r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5615
Expires: Fri, 06 Jan 2023 20:24:36 GMT
Date: Fri, 06 Jan 2023 18:51:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4593
Expires: Fri, 06 Jan 2023 20:07:34 GMT
Date: Fri, 06 Jan 2023 18:51:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 18:41:22 GMT
content-type: application/json
age: 579
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5219
Expires: Fri, 06 Jan 2023 20:18:00 GMT
Date: Fri, 06 Jan 2023 18:51:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gCgPYulURT63DjNiAV93Jl7hS2MpoAKWgQvwHarjTOxk4uXWp86HSOv6D8vBQ8SHGOfpxkXeg+A=
x-amz-request-id: 20QB93KEVTV1RTSH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 18:00:05 GMT
age: 3056
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 18:51:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rebeccasokol.com/vystarcudisputetransfernow
69.12.70.94301 Moved Permanently 260 B URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85c728f9d3b6036e182292d77795f165
5aa4a2f7ece78d2ce4df347c34001ed5ad12809c
00cf4120abd43c8c2f82239b2af32e89886e15a11e28c32f1d554c76f4ada1bc
Analyzer Verdict Alert openphish VyStar Credit Union
fortinet Phishing
GET /vystarcudisputetransfernow HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Fri, 06 Jan 2023 18:51:00 GMT
Server: Apache
Location: https://rebeccasokol.com/vystarcudisputetransfernow/
Content-Length: 260
Connection: close
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 18:08:12 GMT
age: 2570
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1625
Cache-Control: max-age=139371
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 18:51:02 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 09:33:53 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AE2vsi8sCCyzW03JdHXejQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mhfZJj//GE/9NpYSZEBKe36HPsE=
rebeccasokol.com/vystarcudisputetransfernow/
69.12.70.94200 OK 27 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type HTML document, ASCII text, with very long lines (27367), with CRLF line terminators
Hash 5d68e75a3d484d21d816b253fdd6875c
037d4862c2b3df7dea478ea7c85d95b329d3e55a
c6973dd03755878df2e9e95e4d1b1df72522bed348c9d82a305b769cb17a56f7
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
openphish VyStar Credit Union
fortinet Phishing
GET /vystarcudisputetransfernow/ HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:00 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2404
Cache-Control: max-age=117486
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 18:51:02 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 03:29:08 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.42200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rebeccasokol.com
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 18:51:02 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CKb34Z0GEocBCiQ2MWY2Yzc5ZC0wOGYwLTRkZjMtOWVmMC05OGIzZjYyZmEyMmEQ+OiCoKvU+wIaBgiW2+GdBiIMOTEuOTAuNDIuMTU0KLCPAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkYzBkYjNkNmYtOGYyMi00MjFkLTljMmEtMDU3NjJkYzU0MWZkGOa7ASIYCAISFGNkczIzMC5zazEuaHdjZG4ubmV0.uEbdhGWmtI+xom+xsAJ62vl6Ip1EzQyLs9PyfrAhzI0=
x-hw: 1673031062.dop024.sk1.t,1673031062.cds213.sk1.hn,1673031062.cds230.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 18:51:02 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CKb34Z0GEocBCiQ5MmE5ZGMxMi02NjI0LTQ1YTAtOWUxMy0yOTZhMGIxNTBmOTYQ+OiCoKvU+wIaBgiW2+GdBiIMOTEuOTAuNDIuMTU0KLjJAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkYmRhMWFhZDQtODZmYS00ZDA2LWIxNmQtZDRiYzJlY2VlNTRiGK3rASIYCAISFGNkczIyMi5zazEuaHdjZG4ubmV0.uPOycGknmCpenrQHLHLcN4VQvZNRHLegCftf7mR/MUo=
x-hw: 1673031062.dop222.sk1.t,1673031062.cds254.sk1.hn,1673031062.cds222.sk1.c
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rebeccasokol.com
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 18:51:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1256263
expires: Wed, 27 Dec 2023 18:51:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VoN1Mr2PYgfL3D7%2FEMIYVfSpt0zbS7ppcJMA8IaHxMIw84zJ2%2F6VWulZEiF86EaXqHgGu%2BuO1CwQ3KZFWWZCNSD%2Fl35QP2DwdJAjWg%2B2gJy39sc5GO4kdTlChBp6GUJQRrIJcuA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7856a48f3d0cb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.25.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.25.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 18:51:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6836177
expires: Wed, 27 Dec 2023 18:51:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGjkGxoKOqACWv6acqcXzsKarYzAfng0r3KiZ0LzUhhFaO0mbv2BHxecFga%2BsZRQ2Uw7Alv3WVtmX7lc7VQ0r6JA2zclP84MV%2BE7v08amoUeQuSP4uULjKFipOdrBSxyQM1vp030"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7856a48f3c37b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 26032557
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 06 Jan 2023 18:51:02 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2404
Cache-Control: max-age=117486
