01c966dec4cfa51acd4ade610788ed4fa54da3403","first_seen":"2025-06-27T23:44:17.969124Z","last_seen":"2026-04-02T15:02:41.265721Z","times_seen":11,"resource_available":true,"data":null}},"time_used":655,"timings":{"blocked":278,"dns":1,"connect":9,"send":0,"wait":100,"receive":0,"ssl":266},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 222\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 977\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: 38770c20-0f22-4174-82a3-2d2b7ffb7617\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":977,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0a0f8bcd8c1469082f1c217482219e7f","sha1":"92b9b3550c1c72df6ee72397d55b53ab63c8ba83","sha256":"cc3ca511a55f1846990bceffcea9812b53bcdb99d1860ae7e4713fb7bde4872d","sha512":"6dbe4ec53a1dfc7518c46bf5a933cc95b21fe8303118dce235774f064cc99f3a3d03f1c1e1d22b1500057718452336188f98089e82402ea3b1c11c4019747ab3","ssdeep":"","tlshash":"fe1132925665c6a420cc856a3121b8faaaa6730224ef358d3acb71f11ca0e77392d05c","first_seen":"2025-10-02T17:09:09.439266Z","last_seen":"2025-10-02T17:09:09.439266Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2760,"timings":{"blocked":1320,"dns":842,"connect":118,"send":0,"wait":120,"receive":0,"ssl":359},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/paymentvault_logo.svg","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/paymentvault_logo.svg HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 25 Sep 2025 20:51:25 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: fc234c4d-401e-005b-0ba7-332bf0000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fwz\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":3822,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"69483fcdc147ef7ef1dfbee6522330d4","sha1":"3767839151e7fc484b493cfef12527997110284f","sha256":"ec0e613cb6227303daa335c31ad64521cfb7fa1075a10b03f6e4c9f7c6906d75","sha512":"4fd25e74aa9f7e2d1a643c2f0dba700f71b3b8c25fad30594a58b18234169c7ecd58819d9a5e9b94e6134b7a8a6cf29ca285d13d9e5fcadb1a1fb3a052e88c09","ssdeep":"","tlshash":"df7122f6f346c3b74687c1dcf6bc41f56592018bcbba80ec6efa6d182085dd9e524892","first_seen":"2024-05-07T14:13:59Z","last_seen":"2026-04-13T23:42:10.34106Z","times_seen":21,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/login_page.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/login_page.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 25 Sep 2025 20:52:01 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 5f185d70-e01e-001f-1eba-33a1cf000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fx1\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L1_T2\r\nx-cache: TCP_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1069497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1276 x 957, 8-bit/color RGBA, non-interlaced","md5":"11d3b4bd8133332bf7df4ef67629aa23","sha1":"1454233f587f8d40260b85211937b1857a7a77c0","sha256":"d4c5d8c37d7d0ad3323dac97dadccfb4c4fd2a867c625cf62b8363014b7d4d10","sha512":"803b6df515a10339dea2a83b6286d07e33f707d62936a77d9a82de0a4fbcb75858d841dc00dfdf2e5880e53d90480eef3fb55ef059c9a57e1bbf9cec56009af9","ssdeep":"24576:lu7kI2TyM2JyuonE5Z3z3YK36w7ZeC1H0slVtMDM0pVlPxv6:8I2M2Zon0z3YK2C1Uq3YHVv6","tlshash":"a6253336e1c4adb05aeeb4c23f8a2d59ad624251a5445c0484bfcd35f268bc9edf837c","first_seen":"2025-08-04T06:53:41.215118Z","last_seen":"2026-04-13T23:42:10.346154Z","times_seen":13,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?render=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:37:54 GMT","end":"Mon, 01 Dec 2025 08:37:53 