r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3695
Expires: Wed, 23 Nov 2022 19:41:26 GMT
Date: Wed, 23 Nov 2022 18:39:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3860
Cache-Control: max-age=147345
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:39:51 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:35:36 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 18:18:49 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1262
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5488
Expires: Wed, 23 Nov 2022 20:11:19 GMT
Date: Wed, 23 Nov 2022 18:39:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CiaEFHro12L6WdCBnWCbbCXsfa3ibvzgyo6LETQkIP7K/0YALlbaWgh8HatDTM8SBQOm2yGCbHc=
x-amz-request-id: KQF9C88EGZ8T09PP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 17:40:05 GMT
age: 3586
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
207.174.214.206200 OK 3.5 kB URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (485), with CRLF line terminators
Hash 169238781793c7d49b8144f892aa938c
dbf48ff77f2f099528014b1169a12020b83815de
943bd396f0feb2df012f07b22bca29d5e49f6108255920610e24c775d5e3c345
Analyzer Verdict Alert openphish Space Coast Credit Union
fortinet Phishing
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 15 Sep 2022 15:45:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3493
Keep-Alive: timeout=5, max=75
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 18:39:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 653e381a046125009b38e6eae2ea8ce1
90ab430515e337482bf4930ea07e4acc78df0d95
f1dd7eb51ef8b22d9629670d0b8053336fd4142356d092be886c40e9487d8e5a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 97fd2e3abb60799bbebeefdd4121a108
0343d7e360cbf24079d9066c270a28d7e7a5eb04
81f8cb6b84ff4255b92f6c0897bc52bca5d7c13ed377fd429301afb7d3a86679
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 18:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 20:19:00 GMT
Expires: Wed, 23 Nov 2022 20:19:00 GMT
ETag: "0343d7e360cbf24079d9066c270a28d7e7a5eb04"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.perfdrive.com/aperture/aperture.js
130.211.29.114200 OK 14 kB URL HTTP/2 cdn.perfdrive.com/aperture/aperture.js
IP 130.211.29.114:0
File type ASCII text, with very long lines (566)
Hash 9b690590c9a694107d7c7cfa0b731b68
c95e502d5d2d5437e168ae55af0439beef69d370
1b07b11a98a6e988acd3bc823b64b353702411709d8ef871e393dee1866d7cda
GET /aperture/aperture.js HTTP/1.1
Host: cdn.perfdrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.alfaw2.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.1
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
content-length: 13453
date: Wed, 23 Nov 2022 17:57:20 GMT
cache-control: max-age=3600,public
age: 2552
last-modified: Thu, 06 Oct 2022 10:45:02 GMT
etag: W/"633eb1ae-ae3a"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/material-icons.css
207.174.214.206200 OK 488 B URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/material-icons.css
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 2207379ea8060d2a17f4f93291b0a3dd
02ba6826a2453a30e32b493fd48dad128e3d620e
5baa5c8e900b96339edbd89d26597f4ca1910a08d046ee0b282b7ee5bd96cc04
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/css/material-icons.css HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:52 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 09:42:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 488
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/opensans.css
207.174.214.206200 OK 610 B URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/opensans.css
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 46e7130aec65d5b5697175ad7efe32d5
db33162126692582f503d56202242f0aeb608dc5
bf98dde2ba453ab4c49505659262d096eb09101ac6646eceab9b4fb8c1189a71
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/css/opensans.css HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 12 Sep 2022 09:44:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 610
Keep-Alive: timeout=5, max=75
Content-Type: text/css
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 97fd2e3abb60799bbebeefdd4121a108
0343d7e360cbf24079d9066c270a28d7e7a5eb04
81f8cb6b84ff4255b92f6c0897bc52bca5d7c13ed377fd429301afb7d3a86679
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 18:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 20:19:00 GMT
Expires: Wed, 23 Nov 2022 20:19:00 GMT
ETag: "0343d7e360cbf24079d9066c270a28d7e7a5eb04"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 676104ca857ff7d329d05f54d88acc1f
798a6028f0c6187c5a6fd17d34b4f49f234b46fe
268539f073520f01393d2e6628fece9ae9112ade08f788170dbd2f58c4bac8ba
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 18:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 17:42:11 GMT