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 18:51:02 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 03:29:08 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/style.vs.touch.css
69.12.70.94200 OK 12 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/style.vs.touch.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with CRLF line terminators
Hash 3a8becffddd35b3051d89f7d14a6a7c7
d7244d73e3bf5cf6e28d02fd175ede01343cdf52
a70a4d0bfd0a8988b9d08bed14df0f4d677ad51528ab29360d4e6bb5d92f35e5
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/style.vs.touch.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:01 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 11911
Connection: close
Content-Type: text/css
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/media.vs.touch.css
69.12.70.94200 OK 17 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/media.vs.touch.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ISO-8859 text, with CRLF line terminators
Hash 3a765b844b2f54e62cd2cc6cfd03db9a
53eda5a148eb0dbadb13cfb56a1f0461302b5f8d
abea569c3549f575ff502e67d075fdffbd41aa155f8af51151dece87decf5663
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/media.vs.touch.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:01 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 16841
Connection: close
Content-Type: text/css
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/Registration.min.css
69.12.70.94200 OK 16 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/Registration.min.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (15894), with no line terminators
Hash 63e7731e48e06126b1845ed029a31e18
fb2d048bac07865c4b31c27b10ba3316a4b04872
b8821d0c4a27f5eb55cfa979f26458415d4085afc6df206187ddae11c1fb2be4
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/Registration.min.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:01 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 15894
Connection: close
Content-Type: text/css
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/Themeroller.min.css
69.12.70.94200 OK 49 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/Themeroller.min.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (48788), with no line terminators
Hash e052ae43f565e1e9febcc4646baadd13
a0be0bcd0f335e24d33c2ccf8fc13d27b7bf582e
b8cdf99c02757f915e96cb785f69a3648d73b1cc94172adbef77b53426a77e76
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/Themeroller.min.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:01 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 48788
Connection: close
Content-Type: text/css
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/jQueryMobile.min.css
69.12.70.94200 OK 71 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/jQueryMobile.min.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (65536), with no line terminators
Hash c3ece19465379f824c7a7087a7746872
b5b1fa47200c640e0b6ad22d47fe78ec5b3eefd1
5a4292ebe3e46290be3781bfb4df6f24d779a10b8bf6f9f60325cad67d5d6418
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/jQueryMobile.min.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:01 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 70617
Connection: close
Content-Type: text/css
rebeccasokol.com/vystarcudisputetransfernow/Theme/web/resources/files/style.css
69.12.70.94200 OK 414 B URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/Theme/web/resources/files/style.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with CRLF line terminators
Hash f9653fbeecf34b04791fee59eb3e253b
fcbbad7c6616682a22a9d0de09d715c61cb17722
7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/Theme/web/resources/files/style.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 22:01:14 GMT
Accept-Ranges: bytes
Content-Length: 414
Connection: close
Content-Type: text/css
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/Core.min.css
69.12.70.94200 OK 67 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/Core.min.css
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with very long lines (647), with CRLF line terminators
Hash c1ef92b477dd10edc75f106e8b2f6598
be418674288d1ee97bb42b87834615e812838f59
039e134b9f856d3f76a929df28a71c68724535d39243a31568a1fa886af29d4f
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/Core.min.css HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:01 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 67255
Connection: close
Content-Type: text/css
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Fri, 06 Jan 2023 20:26:18 GMT
Date: Fri, 06 Jan 2023 18:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Fri, 06 Jan 2023 20:26:18 GMT
Date: Fri, 06 Jan 2023 18:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Fri, 06 Jan 2023 20:26:18 GMT
Date: Fri, 06 Jan 2023 18:51:03 GMT
Connection: keep-alive
rebeccasokol.com/vystarcudisputetransfernow/Theme/web/resources/files/actions.js
69.12.70.94200 OK 1.3 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/Theme/web/resources/files/actions.js
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type ASCII text, with CRLF line terminators
Hash baef84e203e58801d16d5d460360570e