GMT"},"fingerprint":{"sha1":"28:1C:E7:95:EC:8D:32:9E:63:9A:72:B2:8D:47:E5:13:F7:CA:5E:18","sha256":"52:99:CC:AA:BC:C4:15:12:9C:2B:FA:D7:97:2A:C4:D3:7D:B0:5C:E0:02:26:3C:8D:B2:4B:BE:89:1A:70:D6:31"}}},"request":{"raw":"GET /recaptcha/api.js?render=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Thu, 02 Oct 2025 17:08:45 GMT\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1051,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1051), with no line terminators","md5":"e6454306b094d909eddddb9845297788","sha1":"304824b0e53db74d11a8a06ee2a3b4faf058e5c4","sha256":"80c33b3ad4277cbf7c9a6b9b71581dac286b8de0bea4bc514362519f18192e82","sha512":"d54defd2ca25a1e078bab685747c53bd9013cb5f7b43b9e0bcbb34c2f18b9523a2c78aab6b7057a57f63d7f754cb06116285b27ea6ba698b6de681682dcf1e7f","ssdeep":"","tlshash":"c2111f731a28a0394b320ae1a1ffcbb1e892741cf11889e8a515ebd42e79ddbce05448","first_seen":"2025-10-02T17:09:09.442004Z","last_seen":"2025-10-02T17:09:09.442004Z","times_seen":1,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":63,"dns":0,"connect":8,"send":0,"wait":70,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wups.mypaymentvault.com/client/v3.1/web/wup?cid=osiris","fqdn":"wups.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"4.249.171.212","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:52.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wups.mypaymentvault.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 10 Oct 2024 00:00:00 GMT","end":"Thu, 09 Oct 2025 23:59:59 GMT"},"fingerprint":{"sha1":"1A:69:7B:74:5D:65:AE:AC:17:F9:8F:AB:C8:D4:32:52:6C:44:05:C5","sha256":"1C:8E:33:00:DC:20:C0:BB:56:3B:E4:41:34:4F:BF:2F:55:DF:97:89:36:34:B0:86:6C:B6:83:41:54:98:88:5B"}}},"request":{"raw":"POST /client/v3.1/web/wup?cid=osiris HTTP/1.1\r\nHost: wups.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 2960\r\nOrigin: https://login.mypaymentvault.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 666\r\ndate: Thu, 02 Oct 2025 17:08:51 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store\r\npragma: no-cache\r\ntail-id: a333a6b5-5cb0-4710-aefb-3cc74ea71edf\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":666,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d770bfc5bf831fd4376c06bd4591158d","sha1":"1f4b0683a5b536aaf0fd34083d186c12aa152948","sha256":"f397268fe014ae2960949b2a1b26a0d95595afd33242ae5edafe27af13055ee4","sha512":"dcb35ade54e7e7a08c1278fd6e687746250cee40fef631c27c0a5c172b2b3ac4f882132b3afa38db8827064613f181b645ef520ab080d1c045c7978bb9485ac0","ssdeep":"","tlshash":"fa0183c9b2b40d092172bbf2d86dc03afae54c47340917860fe31ada184d24a1c68215","first_seen":"2025-10-02T17:09:09.442877Z","last_seen":"2025-10-02T17:09:09.442877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/webtowallet/idi-sdk.2.2.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Sep 2025 20:51:18 GMT\r\nvary: Accept-Encoding, Origin\r\nx-ms-request-id: 9de6a3a1-501e-000a-34bc-33b67c000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvp\r\ncache-control: public, max-age=1800\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache-info: L2_T2\r\nx-cache: TCP_REMOTE_HIT\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":27864,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1983), with CRLF line terminators","md5":"ea6a4dbf7f9ec90349d007ce4e4f9a1b","sha1":"7d112aa33ea4dbef2f04d6ebe45753f7b5743d41","sha256":"37ccef9acf52ce8c90014063e05c7de3ee70d532588394ce896b3f3818d40bc6","sha512":"ced7a98183332fb769fc58757845728b14350921700aa22c91624383f481f5e3b3964c75c75578397e5e45eb4cbd921133497dd12b26ad8f33a4bcef8b8830c3","ssdeep":"384:08YpuiXL8lGyqY6Nso6zpDazqhMpILc6i:0RusLPFao6zpoqCeLQ","tlshash":"83c2d78c694612551c73b77a672b607af7be4b63222c4501b8fc97805f75c10c2e6fea","first_seen":"2025-06-27T23:44:17.977791Z","last_seen":"2026-04-02T15:02:41.291427Z","times_seen":12,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/bundle.js","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /bundle.js HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: text/javascript\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvt\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1851081,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65468)","md5":"24a02fbda4888233a0cd7010b26e654b","sha1":"162b4dda48c151009781c56be9a802368d34314f","sha256":"05518574cb863e6717d7c8cc6e1fdb691db85075b12d1d4a39c3421aa9dc737b","sha512":"aa884cb19afe77b044f529183776d2d4b4577c97a32667d4d26be795f4d9bbbc3268ec096844f9ffe9b9225a7c6acdfc7f437f90bcb96e3f4be03e7d766d53c0","ssdeep":"12288:lWHqVfo57rgsSs0cgnWcg06+uPXPe77elzbpHshcaZuoY:l/Ip90xuPXPe772bhuuoY","tlshash":"3e254b74b66469be563a08c5146f480c3d26a68fd42d40f0f3ba78951aac509ffe3fd8","first_seen":"2025-09-30T15:05:38.107402Z","last_seen":"2025-10-02T17:09:09.444637Z","times_seen":2,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/data/xContent/recipient/op/images/login_page.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /data/xContent/recipient/op/images/login_page.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-20T13:59:59.325235Z","times_seen":13977692,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:46.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"13:4A:0B:81:A8:A4:37:A9:D7:31:CB:DD:A6:76:53:21:8A:1B:2E:0C","sha256":"2D:8F:A1:B5:9A:60:F4:14:AD:1C:29:44:92:C7:8B:AF:4F:27:CD:EE:15:0F:A8:E4:E8:11:CD:41:8C:75:45:4B"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\ncontent-security-policy: script-src 'nonce-sbZHiztKXBvJAOAXsvWCXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":76308,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (56624)","md5":"23e76b828afcae978a25b481952f9e3a","sha1":"602940debdbc30fed0e17df8736c9188653f9258","sha256":"a07633f0c34a919ebd5d1d94628dd66cf05cc2f8ae4835896d0ae341f70bbc97","sha512":"8a420bd314d4cd63aa04ef831c7906f74945e3d6813c0f8f5a309154ba9f7211b64fef2cb524a1cba9f3b93a1185eed1660a3057c5bb3920c1236763a0d72e65","ssdeep":"1536:Y2Q6B8xQC7APovAfwJz55eRYwUk091NxNrUPgARVY3MNh+tB1JdvMp/Opm2:Y7L0o7j9LvUPgARJEtB1DvMpim2","tlshash":"f173af209a0370eaefbf8fc07bd77669a16e91461142449c27ff05d54cbac97635938c","first_seen":"2025-10-02T17:09:09.445649Z","last_seen":"2025-10-02T17:09:09.445649Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","date":"2025-10-02T17:08:46.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /recaptcha/releases/Jv8jlA-BQE5JD6rA-h_iqNH2/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42483\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 13:59:49 GMT\r\nexpires: Fri, 02 Oct 2026 13:59:49 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 29 Sep 2025 12:04:53 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 11337\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":82763,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"562e3f9dacc3ac3df2afea683bea5715","sha1":"bac585b0fc90a96d23ea35e262ffc142c2440d6d","sha256":"662adc43814a4e800c73cc57c6cabd06482cf9c07000621d276c205d23dbeed3","sha512":"b32f61ae6103a7cab3fceb7d22d7486a0d5aff5a3d472d9fba1436cf2357120f2110f63ff1af03c37b7c376ec29f3f869425a71f74fe46f956487efb213925e8","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOI5CdthXwW58YGx7:1GRFauOxLA/+IcTOpLXu","tlshash":"a8838f7338513b39fc2b9b616186b9edf21cc423e5514bfab6457a20c3db19a8253b07","first_seen":"2025-10-02T03:53:21.682435Z","last_seen":"2026-03-27T14:07:59.241093Z","times_seen":7021,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","date":"2025-10-02T17:08:46.