r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12456
Expires: Wed, 07 Dec 2022 20:24:38 GMT
Date: Wed, 07 Dec 2022 16:57:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2630c6482aef4e822d6634e417f65ab6
6bd1264568eb9647d1665e51521b3bfc15d4df4a
e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15183
Expires: Wed, 07 Dec 2022 21:10:05 GMT
Date: Wed, 07 Dec 2022 16:57:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10299
Expires: Wed, 07 Dec 2022 19:48:41 GMT
Date: Wed, 07 Dec 2022 16:57:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 16:08:04 GMT
content-type: application/json
age: 2938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: au4bNREofnLj1s1BAV8MX4GM5ciXMjM1GCkOag1OMi0NHfnBR64wKpPL+jlmk609BnRTyazbew0=
x-amz-request-id: F7A6WR7SA60TK7JJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 16:49:26 GMT
age: 456
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
104.21.33.24200 OK 5.3 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
IP 104.21.33.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (343), with CRLF line terminators
Hash fffb8c54a508859595093a7b8086e5db
cf558abcd17798e02fd4a09469fc40fe0d6f752b
41becac4d7244ad2cab23a26e8261c1942d3efbf1d391c9b97e53e4b8393065c
GET /navyFederal/Sigin-in/NFOAA_Auth/login.php HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9q%2BpCRZjRIUh7L2VVL1W8QIMzLJvujlLq5KcvoN4tu80XCd7DTH46anYVbSB87lRZYtC6ontgk3ux%2FaDiAxcFXwW2M3GIBQ1t5r%2BhurlGcS5wgJXnpZx2p7Unhe7POUld%2FCqu2R9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4d086bb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:57:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
142.250.74.74200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
IP 142.250.74.74:0
Hash 42c7ddace2350d92fda9863c9fefdc59
bf7aa572e9803670a7cdf10ef01925bce3ec5586
eb6eecb692c04888d69656425e47180305003b6dc26d31bebe93f8c20bc52f6e
GET /css?family=Source+Sans+Pro:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 16:57:02 GMT
date: Wed, 07 Dec 2022 16:57:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/nfcu-icons-599150400912c8247ee1872211972b2a.css
104.21.33.24200 OK 1.9 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/nfcu-icons-599150400912c8247ee1872211972b2a.css
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash 2c0fffafefc07fec89a065c580adedd0
98bbb50ac159a042ee480874fb5757de1acb0b51
f570730bb1bae4ac95abb796b0927c2964a99c1c6f50b0d9408669ff633344ac
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/css/nfcu-icons-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:02 GMT
Content-Type: text/css
Content-Length: 1887
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:54 GMT
ETag: "27eb-5ef11298e3f80-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by%2F4sp9Zq2VPOAzhVz3AmVUVQ7bqRoFrOkDHux4yCozUzzYsuCSNGZuYagd64sX51K4SLVXR%2F1VfcAOS%2FOYFpUDQdIIZtBWY3lkNOCnGv2%2BgxS6zBx7ew7TI0DRG1%2BEEUUZX6Y7ZZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4fbc0db521-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/all-599150400912c8247ee1872211972b2a.css
104.21.33.24200 OK 11 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/all-599150400912c8247ee1872211972b2a.css
IP 104.21.33.24:0
File type ASCII text, with very long lines (50215), with CRLF line terminators
Hash 2649b2d2742717d8a671a086c9b1ee36
4f2cc013f6b8853c5901b3b475e5e75386de3951
09d63432c2fcc146e481958667687fe184ab850596053731cee9e845773817fb
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/css/all-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:02 GMT
Content-Type: text/css
Content-Length: 11020
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:53 GMT
ETag: "c4e4-5ef112988d0e0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UpnkXdVQfNHwEKdO12aKtZiZf2n1VrUPX42j0%2FFH19k1D3kJoLYWBUiX6JtBqFlc1Mi8301FkceQqTNTV3fxfV4xQOHKPOao8ZP89j2faxwg%2B7Y1Xp4l8ZSImAh%2BD5P2YxhUWLHLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4fb9f8b511-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/nauth-599150400912c8247ee1872211972b2a.css
104.21.33.24200 OK 1.3 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/nauth-599150400912c8247ee1872211972b2a.css
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash 798605650e5e2901a56b6e2a03283fd3
b0af61971ce50e4f2abf3cc9aec4a5f1a5606460
a7b4cc299499a198de23b57ad5758b7dd462b911c595501c1275ac5d6429c9a8
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/css/nauth-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/css
Content-Length: 1334
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:53 GMT
ETag: "1208-5ef1129876980-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSwTYe0foSzD7JHDIxpTZdd3EJzJC4wGlpVGdt8JlP0VSa6xdnVh250T6BemowhnsKd8FWAmbD%2FcEL%2BD8wfNpnZMf%2BAdyzB8UUsuIvwotGDQD%2Bew3xDxbclDsO8ACE4oRHh2UlemfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4fbcf5b505-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1468
Cache-Control: max-age=118009
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:03 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 01:43:52 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 16:07:55 GMT
age: 2948
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
104.88.20.141200 OK 76 kB URL HTTP/1.1 my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
IP 104.88.20.141:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5cf20c2d914939f0d2e7e12fa91f777d
29e375db191026973ca979d46bcaff2b165cef2f
f58e093bc623c37323179d5e6a862898b300479a5a6f56b826ab7b19c123333f
GET /iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 31 Oct 2022 15:58:55 GMT
ETag: "93eab3a0bb65580813c7bd658963fe649b396249081ec8ae963c7388b973964b"
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 76003
Date: Wed, 07 Dec 2022 16:57:03 GMT
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c; path=/; Secure; SameSite=None; Domain=.navyfederal.org
