r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2909
Expires: Thu, 30 Mar 2023 15:13:07 GMT
Date: Thu, 30 Mar 2023 14:24:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19260
Expires: Thu, 30 Mar 2023 19:45:38 GMT
Date: Thu, 30 Mar 2023 14:24:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 14:16:05 GMT
content-type: application/json
age: 513
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14068
Expires: Thu, 30 Mar 2023 18:19:06 GMT
Date: Thu, 30 Mar 2023 14:24:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jZXb/x3kuDf5dA6EGscR4ZYS30OX7PlCgbH5O3Y9wyrv14kPv+KWJizdjltYVNFlyBJ7SrHQ43+B+wAhOyDZAA==
x-amz-request-id: RECKMPKJ3V8GG9W7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 13:33:41 GMT
age: 3057
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e0dee7736387729905836ee50d77610e
95e19d4ab30c5284a47530a19fd119c78d88bf55
c31fb466e4b384af8d5cc1787ba921d25f24ccf215c8f358656d879f1432a743
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C31FB466E4B384AF8D5CC1787BA921D25F24CCF215C8F358656D879F1432A743"
Last-Modified: Wed, 29 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21593
Expires: Thu, 30 Mar 2023 20:24:31 GMT
Date: Thu, 30 Mar 2023 14:24:38 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 14:24:38 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 14:17:26 GMT
age: 432
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
myonlinehbsc.com/
170.187.148.56200 OK 78 kB IP 170.187.148.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9940)
Hash 0cea7bc1722c5d5ffeda0fe71b212384
57e457b95b00ca7489e6fb3b37c249d58b1d5799
145544878f01797d26a272abfd649af9ee66309c413fa49a661ce6cf4ac06056
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET / HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:38 GMT
Content-Type: text/html
Last-Modified: Thu, 30 Mar 2023 08:26:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"64254799-544cd"
Content-Encoding: gzip
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/c.js.download
170.187.148.56200 OK 0 B URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/c.js.download
IP 170.187.148.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/c.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:38 GMT
Content-Type: application/octet-stream
Content-Length: 0
Last-Modified: Thu, 30 Mar 2023 08:23:42 GMT
Connection: keep-alive
ETag: "6425470e-0"
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11080
Expires: Thu, 30 Mar 2023 17:29:19 GMT
Date: Thu, 30 Mar 2023 14:24:39 GMT
Connection: keep-alive
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/analytics.js.download
170.187.148.56200 OK 50 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/analytics.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (1490)
Hash 54e51056211dda674100cc5b323a58ad
26dc5034cb6c7f3bbe061edd37c7fc6006cb835b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/analytics.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 50234
Last-Modified: Thu, 30 Mar 2023 08:23:37 GMT
Connection: keep-alive
ETag: "64254709-c43a"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/cafemedia.js.download
170.187.148.56200 OK 4.7 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/cafemedia.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (4745), with no line terminators
Hash 9c97338f618e2d05dabc1189ae61e1cb
da2bb9e000386c8756ee62235f9e1ad3d95d89c7
f7cc64d0d0010ebbd25fca506e6f6d837c4192bbb2c0af329a6227f31fc29f5b
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/cafemedia.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 4745
Last-Modified: Thu, 30 Mar 2023 08:23:44 GMT
Connection: keep-alive
ETag: "64254710-1289"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/beacon.js.download
170.187.148.56200 OK 4.5 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/beacon.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (4514)
Hash a06e7a176f40dc26aa5e9567ac9d2d5e
fea092c34ae5a957a08a40ba5dd5bb8b86a8f517
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/beacon.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 4515
Last-Modified: Thu, 30 Mar 2023 08:23:41 GMT
Connection: keep-alive
ETag: "6425470d-11a3"
Accept-Ranges: bytes
push.services.mozilla.com/