fc4e9a602bdb59fc7056cb6e53686ad6a992774e
8bcecbd1eeb6e999bc9583d1e35c12a74d044dba44ee22e185e138f05ca05414
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
fortinet Phishing
GET /vystarcudisputetransfernow/Theme/web/resources/files/actions.js HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 21:48:10 GMT
Accept-Ranges: bytes
Content-Length: 1291
Connection: close
Content-Type: application/javascript
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5715
Expires: Fri, 06 Jan 2023 20:26:18 GMT
Date: Fri, 06 Jan 2023 18:51:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: dfac0548-1ee6-4eb6-8fb6-4be00f9cf601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlO6Hc_IAMFT0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e8c5-4459ff7b3622ddff7dc3e3ff;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:12:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: P31AbiVmWqCAQfjCxt7iXE3RtDtZHNiXtBXcjBWKR_u-U_sHT1ZvTg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 15:17:05 GMT
age: 12838
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XRsEwpela3bYpgBLNQxwiFzDcHzfFiXWmAEAl1jvIb1ustFu2lJdaA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:00:17 GMT
age: 75046
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49cab8228badce0317f63284420a2a06
94abc863dc8ac54c9ab9e57a791b404a8a09729e
399c22a3adea805a2fa373f6a85d842f47798088593803b6b38034f942e092af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: ae2b861d-87b8-4913-853a-64c76f410bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNLADE-ZoAMFttw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b52533-6e5412c92f70fbd12a893047;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 78YflWiepSLgVw3s7rsefJd1FkwKcScpFt2tIHNaBjbpF3ZQmxT9Zw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:48:09 GMT
age: 39774
etag: "94abc863dc8ac54c9ab9e57a791b404a8a09729e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 40661
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d256d063b2698bb9d915589a2c79fbce
d7c083857e9512ad3ecb3bbaf285409926473ceb
d4e5f901f62fa98b525fc1ecbe187032fd2d0e112c6f1b9534b742b2d6c05b08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 75862
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 884498828be14529bda4485a38b033c3
9443f22559b64c5861bbc50d0980dad8da158352
c48b1203e6b6e9468dc9a07934709f5ec2ba064fb2c9dd97f6cdc0e452a7dd77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6268
x-amzn-requestid: 3674eb24-1902-4722-8ea0-63b5fb36b41e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdsIEtbIAMFYsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7431a-1e840ef57d3fa7ab2362f37c;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jSI7UFknz6hbv5lG44ZUvaRg2ekHMRdi4NaLtpDGbpNrolofHvqbAQ==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 75862
etag: "9443f22559b64c5861bbc50d0980dad8da158352"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/logo.png
69.12.70.94200 OK 8.8 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/logo.png
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 119 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f5517ad9533c792860b5b409353b568
41b7c12ab0cedefbbd2e3987c5880e86638aecb6
2fcf8c434487b487fe936839597f007f0faacc245ec28b957d2d1a81bb3d2110
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/logo.png HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 8802
Connection: close
Content-Type: image/png
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/icons-18-white.png
69.12.70.94200 OK 2.0 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/icons-18-white.png
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 864 x 18, 8-bit colormap, non-interlaced\012- data
Hash bcc3797b5ee26595de904538fe84e289
1681b2ccde37bab8f1597549586f5811b349e168
adf87a014a01854adce433560ffeb164570052b9c0b50f38915f8338d93cd5ba
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/icons-18-white.png HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/media.vs.touch.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 1988
Connection: close
Content-Type: image/png
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/background.png
69.12.70.94200 OK 8.4 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/background.png
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 11a3457715c18bc1a6de9fc14a3e6616
d66dbe91d78a948808eb160bad8977d5b20d7c98
b2f19a4b552759f7ddd45909282d10114774d7de767afc01f7a85ce6a499b016
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/background.png HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/media.vs.touch.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 8360
Connection: close
Content-Type: image/png
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/icons-36-white.png
69.12.70.94200 OK 3.9 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/icons-36-white.png
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 1728 x 36, 8-bit colormap, non-interlaced\012- data
Hash cbda6a0e1afde69875c104f6e809f1b1
c0ca6bb921a3b169c2f1b677068e2fbb59f2ec95
ebed7c7172e03719d0e21b48f6ebc5e54344edb8c3543c25cb06b99b5475d434