_abck=9D566E45727F818410D4643AC8168A32~-1~YAAQPDIQYPYPIXqEAQAANe+E7QnxwDVekVQp7Xj/AXJ5ML2BK/bgwGmYetx72zyloZCEVEXOqONDrENwUyehhLUmVs7sSlDM2W2G8mTgAb8lKkAMDRUb4pfVsFMfdAXEvffjb83wfFk9swmPBCpwORQoHW01NuMxoC2qdwVFNLeIuls5C4PqlYXEeHGiDNdcMoZJ8GWd60sR9yZXa/8u46MwXhJ1JLZE5xtVDAqJUrhTmaZNiPT0qqoZ6FO8x/sAUFDb3KVr72qhER/vn0z9b6SQvY+35BE+MPW0idgwQ3k1XWOOfrj/Voj9EkdZQqXefBAqJKfbiSCXhl150XK5JHMfQEn2ELahtr192bOY20sAruKi6eM7N8GwyUlDGgpBPFU=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Thu, 07 Dec 2023 16:57:03 GMT; Max-Age=31536000; Secure
bm_sz=084F064D35B577FAB47DF9CC9B4CC0AE~YAAQPDIQYPcPIXqEAQAANe+E7RIqEWsCKXSPofKtm9jtPv1sG0OpIYmiWmCP6vugaJJGXOgU0nWtvXeQMAmu+tMKrTCyjyrkTMQJyGaNUlPafaRCbduUMbkZva7IVDVJlk9y+PS5vGEQgnRTYnOT3R8iHySMAaTP5nh2Kzy2jaoEG7hRq0HMhJc277qruwza4kC8du5KWLo912z7c775nYMZPeNU2F/Lz4OWy7sSeKG7PtHxkSXlWdm+lEadVzWEC57cAC1ICeOADz3sSOPQitPX2BK1j6mFzHwuP9YhNLBPU9ofd8AC6w==~3422019~3422275; Domain=.navyfederal.org; Path=/; Expires=Wed, 07 Dec 2022 20:57:03 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000
verificationspro.com/navyFederal/web.navyfederal.org/js/s_code.js
104.21.33.24200 OK 18 kB URL HTTP/1.1 verificationspro.com/navyFederal/web.navyfederal.org/js/s_code.js
IP 104.21.33.24:0
File type ASCII text, with very long lines (954)
Hash 8073fbfffcb41d0252267235a80fdb54
fbefd46f934e7f59505918492f2cd8c12592fcc4
5b331cb244c636a6f0a68341e806509dcf1910c3c182e8a36ce4964f2ad0150b
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/web.navyfederal.org/js/s_code.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 17955
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:52 GMT
ETag: "b8fe-5ef11296cbd60-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFiVAsPjyy%2BYtNdVr0fVGZ20sG8h1v052ouGbo3xCt4CqpV9xyHFdmJlUKEbmC7IYQ2GxH34vUhqVpZPIPlieH%2FSzQ%2BCdqvMO7NHLIU4QxsljNlxFCpVIgWgo4lqO895waaA8OGfMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4fccb6b51b-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
104.21.33.24200 OK 22 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
IP 104.21.33.24:0
File type assembler source, ASCII text, with very long lines (388), with CRLF line terminators
Hash 15e0c2e4e3cab7ee527e62c4feb5928d
2f2324bcb30520d4f1fa76dbf6427505739b5beb
1b5a0009ded91f50a1d4a718b9279f63c7d4454894c271863da869e80bfc4a73
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/css
Content-Length: 21856
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:54 GMT
ETag: "21ce9-5ef11298cf760-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohUOpjeXRBx%2Fs0IZeoueKFzgVyVcksunczQEjntxQTFaua1QptMKXS8BXMvuAucQ3dAuxhnjbfawrwcsWbKHVA6bfHrNwmzU%2BeBxX5coSK6HHuRn7owG9gXjFmGjE0SWWhHc90OyRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4fbb35b523-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/common-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 2.5 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/common-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash f8614888610451b1c4e0016a05a902ac
65d030323066210a93b2a153d83cdc03f2c8cfc6
d553e5b5f1e9a999e7bc8625785507c7c311d753aede3acb53fcbe2425af0cfd
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/common-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 2498
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "1d3c-5ef1129cbf460-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAYelAWq7t1G3ezbW1O1g5r8RA%2BwLjF2hO0yQWyTqLmsdO%2FLTw7mOADQyhptyRNZbiJFwVKPequ9Q3e3a5AhXeby53HAVcLI7bFP%2BJb2Vnzku8c5%2BNM2PYa8CPKwfX6xIXd%2FXQlFVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc51bedcb521-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 1.5 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash 1a86176f2c88833e9dabbbbe766f8409
0259c57051d9c6089f63ed9af045e2c118dade2d
477353a4077e7f95aba065cb6d0bf868ed2f3af4a56c407bb6eeb4eb079c53cf
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 1546
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "132c-5ef1129d52bc0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZgOnCaFsT7L4Y3TkJM%2FxcEpdLq6Nr04mh4QlZmh2ImfYbzaDUURfEbxakCXTQVuJSoXNsqWOUQmGfMHV9c2e0XBHika7n52XVcYLkdFgJS1ppfQi4%2FjfA7AlWOXhGPEqBralgf4SA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc51cd2db511-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: max-age=147880
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:03 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:01:43 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 9.1 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with very long lines (31148), with CRLF, LF line terminators
Hash 2f7b98b35a3a3b663dd3b681f3d12451
58f42c079bf812d4f6b5bdc9321f6ff6c0b17d86
9d20fa930de1fcc6c0399bb453689b60787f68bba6f25d54009e76f0d1e272d9
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/bootstrap-select.min-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 9053
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "7aba-5ef1129c88960-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zh1iA%2Ba9mDmjhj42qpzhfc3xBBmAZGUh2Hh26IXgI%2Fd4aSzIL%2BZ0%2FLUJOu9qCMOtfvfgTkqErsLFzRifjPutfQOjTFV8Sn%2FuiFzFhK5dOTYx3zj3Temd4vt3o7AZZZcSaO3f3gkvcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc51dfacb505-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 86 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash b6e96b0c8fddcca561cfe296966e4d8d
0909c432a0b93359478ccaca3c21575312f461d1
03989464f6a004c77e4e9465c0eb731dd15b3056fa38dd8f3fe9418985fd0b3b
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/jquery-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:59 GMT
ETag: "48e06-5ef1129d8b600-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn1pKOfNlIhag4iwOQIh%2BukP6PYdeKBUUdkLZQzKWLKGFIY0EaKldUKF9kvc%2FQMXc12v1mjVidQOAcz0Se3tcrBqNd0IqT8gGD9%2FGNBNmh1cCg5m0VMHVKMFqySX1WqOucUn5wN7iA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc4fc8480b69-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 782 B URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type HTML document, ASCII text, with very long lines (1213), with CRLF line terminators