54.244.27.196101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.244.27.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ah1lFusfX9RaCICfEeM5ug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hO9tcd3RXF3BVRQ7YwHYtEBhWOM=
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/gpt.js.download
170.187.148.56200 OK 79 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/gpt.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (39576)
Hash 59730fb30798c72c0268750dd8f2430e
8020cb3ed99143460eedb47b31967e0f283a5e97
b76e30307e240d50fc901449f1f417d80d8c8cd0a9e9b6117e5c0b302bc4caa4
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/gpt.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 78754
Last-Modified: Thu, 30 Mar 2023 08:24:21 GMT
Connection: keep-alive
ETag: "64254735-133a2"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/wrap.js.download
170.187.148.56200 OK 216 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/wrap.js.download
IP 170.187.148.56:0
File type Unicode text, UTF-8 text, with very long lines (21701)
Size 216 kB (216427 bytes)
Hash 2e231084ec9807cae0fe60c1c1f8d354
d8c59f7652b7764724d74212b7c353b3708cbddb
a744d98d4cf90a8f6a6c30d9a18fe487b988ebe20a63c604beccecb96e59bb05
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/wrap.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 216427
Last-Modified: Thu, 30 Mar 2023 08:26:28 GMT
Connection: keep-alive
ETag: "642547b4-34d6b"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/js
170.187.148.56200 OK 248 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/js
IP 170.187.148.56:0
File type ASCII text, with very long lines (30260)
Size 248 kB (247758 bytes)
Hash 1d1c13e53afbfad1c3a10282b69613f4
9db237c995a6e1b13e618c46fa2716d1b6a8837a
b0161b1b54f00a94815ce20da6d89888e9e7067d873d028bbcd8720ba7bf90d9
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/js HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 247758
Last-Modified: Thu, 30 Mar 2023 08:24:49 GMT
Connection: keep-alive
ETag: "64254751-3c7ce"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/adthrive.min.js.download
170.187.148.56200 OK 571 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/adthrive.min.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (54005)
Size 571 kB (571118 bytes)
Hash 9d2703b84759c4e7e70a1471ba6282d3
d4ec521e0eb1713b03a2f69d85b3feda318ef748
a01d9d849a60b9ba3755411373ffb357cf98dfb378b7e4eb35757e870c35e132
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/adthrive.min.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 571118
Last-Modified: Thu, 30 Mar 2023 08:23:32 GMT
Connection: keep-alive
ETag: "64254704-8b6ee"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/ads.min.js.download
170.187.148.56200 OK 81 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/ads.min.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (16894)
Hash 8e15d611698999e470739d014b65a844
a1a88ce6873fbc74921f4164ecad609e36e9c257
25bacafcc8ef078afaef44d3749cd67f4f92ac3c092c785720da635da64dca7e
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/ads.min.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 81433
Last-Modified: Thu, 30 Mar 2023 08:23:24 GMT
Connection: keep-alive
ETag: "642546fc-13e19"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/prebid.min.js.download
170.187.148.56200 OK 558 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/prebid.min.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 558 kB (558498 bytes)
Hash 9f3b3fcb7d4d999ac77f60d650bce9f4
5d9fd8c05d8bfd95d275ba131450a7001902a7cd
f8a039e367405264db8c97c4e6a920b7b016543203bd71adb577e4af4bfe9c87
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/prebid.min.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 558498
Last-Modified: Thu, 30 Mar 2023 08:25:28 GMT
Connection: keep-alive
ETag: "64254778-885a2"
Accept-Ranges: bytes
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/apstag.js.download
170.187.148.56200 OK 229 kB URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/apstag.js.download
IP 170.187.148.56:0
File type ASCII text, with very long lines (65446)
Size 229 kB (228987 bytes)
Hash d56f69f591501c51a51bb8f94f3df073
589e46d312d0fec6ff6d8dcd3295850f36c52ce3
58020f939aafcc326a509ea78fff8dae140989c84eb68d873da58198cf116b2b
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/apstag.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 228987