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Oct 2025 09:54:06 GMT\r\nexpires: Fri, 02 Oct 2026 09:54:06 GMT\r\ncache-control: public, max-age=31536000\r\nage: 26080\r\nlast-modified: Mon, 16 Oct 2017 17:33:02 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15552,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15552, version 1.0","md5":"285467176f7fe6bb6a9c6873b3dad2cc","sha1":"ea04e4ff5142ddd69307c183def721a160e0a64e","sha256":"5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7","sha512":"5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1","ssdeep":"384:HDKhlQ8AGL0dgUoEGBQTc7r6QYMkyr/iobA2E4/jKcJZI7lhzi:jslQ+LhUoTB0Qr6Qjkg/DmcJufzi","tlshash":"8462e103f2bc4c01e786193ebb5870237205272619efa67780ce7ea4c65ec81a39b457","first_seen":"2023-04-05T04:58:40Z","last_seen":"2026-04-20T14:04:06.374931Z","times_seen":339166,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":30,"dns":2,"connect":9,"send":0,"wait":9,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.northlane.com/sw.css","fqdn":"login.northlane.com","domain":"northlane.com","tld":"com"},"ip":{"addr":"20.99.180.113","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.northlane.com/","date":"2025-10-02T17:08:38.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.northlane.com","organization":"Onbe, Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 17 Jul 2025 00:00:00 GMT","end":"Thu, 16 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C6:CC:73:96:0E:99:8C:7D:7E:2F:CF:2F:81:F2:D3:79:8A:60:46:D7","sha256":"23:CA:A1:60:05:74:68:DC:77:EE:37:78:38:DB:33:82:32:79:67:D8:39:FD:77:1F:1F:CE:E9:59:55:73:2B:EE"}}},"request":{"raw":"GET /sw.css HTTP/1.1\r\nHost: login.northlane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://login.northlane.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:38 GMT\r\ncontent-type: text/css\r\ncontent-length: 9064\r\ncontent-encoding: gzip\r\nlast-modified: Tue, 15 Aug 2023 13:07:58 GMT\r\naccept-ranges: bytes\r\netag: \"0cb08379cfd91:0\"\r\nvary: Accept-Encoding\r\nserver: Microsoft-IIS/8.5\r\nx-powered-by: ASP.NET\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"IIS:8.5","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Microsoft ASP.NET","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]}],"data":{"size":40919,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (337), with CRLF line terminators","md5":"c7c39cfa2d74ce30600a15425c79c824","sha1":"286f79bc918136b857f31f3eb15acfdbfa2c6b7a","sha256":"b27f1db57227dd67c2b03ddc6898889209789143f13ef6db50fc41e8b8a29667","sha512":"f2843360943edff8438700e36085e39fb15197e539b884209edb5ca195158004555f9806f61ed8d14927214cb7a74c13ae75903d8308492482eb8373394c7e88","ssdeep":"768:IwTT8jXYTLs4omH4DMoBHGNrCXl1lWynrYiEo68uWlJeYOeJ/+:IwTT8jXYa54Nr4nkynMiusIeN+","tlshash":"ac037621e7c1200e716fc3a1ff32a7857a2a4065d24a6bbd79ac3638f55c8b615723cd","first_seen":"2025-09-07T05:03:05.56242Z","last_seen":"2026-03-29T13:26:02.357502Z","times_seen":4,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/styles.css","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: text/css\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fvm\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":352703,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"ae0abb6ce2c40ec8d06a24a231e28298","sha1":"5016e8a1cb3005f69b63a0c8a956cf151031a9ca","sha256":"f8efe7cb0f68790e4df0516220ea1088fcc24e90ed3dc7d75b37f7721b1b583c","sha512":"a382b5f60549ee39a1beb1fe7476fa28f3a55031fc3361013f3e62d0a17209758b4a2d7fec28949a9e2175afeaa738150c7e6fe4ac5c6ee6517a695bd740de73","ssdeep":"3072:cn+N9tfyBF98GhclKpje60I458jvOuHG02W4bTSLibz:cnI9tfy398mpje60I45kHcG2P","tlshash":"b274b4d6f680307daca7c6669591fefc852fa545df121aa9f003772842c66d30a63ecc","first_seen":"2025-06-27T23:44:17.965601Z","last_seen":"2025-10-02T17:09:09.447872Z","times_seen":5,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/8ff9389b19e9cea59194.ttf","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:45.