Expires: Thu, 24 Nov 2022 17:42:11 GMT
ETag: "798a6028f0c6187c5a6fd17d34b4f49f234b46fe"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 676104ca857ff7d329d05f54d88acc1f
798a6028f0c6187c5a6fd17d34b4f49f234b46fe
268539f073520f01393d2e6628fece9ae9112ade08f788170dbd2f58c4bac8ba
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 18:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 17:42:11 GMT
Expires: Thu, 24 Nov 2022 17:42:11 GMT
ETag: "798a6028f0c6187c5a6fd17d34b4f49f234b46fe"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/RadDockableObject.css
207.174.214.206200 OK 709 B URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/RadDockableObject.css
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash c7426dd752158ad75cd12fc5e5f00a47
e8a232b8e5c8229f5784a8563c86829c507b5797
5453ddb6e50ffa5463ecde01694653efa0bfe06ab8dce372be4c252bb4a56c6f
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/css/RadDockableObject.css HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 12 Sep 2022 09:45:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 709
Keep-Alive: timeout=5, max=75
Content-Type: text/css
developer.android.com/images/brand/en_generic_rgb_wo_45.png
142.250.74.46200 OK 4.1 kB URL HTTP/2 developer.android.com/images/brand/en_generic_rgb_wo_45.png
IP 142.250.74.46:0
File type PNG image data, 129 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ea466e328da752cabd8787d8e4b9612
8725a80d388cd91574669bd301c1a87e4230889d
d838b2098a6dde4053f9ccdbbc0f889d4444b5a27da3ee211cd782a8458bb63e
GET /images/brand/en_generic_rgb_wo_45.png HTTP/1.1
Host: developer.android.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.alfaw2.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
set-cookie: _ga_devsite=GA1.3.4062282241.1669228792; Expires=Fri, 22 Nov 2024 18:39:52 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-ZwVljLBjS6+kuVC6Slluz7A1dgWaWo' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
x-cloud-trace-context: f58f6e72f379ef991ed6475e22e8055f
date: Wed, 23 Nov 2022 18:39:52 GMT
server: Google Frontend
content-length: 4109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/angular.css
207.174.214.206200 OK 1.6 kB URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/css/angular.css
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text, with CRLF line terminators
Hash e52f38177760b51aed3a5e394feacc24
933e1bf41017982ea38e64647096997c9bf095cc
38fb9870435fddec104ccd6dce9102f7dcb9c2ced3f5f10d83e0839c74c4dd3e
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/css/angular.css HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:52 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 12 Sep 2022 09:42:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1606
Keep-Alive: timeout=5, max=75
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:39:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 4e0f4f92d55a71dc00ea0cba1808fa11
25085134854cf320bab890061d3a37abe4ee7e67
a38f2c9fd87913823341ccee4acea6ccc0b493af742dd262714c8e80772c8334
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 18:39:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 20:22:04 GMT
Expires: Wed, 23 Nov 2022 20:22:04 GMT
ETag: "25085134854cf320bab890061d3a37abe4ee7e67"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 18:11:11 GMT
cache-control: public,max-age=3600
age: 1721
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2630
Cache-Control: max-age=141051
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:39:52 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:50:43 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2B9j9mmlM0ULpsI4BtqNeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6p4v0qCEDeGnwu33DY8nJROzemM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3459
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 18:39:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3459
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 18:39:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3459
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 18:39:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3459
Expires: Wed, 23 Nov 2022 19:37:33 GMT
Date: Wed, 23 Nov 2022 18:39:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 75095
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 74586
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 858121146f13af8b53e7bfb9d143490c
2a0aa4d6e3d648b23e15db38559fa9be9ca2cdd8
5c79f7d9479cdaca6fca1abc2af768f8dbe2e7df70959a6620c676a4a4060b9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5721