Last-Modified: Thu, 30 Mar 2023 08:23:40 GMT
Connection: keep-alive
ETag: "6425470c-37e7b"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6674c1bff1cd533fa4a8992632d6d4e3
a2ca2162800e1401ac9a13d854faaa022997d823
c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6674c1bff1cd533fa4a8992632d6d4e3
a2ca2162800e1401ac9a13d854faaa022997d823
c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=myonlinehbsc.com
142.250.74.2200 OK 42 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=myonlinehbsc.com
IP 142.250.74.2:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ecd5158a268aa47b10e5b6d9c3efd0f6
4a3bd4750d397575aa69df7ab5fe1820a064dd82
641f44b4dd787347cdd39f41ffad8a010e572baeb5fdd5e9337942f802952a7a
GET /pagead/ppub_config?ippd=myonlinehbsc.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://myonlinehbsc.com
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Thu, 30 Mar 2023 14:24:40 GMT
expires: Thu, 30 Mar 2023 14:24:40 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Mar-2023 14:39:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2023032701.js
142.250.74.2200 OK 138 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023032701.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (65395)
Size 138 kB (137718 bytes)
Hash 76223e2f2558642fc086c686fbd366fc
4d5288c8d27055e122cc0968fa1068efce8239a6
b96d67469cc5fa60002efec702f07e13c6551b52251617587e5b8e5cb07c58e3
GET /gpt/pubads_impl_2023032701.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 137718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 10:34:29 GMT
expires: Tue, 26 Mar 2024 10:34:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 27 Mar 2023 08:39:41 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 273011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6674c1bff1cd533fa4a8992632d6d4e3
a2ca2162800e1401ac9a13d854faaa022997d823
c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 14:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.adthrive.com/builds/core/6d3cdaf/es2018/js/adthrive.min.js?deployment=2023-03-29-5:adm-503:pr3104:6d3cdaf&experiments=rubiconFloors,recencyFrequency,ttdSync&siteid=5316a872208f222c05b9a55c
54.230.111.26200 OK 144 kB URL HTTP/2 ads.adthrive.com/builds/core/6d3cdaf/es2018/js/adthrive.min.js?deployment=2023-03-29-5:adm-503:pr3104:6d3cdaf&experiments=rubiconFloors,recencyFrequency,ttdSync&siteid=5316a872208f222c05b9a55c
IP 54.230.111.26:0
File type ASCII text, with very long lines (54005)
Size 144 kB (144260 bytes)
Hash c109df4a2e015d4b1c47283a49b51f30
d582c559b0917549c01ce2dacab35a2073df690c
bdca7b5f37813bde0fe3fab9a341ad2ed060e8297a70f6df4d3f424290a1d1fc
GET /builds/core/6d3cdaf/es2018/js/adthrive.min.js?deployment=2023-03-29-5:adm-503:pr3104:6d3cdaf&experiments=rubiconFloors,recencyFrequency,ttdSync&siteid=5316a872208f222c05b9a55c HTTP/1.1
Host: ads.adthrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 144260
server: CloudFront
date: Thu, 30 Mar 2023 00:02:44 GMT
cache-control: max-age=3600, s-maxage=86400
content-encoding: gzip
etag: "9744070ce5a76562b28c16e66be063b0"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: muL8UYEWV9LxxqASWDLofjy5HwOa6ox8MdYCeC46PxxsT4OL3X1F6w==
age: 51716
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash a5833c0e606b9639652024c85182fb96
5dccf45f4a95c6b4d4105f3e46d1ff938c69e48f
912841d8f40709fecd58867d81aa67409176f3e659b6feba5f59dd1f5116669a
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 14:24:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 03 Apr 2023 13:03:39 GMT
ETag: "5dccf45f4a95c6b4d4105f3e46d1ff938c69e48f"
Last-Modified: Thu, 30 Mar 2023 13:03:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2486
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b01047c49fc0b61-OSL
match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
35.71.131.137200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
IP 35.71.131.137:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 257530c62b87484a082be76b1f26802a
4d956596f16014bad75607523ea3935844877f1a
dc994ef55118435efc96328b81850aaf72c73cdae9e958330902a0a5a690ab4c
GET /track/rid?ttd_pid=iowij76&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://myonlinehbsc.com