Hash 9506101200c6e3ef3d3de3bf5ff1e7f3
1179096634ace29c378be78d819f23a893742529
aa93b1d73f0b88f880df468e1bdd51ee45a32e6839608bc0632e1281d87e9d34
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/keypad-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 782
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "cf2-5ef1129c7fcc0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKQ%2FTBMn7gKeql2DDXJ1hbErQd0ichg%2B3u%2Bj%2FJuAdbMkfsBhB%2FG8bLMUqnvurJwtrxemcx5tdZPFVV73%2FPRlm3O2fMsjxVumnzurAmsH%2F3Ds0N6B8v86FS94TQfvDc6HW0zpmQnIcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc52a8d1b51b-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/modal-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 2.7 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/modal-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash cb3b97cd9cb889c9b4a072b54f1c3830
7d4b209569d923b9bcd422941e848207f401a3e0
986e3218896a5d1fec0ef3737646caa22fd7b09ded0cf4d3359846cb002c4170
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/modal-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 2701
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "2823-5ef1129d0a780-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWUxuVPS56YTEc5pkR0YC%2BzTReB6%2BLCVO2QhDhe%2BzqNKYrlt7ffkBS%2BISKRobNexAOYvs3UIA%2BCMmZbqVtjgDAjPcNYetmKdltF%2BPajvCo6NaBRCeM7MUq0Ey4hu0deTl70mGNgkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc52bf7eb523-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ux9+JMDR1Od400pS3BPvNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x5Aij/uO8l/za4WkEMvqfePsv0o=
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/login-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 1.1 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/login-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash 40ebffa2ac7c3d11a5e12c0e2cc9893a
e8dd3b159cd41371e260d06f96d89190c7179dfd
d279facebbbfb2141abb7f63ddcc5bda7f860b68c03ac6e1b2fad7905e88813c
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/login-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:03 GMT
Content-Type: text/javascript
Content-Length: 1073
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "d4a-5ef1129cffba0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe1yC4twxvTc%2BcONdR6nFgitdm4UHSLGEBiJZMCf7gTNAL4QdY2bYA64CFJytMxPtKxS8AsZ7Fk2BnNdBgIQFbCVfX2gxkq68emGby3lYH92xHz%2BEdxacAJWl5RVYSEE0CyHVCyVPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc52dea6b511-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11003
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11003
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11003
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11003
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:57:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 68385
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 68111
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 72450
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 30253
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 68604
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:31:28 GMT
age: 37536
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
104.21.33.24200 OK 861 B URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/js/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
IP 104.21.33.24:0
File type ASCII text, with CRLF line terminators
Hash e1827f0e630abb3df3b1b09f60151710
b5cfe7dbd791ab73ca2bbefefb1aace022ab1fcc
f1a107da176734cee7cf9ba4c7889e0f19047dfb3545877896f1c97efc7892a3
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/js/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:04 GMT
Content-Type: text/javascript
Content-Length: 861
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:58 GMT
ETag: "95a-5ef1129cc90a0-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6246r7DHCeEnKw2iLiPTJtJtrubPXn7Yd7waUi7GX2So0o4mcgxbxx%2FkjRXGzPUnJoQbhJunpqKCEIBgVEmJW%2BUYQXLdIFFFVhkIPaJDlWO%2B1lkw9Xd23e9NO9oNFSu4vlh98D4c6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc52d86ab521-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/www.google.com/recaptcha/api.js
104.21.33.24404 Not Found 235 B URL HTTP/1.1 verificationspro.com/navyFederal/www.google.com/recaptcha/api.js
IP 104.21.33.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 886513b5800cae9ac73ef4b3b6b1abca
5b357e0c06df4383a04ef7fadb6e6215ca838eee
4e3ecdab843b661d38e4f9e61aa092db5cc1d1558a16c4cf0ada9a32c6f1933d
GET /navyFederal/www.google.com/recaptcha/api.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 404 Not Found
Date: Wed, 07 Dec 2022 16:57:04 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLoA8ebocJMOpOTSzWvr9iBVX1TR2sEeRGmAhxL5Tzz9O0Zb4oALiL1lGqT2GaL39yaADVbcs%2FufnjJvilCwpmwsUVOrSjEo%2FxFZIsv3HT%2BpgNh0CTQsoiVSxHTB89%2FqBDBB0mmOjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc53dadeb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/web.navyfederal.org/js/le2-mtagconfig.js
104.21.33.24200 OK 5.4 kB URL HTTP/1.1 verificationspro.com/navyFederal/web.navyfederal.org/js/le2-mtagconfig.js
IP 104.21.33.24:0
File type ASCII text, with very long lines (2088)
Hash 77030f36963693ebd41462b0da21d91b
0204d544980e39a111c67ce064968a72d387fe34
d2e3a8f994f5cbe4976d6c9630b5c109a3b5ef36eb990392fbbe135648a3274f
GET /navyFederal/web.navyfederal.org/js/le2-mtagconfig.js HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:05 GMT
Content-Type: text/javascript
Content-Length: 5367
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:52 GMT
ETag: "4f6f-5ef11296ccd00-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viB6NaHg7TfF%2Fss2u5Gu%2Fgp1a4eVNvTBPoTdw%2B6y5B0m1QpdEWtQ0X%2Flp3UM9rumKvhfLxXRWc51elwtwFGNMJdrv0RpgnAN55YHg%2FgszIUoU4nbkbxmRrSNNuBA8PSnuR1%2BgyWKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775ecc53ee010b69-OSL
