r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8807
Expires: Thu, 02 Feb 2023 19:44:08 GMT
Date: Thu, 02 Feb 2023 17:17:21 GMT
Connection: keep-alive
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
146.59.209.152200 OK 42 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
IP 146.59.209.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1020), with CRLF line terminators
Hash 5041472ed3a968a0c83e68699595aac1
cd6e20e46b45b2bb8e015a373494704f54ba6ac5
af5749c20ae09975ebf262e11d562d5db60446ad07411b72003e9e3b277a46e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/ HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
set-cookie: mycounter=Checked; expires=Fri, 03-Feb-2023 17:17:21 GMT; Max-Age=86400
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:9885_923BD198:0050_63DBF021_6CE2:EB95
x-iplb-instance: 41929
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7335
Expires: Thu, 02 Feb 2023 19:19:36 GMT
Date: Thu, 02 Feb 2023 17:17:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 16:43:31 GMT
content-type: application/json
age: 2030
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6787
Expires: Thu, 02 Feb 2023 19:10:28 GMT
Date: Thu, 02 Feb 2023 17:17:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WeWKEANOG28uH9Fyd6TWdNo2B/1vFHzdn3qp621QZzart9qqw6ct2PW2WyG2lE5ofSbR4/BZNFw=
x-amz-request-id: GR8YVJYNNVD4ARQP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 16:52:03 GMT
age: 1518
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/557936930f28b2d366ab8c42a0f9f373.js.download
146.59.209.152200 OK 217 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/557936930f28b2d366ab8c42a0f9f373.js.download
IP 146.59.209.152:0
File type ASCII text, with no line terminators
Hash cbce82ea66757db2e6cebcd49e6ea21c
08c36c90d2fde341ac95d19f7fe4e344a8e5de9a
9d7b904542335afa79492150d518b4b9270c4f796918ceddebb43f4cbda49772
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/557936930f28b2d366ab8c42a0f9f373.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 217
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:9885_923BD198:0050_63DBF021_6CEC:EB95
x-iplb-instance: 41929
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/nr-spa-1169.min.js.download
146.59.209.152200 OK 14 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/nr-spa-1169.min.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (32021)
Hash 5143df36e62d3d1438b73504de99ef30
e1eb914fa94bb719d08f247b24a165c1b2664a04
74f2a1421493a0bfbc791466a150355506c8cfab59c37e239055674262203205
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/nr-spa-1169.min.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 13997
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D59E_923BD198:0050_63DBF021_55B1:EB94
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/web_properties.js.download
146.59.209.152200 OK 1.0 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/web_properties.js.download
IP 146.59.209.152:0
Hash cb53f17b8a740e4a24a36113ba8ec2e8
bff78bb1743640abb4f1135d9a44204b97902fa8
e2b23ac73c03249a2a01eaf5639cdf22ff54299145dda042ac8aaaabba298973
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/web_properties.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 1037
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DF7E_923BD198:0050_63DBF021_F8CE:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/350e5c29ef0acff94696593ed1361266.js.download
146.59.209.152200 OK 15 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/350e5c29ef0acff94696593ed1361266.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (35447)
Hash 031fe47531ca666a2f8d23ec60882161
6e25dfcfbb50a08acdd9de70c947e8f3e83a5543
9724912f5f2dafec16734de729cdc453e2ad9bb0f171ea33e0ff397d2233f8fc
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/350e5c29ef0acff94696593ed1361266.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 14909
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D59E_923BD198:0050_63DBF021_55DE:EB94
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/Bootstrap.js.download
146.59.209.152200 OK 28 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/Bootstrap.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (579)
Hash 500f006362f605785e121dbe59dbb70f
ae24fbc329cce5f159025859cf8c4c8f917a1260
2d1f662a46c4488a9aff250b8be643f7cfa4ae4ef53e56c611c10ac39a95569b
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/Bootstrap.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 27696
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DFC3_923BD198:0050_63DBF021_F8CC:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/cp_common.js.download
146.59.209.152200 OK 138 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/cp_common.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 138 kB (138142 bytes)
Hash c3486dbbbed949e54800b4ef1d8c733b
a0c37e717913f1472cb2a27e53de3c8513e0e4b4
9955cb63f2a94c0b27841b786d724dfd83e27787493bfe8f249398508203cb47
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/cp_common.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:9885_923BD198:0050_63DBF021_6D11:EB95
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/6.js.download
146.59.209.152200 OK 850 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/6.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (1058), with no line terminators
Hash ce53409d5ce42d7e198dc26f4c0b5025
ad4c2f7d0629b421f0bd8a19b65daf45f6995211
e65f7f1a0733971577500ce4a8a9d303902aea1cbceb31fcff256bae2bbcb4cb
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/6.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 850
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DF7E_923BD198:0050_63DBF021_F8D1:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/424f20afef16e974ebab7885d0002c1d.js.download
146.59.209.152200 OK 31 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/424f20afef16e974ebab7885d0002c1d.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (564)
Hash 47a346edd58390ba8bba52d44b77b3ca
3653d16dc23bb7f218641082ab1ba6474166091c
e83b9c607d0d82aa88a7137f5dd9bf05342ad947fff6cd59d0485fc4abc11a97
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/424f20afef16e974ebab7885d0002c1d.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 30892
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:89D6_923BD198:0050_63DBF021_6D18:EB95
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/serverComponent.php