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 30 Mar 2023 14:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sat, 29 Apr 2023 14:24:40 GMT
vary: Origin
access-control-allow-origin: https://myonlinehbsc.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
143.204.55.15200 OK 166 kB URL HTTP/2 gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
IP 143.204.55.15:0
Size 166 kB (165849 bytes)
Hash 35e24e9223cd310bb11b1e95cdb4d1ea
b9649a41977832b2d874c6c5746ebf864622e7e6
d083d1ea2f3a8b159ade54e67e754c886c868de7f8cf709ce6ec7d37b36bcfe9
GET /gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js HTTP/1.1
Host: gdpr-wrapper.privacymanager.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Feb 2023 17:28:20 GMT
x-amz-server-side-encryption: AES256
content-disposition: attachment; filename="gdpr-liveramp.js"
x-amz-version-id: P6mcTbH3AbQ5nSmtkgKzvgiCl0ckk9OZ
server: AmazonS3
content-encoding: gzip
date: Thu, 30 Mar 2023 01:35:33 GMT
etag: W/"ca89d16eb5fb36b52b48d491c632cd68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rqq6tpltyxTvkset_iIBpP00NpF1IXZhq3R7hfjhAWaov51SmfXWug==
age: 46153
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4139
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 14:24:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4139
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 14:24:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4139
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 14:24:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4139
Expires: Thu, 30 Mar 2023 15:33:39 GMT
Date: Thu, 30 Mar 2023 14:24:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 6lKfWQ4mVZdKDpPhp9KzllP2eyH03CsFufQxXVTUZ1s1t1gQs1OUFA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
age: 59990
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
143.204.55.15200 OK 0 B URL HTTP/2 gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
IP 143.204.55.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json HTTP/1.1
Host: gdpr-wrapper.privacymanager.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://myonlinehbsc.com/
Origin: https://myonlinehbsc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Mar 2023 01:05:16 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HjlUpH25TwNoVMv6h6HyjVAD1MVdV14YLn-b1y6Q05MjoJ3ULKbDvQ==
age: 47965
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 00:11:11 GMT
age: 51209
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2021c271f9290204bd14cd2a3a1680fc
39b68cbcaba381d63dc67bc289fb67c849adb9ff
a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4549
x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoBHFFoAMFx5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: kbG1Llnn0Elhz5ItoJyufkUgoB5FhmvLpk2oQox2HPnSHeBfCOuXXw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
age: 59990
etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c71571a378e261334e5acb723634ab
f1234c280364b6fe1dcf9c6c64edadc235108c4b
97544d600ab1ae204b169c3b7ba2a74df689b6c711a003d72f0934165d8a3e25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5395
x-amzn-requestid: ff3218dc-8754-4568-8e42-0885cb7e5d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA0BFYNoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7f-127129cf3776a60c333d205c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ayBzSVUrRznKMPzI1JYvj1ikLo-arbVQUxdEZDM7KYHWyL2cwT10tA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:45:03 GMT
etag: "f1234c280364b6fe1dcf9c6c64edadc235108c4b"
content-type: image/jpeg
age: 59977
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db24198518d1a093c5c03e92e53925a2
288898a60e0a029946e7d770d2b0c64b6f3bf51d
4a15da439fa1a3ccdd3d329f250bacaab581287183293c4e367b05c2a83eb66d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f7d2537-a0a5-4a19-9229-144648b886b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12233
x-amzn-requestid: 781fd422-c720-49d7-bc90-6f8b18751caf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAynHgNoAMFvCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-5327bf334c985816289507b9;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: xT4yOqmmDOGyZ-ef--AYRxpuzlFou0jf8p4BWB4qUCDXR1VStct5DA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:44:50 GMT
etag: "288898a60e0a029946e7d770d2b0c64b6f3bf51d"
content-type: image/jpeg
age: 59990