alt-svc: h2=":443"; ma=60
my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
104.88.20.141201 Created 18 B URL HTTP/1.1 my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
IP 104.88.20.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2043
Origin: http://verificationspro.com
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 18
Date: Wed, 07 Dec 2022 16:57:05 GMT
Connection: keep-alive
Content-Type: application/json
Strict-Transport-Security: max-age=31536000
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
_abck=5496778BF5E78AD8296DF95D483AA8E1~-1~YAAQPDIQYPoPIXqEAQAAwfqE7Qm8U03y/KlRSAkIXrQmAbUc+KhOt7xLVCLb7e024tg2VM9H2ciOwdXMTt9azGW36DRt/pjZPNg77fiDh0PNmwOjR8uH0qSMA+V7LrXodlhzmE7MxYpfo8POqv+Wj0/77syzjS3YxByvQY+4+PTkuydPzV9RIyczNc6Wf0hb3W+73z0ZFQnS46gUE8pnv1WQjG29JH2MX3KTZJRf+ZtvgGJeR1FjPLPT4lOoBNXRSSJXyWETxRGzGZlcUDH6oOyYyvcml2g5ikAgkTpQj6TzeVmcUMag+TyWtbqOEznxAiv8783xpsZtVILr68Co/DIaWF5jEk/6tboOdRXz6c9WMDzn96hp4oH/E02ly1S97qs=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Thu, 07 Dec 2023 16:57:05 GMT; Max-Age=31536000; Secure
bm_sz=5C18B0D5D5BB273A8C658D2BDC9E30FA~YAAQPDIQYPsPIXqEAQAAwfqE7RJaWdcNv/IK4XcuKRG31kCu8yn5vtnmwD3GgRgsQEci/nesFLz+OPudjAiDUCEPHHby8icteShG6yzk2u56+GTk9UzPS3EVExNcmv2aRT1eDKigURBdtp18AEImWaKV/z1cujUwkoGAENsXCrSj+MfRIa9mb96nXC9h15/AVLxBvqqqtmyK0v/BTYUOxDCbSHPmoC7+rHd5y83W30JOC+GjV1mOUufYQR0A5sGJRHze3bmJLPXi78kj9JAdHPNvPUTJ/FMFYxZnS/dHLKRQKiqFSgtkzw==~3487301~3621683; Domain=.navyfederal.org; Path=/; Expires=Wed, 07 Dec 2022 20:57:05 GMT; Max-Age=14400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg
104.21.33.24200 OK 554 B URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (451), with CRLF line terminators
Hash 8d6ad14c6c918a04dadcbc89d1c80153
40ccc1728147b2cc383b73127683d56afbb69380
ca6e178e27d3f750c6a74eb7ad4cb14ac7d39a2b799f31a5f41982943ddf55a7
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:55 GMT
ETag: W/"478-5ef1129a1f660"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu5kgO06Za%2BVnl%2B1%2BDHbTzv%2Fl3%2FzZF84sZ6ItyZYiesEZX3PMMdu1xWImNDRvBwPfCmehvHXH5bOdIW2lqu5Y%2B6cSHOc63sObrAdVQWTXpkGItHeg8Q5s23o%2FP6JTPPq%2FmjaWTSHRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc63cee30b69-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5159-1d62888b4b662af9142e3c385f423f32.svg
104.21.33.24200 OK 1.3 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5159-1d62888b4b662af9142e3c385f423f32.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash bb1c6475f5cd121d98758ec7964a126c
03923c8057272e44b4f4fcdeff23f1e1c4a2ff5a
0ffed74f32a00fde96d3f6c464bb69fbda2976fb8038d4814b127d80b17f67b7
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5159-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:55 GMT
ETag: W/"139a-5ef1129a34e20"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1pgabpqOLMlZajQuLjB40VmMZBHHAPLgIgAn%2BZIYRkFKc1tnFuF9YIIt62ssDT1tVsGSm2uhqI%2BczxhxfeBvXfFoqvyD0G5bEQGCl%2FneCjZPR06eN%2BhdlsZyAv06bp65Z8Dyq0GYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc63cd6db511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg
104.21.33.24200 OK 773 B URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (314), with CRLF line terminators
Hash e2319002cc3364d4cfde13c46a4f092e
b2e2f7c25a96819fc5a965641fddb92364ecdb45
e62f28ae2b753880312de3f5245717ad04848690a059cdf60dcba6ea0079af3c
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:56 GMT
ETag: W/"7e0-5ef1129aec7a0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utNYB0coFlsNyC9z3h5dGxQQstyFJ6spC653v%2FP%2FChmRIYPht%2FTdPLgCsjs0%2FV8CRzf2L9h25n7gj32lsGRyozvXE4hvsfSkwX4GyvxvqcwpdqD%2F4ytgVtAOVLk5JT4TJhDplY5awA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc63cf5db505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://verificationspro.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:49 GMT
expires: Thu, 30 Nov 2023 19:28:49 GMT
cache-control: public, max-age=31536000
age: 595697
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://verificationspro.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:38:22 GMT
expires: Thu, 30 Nov 2023 19:38:22 GMT
cache-control: public, max-age=31536000
age: 595124
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg
104.21.33.24200 OK 1.3 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 964e9f0096224e704727f86969fe816e
73d0401aea24e31ddf571a81a62024e1bf62df16
c44a6379c1f1daa95325a2be6951639d759d2f5d8c1ff83c9d76d86dc08a0529
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:55 GMT
ETag: W/"fd0-5ef1129a78440"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIgn33nvxRqYPuJ9Uj7RhCs3Cvu3mhGkOzRrS7pFZI4wvzVA8SSMM10BDkvwTKCi5SGwdV84P0SqHYYpGdCTe%2BHrLmPfK5sJFYvS3PPHhkwSVQxJ84T9YdDac9B3oyCUpUhgbPOQrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc63c858b521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg
104.21.33.24200 OK 1.7 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3660), with no line terminators
Hash 4fc1cb7c47405de913cb16dc58673b66
553c50e4f63014b2c6e4c9d6ddb9219faefdf4ad
71614f77940694f0d2dca1306482e406eec90460161bcdf5d5808f22c7caf283
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:56 GMT
ETag: W/"e4c-5ef1129aa9180"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2Fm1y3aId9%2BQpu6CKHv55XjfM2%2FLkqNFubycISoRGneASp2XNGWPESgszhRZPQLIn07tyxs1gqom1%2FtBzh7yzizjgdQK%2B3%2FC4GoP7i2NpxbLjk%2BVKcuLDQDsy7%2FWMWwff08a9Zg3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc63ce67b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/fonts/sourcesanspro-semibold-webfont.woff2
104.21.33.24200 OK 24 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/fonts/sourcesanspro-semibold-webfont.woff2
IP 104.21.33.24:0
File type Web Open Font Format (Version 2), TrueType, length 23796, version 1.3276\012- data
Hash 3d23d2cf9810f1e5beafa0f88200c298
d93857bca012baad50b0b3f20d6a93fd9d8893a6
4e746503720ab68475f6e6f07f0d68c4d47fb3cee9a1e1b22a90b091a3f1f1df