x-amzn-requestid: d6a84920-e8e5-4160-aea1-ccabce26d36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bvCq5EH4IAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375e4ab-7835c4341c7b2fb700784aa2;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 07:37:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KX8eExctOwlkCuEo1G-yxhL4FaM-DquAvgfYTjwekflhfWccr5LU1Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 05:08:10 GMT
age: 48704
etag: "2a0aa4d6e3d648b23e15db38559fa9be9ca2cdd8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd62f641e9d58eee10e41db0fa00b5f2
4210e5f150a49d6f6ee26cbb11ded8173ab8cf74
5858451bf7cac97b8881dde7e3197110fa8639c1d94b51934859669c51221e1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cb92473-220a-4ebb-b8d8-6c17618bc006.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 7db10594-4acc-448d-b724-1c4bc8ec42ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrVFtRoAMFTzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee48-0a466f6b0bd48f3532216bca;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EZ6DqZY1DDMr_jSZs-aGTsD37q6dKLIEk9XJhKRTNOjjxfU-lWh8eg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:50:14 GMT
age: 74980
etag: "4210e5f150a49d6f6ee26cbb11ded8173ab8cf74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 15:14:08 GMT
age: 12346
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 73838
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 4e0f4f92d55a71dc00ea0cba1808fa11
25085134854cf320bab890061d3a37abe4ee7e67
a38f2c9fd87913823341ccee4acea6ccc0b493af742dd262714c8e80772c8334
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 18:39:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 20:22:04 GMT
Expires: Wed, 23 Nov 2022 20:22:04 GMT
ETag: "25085134854cf320bab890061d3a37abe4ee7e67"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.alfaw2.com.br/favicon.ico
207.174.214.206404 Not Found 355 B URL HTTP/1.1 www.alfaw2.com.br/favicon.ico
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0
GET /favicon.ico HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
Cookie: __ssds=3; __ssuzjsr3=a9be0cd8e
HTTP/1.1 404 Not Found
Date: Wed, 23 Nov 2022 18:39:54 GMT
Server: Apache
Last-Modified: Tue, 15 Mar 2022 22:06:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 355
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/img/content.svg
207.174.214.206200 OK 26 kB URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/img/content.svg
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (25585), with no line terminators
Hash 668b80fdfabcc7949a218d3d40225c79
f1584c14d1e1a94a05a94817902ec75f221d7c69
add74d2730ba86174575a23c05ec3eca87c4f0983151d06cb4b156f788d7dc92
Analyzer Verdict Alert fortinet Phishing
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/img/content.svg HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:54 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 09:49:20 GMT
Accept-Ranges: bytes
Content-Length: 25585
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml
olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23424242&color2=%23F5F5F5&image=EqualHousingLender.svg
66.22.0.11200 OK 1.3 kB URL HTTP/2 olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23424242&color2=%23F5F5F5&image=EqualHousingLender.svg
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (344), with CRLF line terminators
Hash 5e4cb0126e52c254c52ab70905aa9ec2
ed921ebdea59577d56dca16b1380be213a3b8c3d
4a8eeb17a4d3f72a3a9bb52bebeec37bead3cc60ca4f475facbda9135a782f33
GET /OnlineBanking/content.aspx?theme=Theme5&color1=%23424242&color2=%23F5F5F5&image=EqualHousingLender.svg HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
Cookie: ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1281
set-cookie: __uzma=2d9b2537-8cef-464c-9cc7-55b26a6d37bc; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=1431; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=434941032824; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
cache-control: public
last-modified: Mon, 01 Jan 0001 05:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&image=CheckBox-Unchecked.svg
66.22.0.11200 OK 253 B URL HTTP/2 olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&image=CheckBox-Unchecked.svg
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash c293b4e7e52cb442aba55335ef5483ba
8007a609ed0c55261ddcbfe284c32f5d40427516
f6c193e6063de296e0ffb86b076dd331efbb6bf1544b876af7c789ef4522ad47
GET /OnlineBanking/content.aspx?theme=Theme5&image=CheckBox-Unchecked.svg HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
Cookie: ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 253
set-cookie: __uzma=8cc0fd03-0672-4055-a6aa-a90dd42ebfeb; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=8603; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=795641041619; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
cache-control: public
last-modified: Mon, 01 Jan 0001 05:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
X-Firefox-Spdy: h2