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d109c71a6d804ac43ede46ac74f2065
251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4
de2d781c75abb41ea14c0f4c072df0977562d824d81b5f4ca28c4f635067a17b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d49d0d0-9e52-48d9-a854-20f49ed18a99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11118
x-amzn-requestid: 71508920-b2d8-446d-a498-8bf8708af974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA4qHrpoAMF-0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae9d-5191b68a4c7f1ee042a05583;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3JIDZJcepJFwPc0anfKz5OO8LZY3cFMI4oljiaft8jBgltzp2iYJiA==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:50:13 GMT
age: 59667
etag: "251d3e3e3eadee46258a4ad9d33d5e9e83aa63b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
143.204.55.15200 OK 0 B URL HTTP/2 gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
IP 143.204.55.15:0
GET /gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json HTTP/1.1
Host: gdpr-wrapper.privacymanager.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlinehbsc.com/
Content-Type: application/json
Origin: https://myonlinehbsc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-replication-status: COMPLETED
last-modified: Mon, 27 Mar 2023 17:44:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 0648PXWzmERuo8wcWp3Vp2zhrKINt8Be
server: AmazonS3
content-encoding: gzip
date: Thu, 30 Mar 2023 13:57:43 GMT
cache-control: must-revalidate,public,max-age=3600
etag: W/"b08b6c6a4564c5c77b6cd8c5ace36099"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l4le-y4zRYK_vg86Y3MXj1zdufsJ2-WklJDmVw_NECpAkArxNK4UkA==
age: 1623
X-Firefox-Spdy: h2
ads.adthrive.com/builds/core/6d3cdaf/vendor/prebid/es2018/prebid.min.js
54.230.111.26200 OK 0 B URL HTTP/2 ads.adthrive.com/builds/core/6d3cdaf/vendor/prebid/es2018/prebid.min.js
IP 54.230.111.26:0
GET /builds/core/6d3cdaf/vendor/prebid/es2018/prebid.min.js HTTP/1.1
Host: ads.adthrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 29 Mar 2023 18:18:44 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: O12Py.bVDwp5lZwrVWoiLWXs.uyo4FWK
server: AmazonS3
content-encoding: br
date: Thu, 30 Mar 2023 14:09:25 GMT
cache-control: max-age=86400
etag: W/"9f3b3fcb7d4d999ac77f60d650bce9f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tBIREWkU2n9UH8EbRLELyvMuZevF091k7I9w5mj_EAwMx0JdaBWExw==
age: 1374
X-Firefox-Spdy: h2
ads.adthrive.com/api/v1/marmalade?siteid=5316a872208f222c05b9a55c&url=https%3A%2F%2Fmyonlinehbsc.com%2F&experiments=rubiconFloors,recencyFrequency,ttdSync
54.230.111.26200 OK 0 B URL HTTP/2 ads.adthrive.com/api/v1/marmalade?siteid=5316a872208f222c05b9a55c&url=https%3A%2F%2Fmyonlinehbsc.com%2F&experiments=rubiconFloors,recencyFrequency,ttdSync
IP 54.230.111.26:0
GET /api/v1/marmalade?siteid=5316a872208f222c05b9a55c&url=https%3A%2F%2Fmyonlinehbsc.com%2F&experiments=rubiconFloors,recencyFrequency,ttdSync HTTP/1.1
Host: ads.adthrive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myonlinehbsc.com/
Origin: https://myonlinehbsc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 30 Mar 2023 10:18:01 GMT
x-amzn-requestid: 4adfd69f-8a11-446a-bf29-7a1b405df4be
access-control-allow-origin: *
adthrive-is-chrome: 0
x-amz-apigw-id: Clw6CHIgoAMFzbg=
access-control-allow-methods: GET
adthrive-is-ios: 0
x-amzn-trace-id: Root=1-642561d9-7993b8f9139da7ff6b41f7a8;Sampled=0
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XB2IOjqtoRm7sGf4mo9B_kfc5jMP2LfPwSv_zAAxdFwU9u5xeufdMA==
age: 14799
X-Firefox-Spdy: h2
myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/config.js.download
170.187.148.56200 OK 0 B URL HTTP/1.1 myonlinehbsc.com/Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/config.js.download
IP 170.187.148.56:0
Analyzer Verdict Alert openphish HSBC Bank
fortinet Phishing
GET /Minimalist%20Baker%20-%20Simple%20Recipes%20That%20Make%20You%20Feel%20Good_files/config.js.download HTTP/1.1
Host: myonlinehbsc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myonlinehbsc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 30 Mar 2023 14:24:39 GMT
Content-Type: application/octet-stream
Content-Length: 226110
Last-Modified: Thu, 30 Mar 2023 08:23:49 GMT
Connection: keep-alive
ETag: "64254715-3733e"
Accept-Ranges: bytes