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/fonts/sourcesanspro-semibold-webfont.woff2 HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: font/woff2
Content-Length: 23796
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:18:07 GMT
ETag: "5cf4-5ef112a540080"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uO%2BHEtOYBi74VpQKwWDUTwNmRBJb01oQJAhtWd%2BXRRqr76onLCvW3%2FlSzvxvVtxhovyp2M78iZW3InHOeIj%2FvttYKVRXwWtKx33AdtMfwInZBQ3MX%2B1MwgxK7TB23yUyahBq%2BXAiw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc65bab5b521-OSL
alt-svc: h2=":443"; ma=60
my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
104.88.20.141201 Created 18 B URL HTTP/1.1 my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
IP 104.88.20.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2365
Origin: http://verificationspro.com
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 18
Date: Wed, 07 Dec 2022 16:57:06 GMT
Connection: keep-alive
Content-Type: application/json
Strict-Transport-Security: max-age=31536000
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
_abck=A9A3AAFFBDF2A4D55FF3DE3637C50E04~-1~YAAQPDIQYPwPIXqEAQAAB/2E7QlFTG2nfpzKln3ZISuRaAckcECFGslGLXbjzdYBvkUg89j0MD/vKusZlcYA1bAx1pozaiAdv6jrVdHh3CQ5+FvCiPzDfy/zb/oHA6zdEyZ45U2XxqumQJrsNIsoJzXIddbj3l4+BKQWEMbjpQ9PHGgSLmE42xeLT1tVI64f0okG5LQCvjRUS6feHpWevtRd0TgcNejGqERH6JUeAfmDYyzaewMCGR3Y6HKYYoiiI1BTXbL6358TmwGZNuBb6tNFFy8/T0UAS1gDMSgFFKs2d8uqqablhOOfu8Rha63f679s5BFgcq4xWXs2LqGNnAEsAmv3F96tTIkIuyessSNAZBO/iH3rBJ3yaE6uGU28mbE=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Thu, 07 Dec 2023 16:57:06 GMT; Max-Age=31536000; Secure
bm_sz=EFAD244D2A32446F2A0C03DA9D2DF723~YAAQPDIQYP0PIXqEAQAAB/2E7RISwu6EL7MUTreRxL8HowA6ITGWCt2Nyn07XeFBNuDrbRGkFVHS/HbNdg6DyImzkxYMxLrKNdzXby/rCEFYU1WBi5g9EOGGtROJWtkxwhZGT1EO4l1vhcgaL23p0kJNTP26Ay8pUM9XBh9MSdnklkKx9I76Fq8DfZO3hOLUZLFuQukTgSsBtYx22W9sTmNr3aXA/wS6c2mgRuEs7zIepU+UCeVoMztZP71m1kY5Ajgxzmgwdkms4LfXOqbAj3c44gH1mWTvHrO/gvTkW4WvnLxdTe8rTg==~3487795~3684405; Domain=.navyfederal.org; Path=/; Expires=Wed, 07 Dec 2022 20:57:06 GMT; Max-Age=14400
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
104.21.33.24200 OK 186 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
IP 104.21.33.24:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x500, components 3\012- data
Size 186 kB (185745 bytes)
Hash 71bb90e5a3fb345196f166e4389c4ac1
5687c3c6f0146d9094d49cc6fe4cd5390a170672
ee4321efb356cf875dacf07419eb2649351e5907c159754a94b7b3be02479fe9
Analyzer Verdict Alert urlquery phishing Phishing - Navy Federal Credit Union
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/jpeg
Content-Length: 185745
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:56 GMT
ETag: "2d591-5ef1129b11960"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqxVCjH5oNnNDc4%2BuMj8F%2FnbT%2BkQ9sP0avJTY067bbbecb7jvBayQsiarH5WwEhRuysCDz%2BJoSxKF437tDoppffwDocyemhbWO59xHmado8vLHXZXNR0fyBtbCIDpJv5aAwBjjKWTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc63ceb5b523-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1057cc01dc900b49786de9fea6e050c3
77c284ec47250ad651d7d60f12dabcf4ffb945bf
973ae0d9c2869abedfdf4e582c5047ec33aa94c1b7b8a12227917554214ef210
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125142
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:06 GMT
Etag: "63900bb8-1d7"
Expires: Fri, 09 Dec 2022 03:42:48 GMT
Last-Modified: Wed, 07 Dec 2022 03:42:48 GMT
Server: nginx
Content-Length: 471
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/bg_globe.png
104.21.33.24200 OK 4.8 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/bg_globe.png
IP 104.21.33.24:0
File type PNG image data, 859 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 47d60af049fed9797bb869d570f18ae4
5c41d26eddef7a2a07efe3d67b28341c8209ace0
eac7a5450fce00715e381e02b2359fa4bd7ddd5a30f52e15ca9c342ce24d3b37
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/bg_globe.png HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/png
Content-Length: 4797
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:18:08 GMT
ETag: "12bd-5ef112a668e80"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AC5mZJvbGtMO%2Fp%2BAsbTD1q28kF8CBsEVt75Y5T8BrrTWHjMgIK2q6LWOgY%2FMbHHoLREhVyjobsBHFVccqpjyPcF%2FgAuWKKTTB5O20dQY1C2rewm3Y9BbIVlHlmGBtMi0y8VqIeo9Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc64d927b505-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/img-billboard-BG.svg
104.21.33.24200 OK 2.3 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/img-billboard-BG.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (790), with CRLF line terminators
Hash 9705a6240e1829eebe8709bac400f904
49e3ea2a7fc4e8b27d3c2fa93e8914cb219fdc94
1e8fec0af8d2a1d85a064168fbf35e75a6907942ee34d693c31c9caf7f0d7625
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/img-billboard-BG.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:18:09 GMT
ETag: W/"2577-5ef112a7bacc0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9jLwqDS7iray34G%2FF0EQ6cpsxGL56uTEheyRX8QrIgL7K8qCBychPrWbeI1tN%2B%2FRri8twOLAN0dEu791i0b99XdQWegK43rHetSkJXKiblyhKgADOeuoqFestKGcBuQFDmASPIfwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc65b8beb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/toolTip.svg
104.21.33.24200 OK 358 B URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/toolTip.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash eb9a4a32710a7925988717de52a93c16
500dfa258ee7e8dfc0e6f63032caafe24164b75d
894446224204d704d30505f94f245721afe508d765dd8868a9d89bd674326e34
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/toolTip.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:18:08 GMT
ETag: W/"280-5ef112a66adc0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMuv67%2FKZvDkPpiTH2c0cjw120IZA21Vo2Mk1RNfy9iNGpgJjlHoydK9nf90PKnhX6KkyFM0DAH0%2FkHAVrSOXgM3J2ettNvOzWrgpxmaHNoEa9s%2B9eZFVJPN1K1QY%2Blx%2B5L4xjzqZg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc67ad0fb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/icons.png