www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/img/prohqcker.svg
207.174.214.206200 OK 19 kB URL HTTP/1.1 www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/img/prohqcker.svg
IP 207.174.214.206:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (18733), with no line terminators
Hash 5a7e17a9dd2e798f6f4152a635a3a4f2
93b9e6c802fa8ccdd72cfcd70e8b2cc086bccf4d
0ac1ee2487d66ec43c76c14b0a6b8aa67c4ada1cb8eda9edf4f7bbe0f709155d
Analyzer Verdict Alert fortinet Phishing
GET /v4g5u76ki8mlop9i/d4g6u87i8kopk/img/prohqcker.svg HTTP/1.1
Host: www.alfaw2.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.alfaw2.com.br/v4g5u76ki8mlop9i/d4g6u87i8kopk/index2.html
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:39:54 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 09:58:06 GMT
Accept-Ranges: bytes
Content-Length: 18733
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/svg+xml
olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23000000&image=Wires.svg
66.22.0.11200 OK 1.6 kB URL HTTP/2 olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23000000&image=Wires.svg
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (555), with CRLF line terminators
Hash a87d3850028e2890d5d51853f9be8ef3
aa4749c12034332819cacbb83e08f4a7f2d9b660
060ae789e740b1971a4af9fc229f09c20b571ff070adff7a8cd21f70d44ce137
GET /OnlineBanking/content.aspx?theme=Theme5&color1=%23000000&image=Wires.svg HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
Cookie: ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1612
set-cookie: __uzma=7ac6f34b-a4a4-4024-b283-00a4e021f886; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=8891; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=762921061664; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
cache-control: public
last-modified: Mon, 01 Jan 0001 05:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23424242&color2=%23F5F5F5&image=svg/ncua.svg
66.22.0.11200 OK 0 B URL HTTP/2 olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23424242&color2=%23F5F5F5&image=svg/ncua.svg
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OnlineBanking/content.aspx?theme=Theme5&color1=%23424242&color2=%23F5F5F5&image=svg/ncua.svg HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
Cookie: ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 0
set-cookie: __uzma=008e9247-4a9c-4eef-9e91-91694f7e0df3; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=6775; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=419111031608; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
ADRUM_BTa=R:84|g:9c1670bb-ebf7-4838-952a-49987924626f|n:spacecoastcreditunion_803322c3-bfcf-4bc3-b47a-bbd31c4c5806; expires=Wed, 23-Nov-2022 18:40:24 GMT; path=/
SameSite=None; expires=Wed, 23-Nov-2022 18:40:24 GMT; path=/
ADRUM_BT1=R:84|i:371912|e:7; expires=Wed, 23-Nov-2022 18:40:24 GMT; path=/
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23000000&color2=%23000000&image=Logo.svg
66.22.0.11200 OK 12 kB URL HTTP/2 olb.sccu.com/OnlineBanking/content.aspx?theme=Theme5&color1=%23000000&color2=%23000000&image=Logo.svg
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7287), with CRLF line terminators
Hash c7b060b7604197d6a0b12648830d9ee8
106494aaa57a809c485aeff1dcf43421250f17be
88978628e57207e83a74d047ca5aa90b9435741822fbefff1f1b9475fa1cbdb3
GET /OnlineBanking/content.aspx?theme=Theme5&color1=%23000000&color2=%23000000&image=Logo.svg HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
Cookie: ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 12107
set-cookie: __uzma=139b13d8-5019-4fc7-afd3-2eda8ce3d6b5; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=4299; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=137031073996; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
cache-control: public
last-modified: Mon, 01 Jan 0001 05:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/App_Themes/Theme5/images/spacecoast/1920x1080-04.jpg
66.22.0.11200 OK 272 kB URL HTTP/2 olb.sccu.com/OnlineBanking/App_Themes/Theme5/images/spacecoast/1920x1080-04.jpg
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 272 kB (271563 bytes)
Hash f0c6f78e040226c7d10695933b9a25a7
fc56918d6da9a1810dcf64befcc9f7082971c5e0
b4f957811a348ba78bf5b02db3aa00e26e37c9e69987f5d459247dd0a1a70e61
GET /OnlineBanking/App_Themes/Theme5/images/spacecoast/1920x1080-04.jpg HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
Cookie: ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 271563
last-modified: Tue, 27 Apr 2021 13:46:46 GMT
accept-ranges: bytes
etag: "0679bc36b3bd71:0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/App_Themes/Theme5/spacecoast/fonts/montserrat/montserrat-regular.woff
66.22.0.11200 OK 0 B URL HTTP/2 olb.sccu.com/OnlineBanking/App_Themes/Theme5/spacecoast/fonts/montserrat/montserrat-regular.woff