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /8ff9389b19e9cea59194.ttf HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/styles.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=1; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:45 GMT\r\ncontent-type: font/ttf\r\ncontent-length: 112892\r\ncache-control: no-store\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170845Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fx4\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112892,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"LTSH\", 14 names, Macintosh","md5":"4e1cb3055ec8aa56df85adb6af907fb7","sha1":"a76a8a0988f25a9502f1de91667371b6255cb392","sha256":"22847930f7950d0a5ca38426a82642757a1c133de6f8612f94eb70d8434f0fb1","sha512":"f98d26902fb859c78c9c83ac495920e757c30d061e331cbe393936ddc22cc6c985a55253feb22e6ed53c65c00b4f1ce22df79d820f909263c269a1ae62d4ad25","ssdeep":"1536:NVOBzpPKuHngVSPbUuuAVPQE3OoZ7fKjtWjqUNs2qSNMU5tZje37E/sQtq+knNn:NVOiSXPbUuOqTWt8s2qSNTzje3b+Kn","tlshash":"c5b3ae97f3c58b82cb69a0bfc75056a521b7783d9a37877075fc1aa2ec0903158e9f09","first_seen":"2023-05-04T06:12:57Z","last_seen":"2026-04-17T10:44:46.32803Z","times_seen":110,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"login.mypaymentvault.com/logo192.png","fqdn":"login.mypaymentvault.com","domain":"mypaymentvault.com","tld":"com"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:46.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"login.mypaymentvault.com","organization":""},"issuer":{"commonName":"GeoTrust Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 25 Aug 2025 00:00:00 GMT","end":"Wed, 25 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:C8:1F:3F:ED:1B:92:AD:08:5D:1F:F3:68:84:C0:41:85:EE:F3:3B","sha256":"2E:FE:60:02:FB:96:3E:96:B3:7F:7E:AA:5D:D2:04:6D:29:6E:0E:20:D0:77:AF:C8:84:EB:02:65:D3:11:83:2E"}}},"request":{"raw":"GET /logo192.png HTTP/1.1\r\nHost: login.mypaymentvault.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://login.mypaymentvault.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; ASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; cdContextId=2; bmuid=1759424925652-E43694D7-9606-4CAD-B4D2-964EB457AE20\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\ncontent-type: text/html\r\ncache-control: no-store\r\ncontent-encoding: br\r\netag: \"64001251\"\r\nlast-modified: Mon, 08 Sep 2025 03:10:43 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\nx-forwarded-for: {headers.x-forwarded-for}\r\nset-cookie: ASLBSA=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; Path=/; Secure; HttpOnly;\nASLBSACORS=00034e66c41d04ab7433c299347e7af9389febbcc0e09376d51c8ed735f4aaf0a80e; SameSite=none; Path=/; Secure; HttpOnly;\r\nx-azure-ref: 20251002T170846Z-r1f97b5f7b5z5vsfhC1SVG4f8000000008yg000000001fxz\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]}],"data":{"size":939,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (939), with no line terminators","md5":"d0565201355753333c0b005801abe584","sha1":"0196f42dc0d4704059d0cbccc068788277a31cf3","sha256":"80881c58b46be63268dc7e710c297f0113135d21674760a2db8b817ee14e42b9","sha512":"02f3ddd998911aff7fba540fb117d41b8bbe58d0783dc39ce65e38e2481f93867a88ec73e3a85f5ac989ee3341b3cfd4905478e24e8a50897bcaeed24c7eeda9","ssdeep":"","tlshash":"76119cd2ec1ac58ca502af76c522f01c966dec4cfa51acd4ade610788ed4fa54da3403","first_seen":"2025-06-27T23:44:17.969124Z","last_seen":"2026-04-02T15:02:41.265721Z","times_seen":11,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke","date":"2025-10-02T17:08:46.