104.21.33.24200 OK 6.4 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/icons.png
IP 104.21.33.24:0
File type PNG image data, 98 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e981397327636f1b9bd7cccb0fa0154
6d6f31e3c431ab8745ed9e0d295cb3dba1ed3cb1
83de0b26f5230608c42df74eab660c8e7a51ffe1710ce6c2514bd9c7756b5488
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/css/icons.png HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:06 GMT
Content-Type: image/png
Content-Length: 6394
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:18:09 GMT
ETag: "18fa-5ef112a74f600"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCzA5bUw7CODQ%2BnxhXEIzHQ3ylTAFYjUJvm%2F%2BqUiGxqc7qbqtOQwNeAIcikSvYdi3nSB0PCpcP302eCXzRuVGCrggf5SPc1hQdMs5%2Brk5Nj2oa8vALW%2FI3aHKDBT%2B54XZC4HNSx0nw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc688cecb523-OSL
alt-svc: h2=":443"; ma=60
my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
104.88.20.141201 Created 18 B URL HTTP/1.1 my.navyfederal.org/iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs
IP 104.88.20.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /iaf1/KTI1/fJi4/hD/QtEw/bYOkDhtJOaYG/MBUmAQ/SAw/0FQEFXFs HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2805
Origin: http://verificationspro.com
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 18
Date: Wed, 07 Dec 2022 16:57:07 GMT
Connection: keep-alive
Content-Type: application/json
Strict-Transport-Security: max-age=31536000
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
_abck=22CD319558419BF56A2AD0D1EA255200~-1~YAAQPDIQYP4PIXqEAQAAxf6E7Qn9EXeSofBeq2UjtVHglFjdiC1MFWmH9SNnFeDrH6JI/k5itxm2FoN5LGhbHhFNtvLWIXHISGc0KuBfnfQGfm2Pf1srHrAoSsUrO3h/WZIcTA+kfJonQXsZ2xSC+dyZwCEveU9e6+aPJcIEaBL1n3usXaeM5orzjZ29qjBwlWaXqg6LPG8HvY5MODHFyM728seYe2xKf2eK73qm955OexrnunoLv+WdPTcbvIiuWSszW0Ztzz3/yhTjwDaJVIOefJq2oyFLTqrGJpC4HPsRTydZonPAMRMLSRsk85Tp9NtAZXXm2f0xvNG8OYO6oHCrT6b4P18ii4BTqKqlaCaDzLFP+o6ebFnzavCpZ0ae5aM=~-1~-1~-1; Domain=.navyfederal.org; Path=/; Expires=Thu, 07 Dec 2023 16:57:07 GMT; Max-Age=31536000; Secure
bm_sz=C2A8193A31B061D6C59D702CAD5D9334~YAAQPDIQYP8PIXqEAQAAxf6E7RLsnMan+L+vpb7dGRGY/MdgO2MeMvp9VQIZoIQdALphdZzA06NFt8F6TQjt2BTQLp6XEGCytYsBojKVd5ATJFa4Gyah1fiORh8T2wdTkJlOgQjGVGyJfnigD7KXH48+SBXfCsoWxCCSfpaiUH9iBxSo0BEIj7Hq8ChNDCH2T2T4ZS5AXKYth2iCQT/ynirkbFQe1Zegtmdc1Evdw+ITgybJixU9X0LuG7t0wjioZyLobLbmFGFSZ/MTy1g+vKolrjDzfyufZaKgNg9nyKJ3toaqzVRzxw==~3487540~3486516; Domain=.navyfederal.org; Path=/; Expires=Wed, 07 Dec 2022 20:57:07 GMT; Max-Age=14400
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
104.21.33.24200 OK 6.0 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
IP 104.21.33.24:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2618), with CRLF line terminators
Hash 7ae7e0bc82d3292f45872c4842138f75
3d21d59174d668772e5a6434e0a2b2a3ee2a1871
06c1087fe6543a22593a8d1f1a17ab130c4272066c8f433514591e0af7d1bc3e
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:56 GMT
ETag: W/"55ca-5ef1129b7c080"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0EIeAWTqM3WPqyAoigEcCCgBCw0rKO3FPg8AVgjiqG5nyf%2BpMfqX5b68Cb9Kpe%2BcR78p%2FtXNYGQmvMxNnCxq7PUtDNIR7DkJk2trTJNQ1GZvWlZQ62GKDQ3l3dG7RwjZ3A2Xtokwg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc64deddb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
rnemsg.navyfederal.org/ci/pta/logout
147.154.117.92302 Found 25 B URL HTTP/1.1 rnemsg.navyfederal.org/ci/pta/logout
IP 147.154.117.92:0
ASN #31898 ORACLE-BMC-31898
Hash 3f8372f15e761c5f9e4ed6515f744df3
81a6e71371d2a46f6116e045fce6feb258b2d9f3
61c08f21cca5983f6f115bd91b9cc97bd29ef835d1cabed197d79fa7e1e7bd76
GET /ci/pta/logout HTTP/1.1
Host: rnemsg.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
F5_do_compression: yes
Content-Encoding: gzip
RNT-JN-Ext-Machine: 43.2
Strict-Transport-Security: max-age=31536000
Set-Cookie: cp_session=fU3fds2o4dJhAwX_jtQbeM00lH_fR6JRUuNBkutU_8hQEvWQ~YwldlhUCk~JbRnRHiDeVmZbWfTU2BorP62pcx0HsfmBwA~pTRGsE3czJ8ONpvFHWDLzUlzjXBT0TkAFRgR_MumPwS4YbURdUimfLhj0_MNZzIXPs9Sg4xBBSdIIQtUFKdYCdSckEoVvzzo1CW_GibmEV3syJSf4z5jt0S9cdrKWZoJ9O0WgyXyuCSOlx4H2Ygh_~iaHGBOXymVhba_G1BmyQ6tRhsb5XUVGS56hzUp~Mnk3NkYkeODpfdDCsC9XNCWzqdnoXBuPAXzGC0TpHxjw44OVYPJ29pYTUhIYEOIs7Z2tE4U7utcaXbNccCVBHD74~pVHK8Yk05gkYXAkaeTE2DeBjXbUC9cnbySuVeGl1BmzhGi1LxXZW_MaUriCiNiUCWobMyo2oYOF9jHLJkSMEnAUh_Rqzfx0omkBbUWyLQCX5~3Y2C8HApKmm7zC0gwdw5GA!!; path=/; httponly; SameSite=None; Secure
cp_session=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
RNT-JN-Ext-UUID: 37bd41b0-f39f-4239-839e-6c22ba495a53
RNT-Time: D=187662 t=1670432226828190
Location: https://www.navyfederal.org/images/spacer.gif
RNT-Machine: 0.78
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/fonts/nfcu-icons.woff
104.21.33.24200 OK 82 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/fonts/nfcu-icons.woff
IP 104.21.33.24:0
File type Web Open Font Format, TrueType, length 82048, version 1.0\012- data
Hash 26c884b9e5c56db40d45d3e5e2e32f88
c9ae88582f087df6ad2e0e01aea6a13212061dd7
1fa934880a173f877c7e90f95fca2ade66544e05daa88707d0866b6f903a9c05
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/fonts/nfcu-icons.woff HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/css/responsivemain-599150400912c8247ee1872211972b2a.css
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: font/woff
Content-Length: 82048
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:18:05 GMT
ETag: "14080-5ef112a3aeaa0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0S0WVXoWKpn40zRAxqwnCv53d0jAmjC1cyHjjTCn6UxWG5CD4jflIXxlSF0Mk0SBkg7vf9QJV1IyzZM0oTu365hQD0YlgM6LeF8AUk4MA6EOp%2F%2BS8q%2B9Ci%2FDNkFeB3rmOb7J8c1BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc64cfca0b69-OSL
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash cb0a3183270f9fcac9ec9058b6200519
faa44bf1b91988f7351fb16b4c6a74193c507e8d
ca0801498f95e80dd435129ed13604f20fbb8fbc562a644f39f492633e643978