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
GET /OnlineBanking/App_Themes/Theme5/spacecoast/fonts/montserrat/montserrat-regular.woff HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.alfaw2.com.br
Connection: keep-alive
Referer: https://olb.sccu.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
content-length: 24388
last-modified: Tue, 17 Nov 2020 15:59:52 GMT
accept-ranges: bytes
etag: "08c20affabcd61:0"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
set-cookie: ZJULCVVF=0285387f83-142a-4dV3hMuiobyoSFmjMADpaJgu_NgoK-f9QKnISVENNi7sW8gXZfKBydjkwnc4xFBTButqA; path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
143.204.55.51200 OK 0 B URL HTTP/2 cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
IP 143.204.55.51:0
GET /adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.alfaw2.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.16.1
last-modified: Fri, 15 Apr 2022 21:40:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
content-encoding: gzip
date: Mon, 31 Oct 2022 05:11:21 GMT
cache-control: public, max-age=2678400, s-max-age=14400
etag: W/"6259e653-ce76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cqtavjt7jggll35Bsmex4ci_oEblc7MQKDkrLmi_eFYotwts5CDX-g==
age: 2035711
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
66.22.0.11200 OK 0 B URL HTTP/2 olb.sccu.com/OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
GET /OnlineBanking/Theme5Css.aspx?h=7CC200ED151C8E95B54A8AB8314619D7 HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.alfaw2.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
set-cookie: __uzma=f1d216cc-f3f4-4116-b793-787a317e60c4; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:52 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228792; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:52 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=8687; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:52 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=111461081563; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:52 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228792; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:52 GMT ; Max-Age=15724800; SameSite=Lax
ASP.NET_SessionId=2hezq1exechor1w24hmx2tmj; path=/; HttpOnly; SameSite=Lax
PortalLanguage_2173=en-US; expires=Wed, 23-Nov-2072 18:39:52 GMT; path=/; HttpOnly
ADRUM_BTa=R:25|g:a9bcf821-4e5f-4d7a-addc-eedcf9303294|n:spacecoastcreditunion_803322c3-bfcf-4bc3-b47a-bbd31c4c5806; expires=Wed, 23-Nov-2022 18:40:22 GMT; path=/
SameSite=None; expires=Wed, 23-Nov-2022 18:40:22 GMT; path=/
ADRUM_BT1=R:25|i:1168032|e:1; expires=Wed, 23-Nov-2022 18:40:22 GMT; path=/
ZJULCVVF=0285387f83-142a-4dddc1SsVhMMkjEyKx7mYyHCfWQgmCcQO-mqU8Ty5nCW4HXx5Zld-avLr_n168iqzb7_E; path=/; SameSite=None; Secure
cache-control: public, no-cache="Set-Cookie"
expires: Thu, 23 Nov 2023 18:39:52 GMT
last-modified: Wed, 23 Nov 2022 18:39:52 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:51 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
olb.sccu.com/OnlineBanking/WebResource.axd?d=urCACUaUZeT6oPoIZXShbu_1mg_N_l4jShKx1J9bVPsVr2NBR6js8hj-QO5R4_ig_UM_6BTEvsUm0pVZPSI45Qh8HhMXpcfZ0-H_jz5gjdjFcqhl8Q2uekFcLFceEEhLFJKexQwJQYE-YZPPmEfmF2tz8ibp1V0Knp5fHHCZZeU1&t=637356698800000000
66.22.0.11200 OK 0 B URL HTTP/2 olb.sccu.com/OnlineBanking/WebResource.axd?d=urCACUaUZeT6oPoIZXShbu_1mg_N_l4jShKx1J9bVPsVr2NBR6js8hj-QO5R4_ig_UM_6BTEvsUm0pVZPSI45Qh8HhMXpcfZ0-H_jz5gjdjFcqhl8Q2uekFcLFceEEhLFJKexQwJQYE-YZPPmEfmF2tz8ibp1V0Knp5fHHCZZeU1&t=637356698800000000
IP 66.22.0.11:0
ASN #25773 RADWARE-CLOUD-SERVICES
GET /OnlineBanking/WebResource.axd?d=urCACUaUZeT6oPoIZXShbu_1mg_N_l4jShKx1J9bVPsVr2NBR6js8hj-QO5R4_ig_UM_6BTEvsUm0pVZPSI45Qh8HhMXpcfZ0-H_jz5gjdjFcqhl8Q2uekFcLFceEEhLFJKexQwJQYE-YZPPmEfmF2tz8ibp1V0Knp5fHHCZZeU1&t=637356698800000000 HTTP/1.1
Host: olb.sccu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.alfaw2.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
set-cookie: __uzma=949d7150-4856-48d7-a6ca-50364542c81f; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmb=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzme=0570; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmc=999841018526; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
__uzmd=1669228794; HttpOnly; path=/; Expires=Wed, 24-May-23 18:39:54 GMT ; Max-Age=15724800; SameSite=Lax
ZJULCVVF=0285387f83-142a-4dFn_W8FRVkuh5PhTj7Yku_a9n1ueoFcTedAtkw_B8on7fhJKj9ptAmsXJl8JljJNEsyQ; path=/; SameSite=None; Secure
cache-control: public
expires: Thu, 23 Nov 2023 06:30:51 GMT
last-modified: Mon, 14 Sep 2020 12:44:40 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
x-ua-compatible: IE=Edge
date: Wed, 23 Nov 2022 18:39:54 GMT
content-encoding: gzip
X-Firefox-Spdy: h2