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/icons-36-white.png HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/media.vs.touch.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 3861
Connection: close
Content-Type: image/png
rebeccasokol.com/vystarcudisputetransfernow/Theme/web/resources/files/loading.gif
69.12.70.94200 OK 39 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/Theme/web/resources/files/loading.gif
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type GIF image data, version 89a, 200 x 200\012- data
Hash d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/Theme/web/resources/files/loading.gif HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:02 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2018 20:03:52 GMT
Accept-Ranges: bytes
Content-Length: 38636
Connection: close
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9d89c09806367113c282466b0c6d22a
b4e42ba67c8933652177fc04d1a1af40a5294a94
fa482ec069537a682641d94f625591f23b4fec1b2815e0a1b8b3fea64816b71e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5967
Cache-Control: max-age=115669
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 18:51:04 GMT
Etag: "63b7771e-1d7"
Expires: Sun, 08 Jan 2023 02:58:53 GMT
Last-Modified: Fri, 06 Jan 2023 01:19:26 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 773ee18f60cb96fc54f137b9317441a6
0794c6a482d3be439eb70a9881b9f881d32a68bc
e5624de16b7a7856af2a82cab81c2fd4e0f6ac45cf33173945260b8245694e6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=117948
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 18:51:04 GMT
Etag: "63b79754-1d7"
Expires: Sun, 08 Jan 2023 03:36:52 GMT
Last-Modified: Fri, 06 Jan 2023 03:36:52 GMT
Server: nginx
Content-Length: 471
rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/bookmark-icon-57.png
69.12.70.94200 OK 5.9 kB URL HTTP/1.1 rebeccasokol.com/vystarcudisputetransfernow/App/login/resource/return/bookmark-icon-57.png
IP 69.12.70.94:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b3e1280844d2f1363073d802c289c9d
fe2a43f721355787ab4bf42c49c75b959a65b238
b3651af7154b4fb915bba4b8fec1d40385004234612dee497f26ed83ce9206ef
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /vystarcudisputetransfernow/App/login/resource/return/bookmark-icon-57.png HTTP/1.1
Host: rebeccasokol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/vystarcudisputetransfernow/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 18:51:03 GMT
Server: Apache
Last-Modified: Tue, 05 Apr 2022 18:28:42 GMT
Accept-Ranges: bytes
Content-Length: 5891
Connection: close
Content-Type: image/png
mobile.vystarcu.org/m/Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png
107.162.141.229302 Redirect 212 B URL HTTP/1.1 mobile.vystarcu.org/m/Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png
IP 107.162.141.229:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 13c90fa62ee289d750db9f5f41840cc4
b667db6bea80c1c9d13df22241b98e3fb70857a6
6e8a1307a2354e8ef4177f152633dfafc064b243e75a4c5b4b9af4d7b39b55f0
Analyzer Verdict Alert urlquery phishing Phishing - VyStar Credit Union
urlquery phishing Phishing - VyStar Credit Union
GET /m/Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png HTTP/1.1
Host: mobile.vystarcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://vystarcu.org/Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Fri, 06 Jan 2023 18:51:04 GMT
Content-Length: 212
Via: 1.1 lon1-bit34
Set-Cookie: TS01d4e29a=01cea3cb301f843802d8dc356d0096614b9cb5d884e0bdf623b2fb73e3af025485cdf552005a5cfb4cc76c3d71e81adbaa9a384dc0; Path=/; Secure; HTTPOnly
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c51e51d0dcd11ac590d25fa0be185669
50b9a4a6800cb218215582e707a12bccd9dbff66
fe25488e2dc380471b3db7c8b081c7890476bbb1ed3167f18d66d0f00c3f16ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99563
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 18:51:05 GMT
Etag: "63b74f84-1d7"
Expires: Sat, 07 Jan 2023 22:30:28 GMT
Last-Modified: Thu, 05 Jan 2023 22:30:28 GMT
Server: nginx
Content-Length: 471
vystarcu.org/Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png
66.22.13.65200 OK 0 B URL HTTP/2 vystarcu.org/Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png
IP 66.22.13.65:0
ASN #25773 RADWARE-CLOUD-SERVICES
GET /Media/Default/19/VS.Touch/Content/Media/Images/bookmark-icon-114.png HTTP/1.1
Host: vystarcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rebeccasokol.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Fri, 06 Jan 2023 18:51:04 GMT
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' *.vystarcu.org;
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rebeccasokol.com
Connection: keep-alive
Referer: https://rebeccasokol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 18:51:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 11/15/2022 10:39:35
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: fafb31944e41131c1e8292573a9bc432
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7856a48f4c220b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2