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 03:43:25 GMT
Expires: Wed, 14 Dec 2022 03:43:24 GMT
Etag: "faa44bf1b91988f7351fb16b4c6a74193c507e8d"
Cache-Control: max-age=556576,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ecc6c5e8c0afa-OSL
lptag.liveperson.net/tag/tag.js?site=11478817
178.249.97.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=11478817
IP 178.249.97.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=11478817 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:07 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.navyfederal.org/images/spacer.gif
104.110.18.91301 Moved Permanently 0 B URL HTTP/2 www.navyfederal.org/images/spacer.gif
IP 104.110.18.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/spacer.gif HTTP/1.1
Host: www.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://verificationspro.com/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://web.navyfederal.org/images/spacer.gif
cache-control: max-age=86400
expires: Thu, 08 Dec 2022 16:57:07 GMT
date: Wed, 07 Dec 2022 16:57:07 GMT
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png
104.21.33.24200 OK 16 kB URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png
IP 104.21.33.24:0
File type PNG image data, 144 x 144, 8-bit/color RGB, non-interlaced\012- data
Hash 539a70bd30ae2286febce29efdb3c583
1518a726d93e4a9249aef346b3ffe74318ac6a56
a2f786dd0f91e92cc3a389ab5350edbcc570910a8d6711af482a2f9c30147620
GET /navyFederal/Sigin-in/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: image/png
Content-Length: 16282
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:56 GMT
ETag: "3f9a-5ef1129b5dc20"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhsR6wdDiWjAAZA8HpwgXbhv38z3JGmp8Vsq0lEexQhVSSL4ycseSoZxdzny4LBVMXWTB7Mx%2BLfc4e0TBxlx5qRVulgQyKoM%2BkgWoLenb%2Bg7%2F%2FKhaKVvJB5MpGLzXyIK9LLvPZ47eg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc6b9969b523-OSL
alt-svc: h2=":443"; ma=60
verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/favicon.ico
104.21.33.24200 OK 343 B URL HTTP/1.1 verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/favicon.ico
IP 104.21.33.24:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1015784a81f5008677f3d59f88cbb010
bd99b55c314fa5f156d9e74a235de203b909ce84
a1cdd3ec36ccab5ab6e9ddecdf94566b77b0b1a4bc52f3014e70f7bc95953096
GET /navyFederal/Sigin-in/NFOAA_Auth/favicon.ico HTTP/1.1
Host: verificationspro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verificationspro.com/navyFederal/Sigin-in/NFOAA_Auth/login.php
Cookie: s_fid=4585DFD7AFD62532-2FA23433482EBD43
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 09:17:49 GMT
ETag: W/"47e-5ef11294d7d60"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YtytnLxEFu1Pxd%2FK%2B3VfzPFcjWiBNNOu7KH0gmWwPrUw%2FCsOF3q27kXD9XzT50gEBjVxPrSN6aZseWCTw5rQ7oOvxOSZo5Udn1rlqOcZTY%2Fb2HDjgcGFMHopLbb6dNhpk73q0gRsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775ecc6b98b7b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
web.navyfederal.org/images/spacer.gif
104.110.18.91200 OK 43 B URL HTTP/2 web.navyfederal.org/images/spacer.gif
IP 104.110.18.91:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /images/spacer.gif HTTP/1.1
Host: web.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://verificationspro.com/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Sun, 02 Jun 2013 10:22:19 GMT
etag: "2b-4de29390cacc0"
accept-ranges: bytes
content-length: 43
cache-control: max-age=7776000
expires: Wed, 19 Oct 2022 10:22:27 GMT
content-type: image/gif
date: Wed, 07 Dec 2022 16:57:07 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c3c21a5963125d1cdd3a6e761dac675f
7cdb90f41c5c3d7bddc3cd125b6fdbc9b1b00666
e9ae696f746cbc3d467469b66da13d944adbabccd02e3df96114767381064ea5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 04:31:55 GMT
Expires: Tue, 13 Dec 2022 04:31:54 GMT
Etag: "7cdb90f41c5c3d7bddc3cd125b6fdbc9b1b00666"
Cache-Control: max-age=473086,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ecc6fe9ac0afa-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c3c21a5963125d1cdd3a6e761dac675f
7cdb90f41c5c3d7bddc3cd125b6fdbc9b1b00666
e9ae696f746cbc3d467469b66da13d944adbabccd02e3df96114767381064ea5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 04:31:55 GMT
Expires: Tue, 13 Dec 2022 04:31:54 GMT
Etag: "7cdb90f41c5c3d7bddc3cd125b6fdbc9b1b00666"
Cache-Control: max-age=473085,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ecc6fea28b503-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 131dd6032fc4e5b3fd02c72aeac1c607
ced911e73fbe927eb02af8f9551dae3dd98e20f6
b3ed5ee95bbe2e16658bae583eedc4ac8c4af3e49183fca2d6bb14b456816530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143142
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:08 GMT
Etag: "6390520a-1d7"
Expires: Fri, 09 Dec 2022 08:42:50 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:50 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 131dd6032fc4e5b3fd02c72aeac1c607
ced911e73fbe927eb02af8f9551dae3dd98e20f6
b3ed5ee95bbe2e16658bae583eedc4ac8c4af3e49183fca2d6bb14b456816530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143142
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:08 GMT
Etag: "6390520a-1d7"
Expires: Fri, 09 Dec 2022 08:42:50 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:50 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 131dd6032fc4e5b3fd02c72aeac1c607
ced911e73fbe927eb02af8f9551dae3dd98e20f6
b3ed5ee95bbe2e16658bae583eedc4ac8c4af3e49183fca2d6bb14b456816530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143142
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:08 GMT
Etag: "6390520a-1d7"
Expires: Fri, 09 Dec 2022 08:42:50 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:50 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 131dd6032fc4e5b3fd02c72aeac1c607
ced911e73fbe927eb02af8f9551dae3dd98e20f6