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:34:53 GMT","end":"Mon, 01 Dec 2025 08:34:52 GMT"},"fingerprint":{"sha1":"13:4A:0B:81:A8:A4:37:A9:D7:31:CB:DD:A6:76:53:21:8A:1B:2E:0C","sha256":"2D:8F:A1:B5:9A:60:F4:14:AD:1C:29:44:92:C7:8B:AF:4F:27:CD:EE:15:0F:A8:E4:E8:11:CD:41:8C:75:45:4B"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LfDo_AqAAAAAFGTdKHENVZhHa6Q71m64oSha4fa\u0026co=aHR0cHM6Ly9sb2dpbi5teXBheW1lbnR2YXVsdC5jb206NDQz\u0026hl=en\u0026v=Jv8jlA-BQE5JD6rA-h_iqNH2\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=j232qwpblpke\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Thu, 02 Oct 2025 17:08:46 GMT\r\ndate: Thu, 02 Oct 2025 17:08:46 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: same-site\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"395632cb314808a5432bbadd8ce10425","sha1":"10593d59bf567815ea3df18d0cfd8e539f4816ae","sha256":"c5dd90a73d255bc21f56a4e7bd20d846d69d76a5c644acee6568449c64365a69","sha512":"8e96eed3cb3a471bda205580334522a29d8d08a1e9251ebdd4adf918234d5e034e10f3ed82cb83e4f0f57fc4492dd4cb6644a563964598f2dd8412694d83d98b","ssdeep":"","tlshash":"c2b012331db0c4180d004b22c42b9bf8f001403cd6d0c0f450398fe495106738001900","first_seen":"2025-10-02T03:53:21.69077Z","last_seen":"2026-03-27T14:07:59.249659Z","times_seen":6552,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html","fqdn":"1.b406929acabac9b095f124c81bdfcf57f.com","domain":"b406929acabac9b095f124c81bdfcf57f.com","tld":"com"},"ip":{"addr":"13.33.235.97","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://login.mypaymentvault.com/","date":"2025-10-02T17:08:47.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.b406929acabac9b095f124c81bdfcf57f.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Sun, 06 Apr 2025 00:00:00 GMT","end":"Tue, 07 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B1:A6:F5:C8:18:74:B0:EB:75:19:01:EF:4D:D6:01:3B:88:D4:40:10","sha256":"D1:3A:E7:E6:BD:39:8B:22:A0:A8:72:C1:CB:22:97:D2:97:00:2D:28:5E:63:61:74:73:D1:7C:02:39:42:7A:9D"}}},"request":{"raw":"GET /scripts/prod/crossdomain.html HTTP/1.1\r\nHost: 1.b406929acabac9b095f124c81bdfcf57f.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 221\r\ndate: Wed, 01 Oct 2025 23:32:13 GMT\r\nlast-modified: Tue, 13 Oct 2020 12:04:25 GMT\r\netag: \"21e34cf6a03f570df49e212018a567d0\"\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 d65d4d8b7615a35d9efb4d6943f8f386.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: HEL51-P7\r\nx-amz-cf-id: -95DqjjE8IfwmAGXeT9FnVRXQtk_nn63lbysvejE8YsP6e0ZS1FOTQ==\r\nage: 63396\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"21e34cf6a03f570df49e212018a567d0","sha1":"f0be4058936850ae0163f5137600d14b6632bbb3","sha256":"0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6","sha512":"85f32ea67b64f49cb438a32c9f77d2d746cf67d3387c4c9d5e78ee181b7fb11f444d6dc17dea19a69f8efa5d4d52ac016e6eea78a741a6658cf86c15b7fdace9","ssdeep":"","tlshash":"37d023cd6c71d14b146070551465f0d42073af7a3343c50022c1e0750d107bc8f0f3d4","first_seen":"2023-04-07T05:40:57Z","last_seen":"2026-04-19T19:15:46.280204Z","times_seen":383,"resource_available":false,"data":null}},"time_used":1777,"timings":{"blocked":881,"dns":825,"connect":14,"send":0,"wait":15,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}