b3ed5ee95bbe2e16658bae583eedc4ac8c4af3e49183fca2d6bb14b456816530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143142
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:08 GMT
Etag: "6390520a-1d7"
Expires: Fri, 09 Dec 2022 08:42:50 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:50 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 131dd6032fc4e5b3fd02c72aeac1c607
ced911e73fbe927eb02af8f9551dae3dd98e20f6
b3ed5ee95bbe2e16658bae583eedc4ac8c4af3e49183fca2d6bb14b456816530
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143142
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:57:08 GMT
Etag: "6390520a-1d7"
Expires: Fri, 09 Dec 2022 08:42:50 GMT
Last-Modified: Wed, 07 Dec 2022 08:42:50 GMT
Server: nginx
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 247cf6130374f045ec5c758a9d091636
0e1138619047619f80dcb6d9e3226fa0d65b52d6
6a44e17dd2daccc741f564c5cca422ec09f5e6c537084e118a14ede63aa5a1cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:57:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:37:42 GMT
Expires: Mon, 12 Dec 2022 23:37:41 GMT
Etag: "0e1138619047619f80dcb6d9e3226fa0d65b52d6"
Cache-Control: max-age=455430,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ecc8059a10afa-OSL
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:08 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 07 Dec 2023 16:57:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:08 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 07 Dec 2023 16:57:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:08 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 07 Dec 2023 16:57:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/11478817?&cb=lpCb16157x97181&t=sp&ts=1670432229411&pid=613019613&tid=6002079414&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE&u=http%3A%2F%2Fverificationspro.com%2FnavyFederal%2FSigin-in%2FNFOAA_Auth%2Flogin.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/11478817?&cb=lpCb16157x97181&t=sp&ts=1670432229411&pid=613019613&tid=6002079414&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE&u=http%3A%2F%2Fverificationspro.com%2FnavyFederal%2FSigin-in%2FNFOAA_Auth%2Flogin.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/11478817?&cb=lpCb16157x97181&t=sp&ts=1670432229411&pid=613019613&tid=6002079414&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%C2%AE&u=http%3A%2F%2Fverificationspro.com%2FnavyFederal%2FSigin-in%2FNFOAA_Auth%2Flogin.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:10 GMT
content-type: application/javascript
set-cookie: LPVisitorID=E0NzY1YmI1NWI0OWM5NzQz; Expires=Thu, 07-Dec-2023 16:57:10 GMT; Path=/; HttpOnly
LPSessionID=RNtLe5Y8STGTcKkCHoGFwQ; Path=/api/js/11478817; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:07 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:e8f0a893-937b-4240-b05e-b590e362b971; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:37 GMT; Path=/
ADRUM_BTa=R:28|g:e8f0a893-937b-4240-b05e-b590e362b971|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:37 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:37 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:37 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:6; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:37 GMT; Path=/
vary: Accept
expires: Wed, 07 Dec 2022 16:58:07 GMT
x-envoy-upstream-service-time: 4
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:08 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 07 Dec 2023 16:57:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
178.249.101.98200 OK 0 B URL HTTP/2 liveengage.navyfederal.org/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP 178.249.101.98:0
GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=50~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=8c0a04058c311b60156be0e01c37e09c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:08 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 07 Dec 2023 16:57:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/domainprotection/refererrestrictions?cb=lpCb97810x93919
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/domainprotection/refererrestrictions?cb=lpCb97810x93919
IP 178.249.101.99:0
GET /api/account/11478817/configuration/domainprotection/refererrestrictions?cb=lpCb97810x93919 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveengage.navyfederal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:08 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:bff4c6ef-91c4-42df-963a-dc55213ca3fc; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:38 GMT; Path=/
ADRUM_BTa=R:35|g:bff4c6ef-91c4-42df-963a-dc55213ca3fc|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:38 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:38 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241585; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:38 GMT; Path=/
ADRUM_BT1=R:35|i:2241585|e:9; Max-Age=30; Expires=Wed, 07-Dec-2022 16:57:38 GMT; Path=/
cache-control: no-store
x-envoy-upstream-service-time: 157
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/11478817?sid=RNtLe5Y8STGTcKkCHoGFwQ&cb=lpCb86451x24271&t=pl&ts=1670432229418&pid=613019613&tid=6002079414&vid=E0NzY1YmI1NWI0OWM5NzQz
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/11478817?sid=RNtLe5Y8STGTcKkCHoGFwQ&cb=lpCb86451x24271&t=pl&ts=1670432229418&pid=613019613&tid=6002079414&vid=E0NzY1YmI1NWI0OWM5NzQz
IP 208.89.12.87:0
GET /api/js/11478817?sid=RNtLe5Y8STGTcKkCHoGFwQ&cb=lpCb86451x24271&t=pl&ts=1670432229418&pid=613019613&tid=6002079414&vid=E0NzY1YmI1NWI0OWM5NzQz HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:10 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.97.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.97.23:0
GET /lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://verificationspro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:57:07 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2