146.59.209.152403 Forbidden 199 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/serverComponent.php
IP 146.59.209.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/serverComponent.php HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 403 Forbidden
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: text/html; charset=iso-8859-1
content-length: 199
server: Apache
x-iplb-request-id: 5B5A2A9A:D59E_923BD198:0050_63DBF021_55E0:EB94
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/browserFingerPrintv1.min.js.download
146.59.209.152200 OK 11 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/browserFingerPrintv1.min.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (28442), with no line terminators
Hash 3d26f18fac75c596b30d2a47b0e6986f
2da201669d34b8201f9b7d9e8c359dc2e6734674
bf889938f5f8bb0876002c75f44daef589569b805502321ae63f2e79b4defa15
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/browserFingerPrintv1.min.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 10724
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:9885_923BD198:0050_63DBF021_6D1A:EB95
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/uba.js.download
146.59.209.152200 OK 7.1 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/uba.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (23147), with no line terminators
Hash efb841f2d2e82b388893920220aa846d
507618dbe5c7aeeb2dcf5c9fb9249522077872c2
5ba3640ce7429cde3b2347b08eba116ec1fc499b1afc220a9ba0f031e5f5a1f8
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
NIDS Severity Alert suricata low ET INFO JAVA - ClassID
GET /wp-admin/images/capitalone.com.asp/one/assets/uba.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 7058
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DF7E_923BD198:0050_63DBF021_F8D6:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/b216e0bbdc11a775dc4bfe1d2f17c61c.js.download
146.59.209.152200 OK 46 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/b216e0bbdc11a775dc4bfe1d2f17c61c.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (1780)
Hash f5f7cbb846fbd4566770e3e73bcc7fdd
eca46cb5a01ea4cd7af29de78766d70441dbe358
1c07ad1fd03291ee6a56ba4770f3c0db45deb573330ba27bad04d35630e84474
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/b216e0bbdc11a775dc4bfe1d2f17c61c.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 45758
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:113E_923BD198:0050_63DBF021_8059:630A
x-iplb-instance: 41930
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/js/sm_o.js
146.59.209.152200 OK 7.5 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/js/sm_o.js
IP 146.59.209.152:0
File type ASCII text, with very long lines (2238)
Hash db916a70ae2e23c2c3569ac600fb4cd4
84ada2ab6b568307f9eb6f559d36a17241895c95
d8daf2f5113ed858a1d2fd20fd2b7f2c29219292517781db9f54a114b7cbafe7
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/js/sm_o.js HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 7473
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D59E_923BD198:0050_63DBF021_55E5:EB94
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/js/wallet.js
146.59.209.152200 OK 1.4 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/js/wallet.js
IP 146.59.209.152:0
File type Unicode text, UTF-8 text, with very long lines (2237), with CRLF line terminators
Hash 0202ebfa9b7664d5949160ec58255bc4
f034a09cc0df7b451d71ce7f43c6ba13c929ee4f
7fe37727445a6a11dd99cd52c7db0ec91a319787cd053865024cf7ab25b728fa
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/js/wallet.js HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 1357
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:89D6_923BD198:0050_63DBF021_6D19:EB95
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/bfp-ah-min.js.download
146.59.209.152200 OK 11 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/bfp-ah-min.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (28446)
Hash 8edf39fc8a4354c57329bfe364b36efd
c0b9cd56a1a144ef7c82316b67befae333e9b25a
e3e8f586c6518b2957928118ba0589df0380904f35010758bd4b0cf9932e1cfc
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/bfp-ah-min.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 10739
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:9885_923BD198:0050_63DBF021_6D22:EB95
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/smartBanner.js.download
146.59.209.152200 OK 713 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/smartBanner.js.download
IP 146.59.209.152:0
Hash b5df44d737d6978432136c8f310232a2
357c939a23b75c9c6c23291cfab5c779f8f69143
7da2f7929c4db7e31fd91325d9a2bb46084f9f445dc87f74713659f4907454d6
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/smartBanner.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 713
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DFC3_923BD198:0050_63DBF021_F8DB:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/browserDecom.min.js.download
146.59.209.152200 OK 1.2 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/browserDecom.min.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (2889)
Hash 4ec74965fb119b01d559550e7769a60a
794db43b418b91f6330cc0a36de0553cb02d553a
276b7bb3b9ca5b9dfa85c02d10b63895f387fbdcbfee7ff91fc356aee5cf18fa
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/browserDecom.min.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 1220
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:DF7E_923BD198:0050_63DBF021_F8DC:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/runtime-es2015.42c82d55f001ae3c18ce.js.download
146.59.209.152200 OK 1.8 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/runtime-es2015.42c82d55f001ae3c18ce.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (3511), with no line terminators
Hash ee24560670d18e63f9e32efd74dc64e3
aa5cdf380b331264ba4a33827a6b8b8d7fbf508d
098b7427f17ab7768a0abc2b627016ab05b917ae74c5f151ab1d9d56cf37a1ea
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/runtime-es2015.42c82d55f001ae3c18ce.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 1773
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:113E_923BD198:0050_63DBF021_805A:630A
x-iplb-instance: 41930
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/scripts.15572fe86e8a678e73a5.js.download
146.59.209.152200 OK 730 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/scripts.15572fe86e8a678e73a5.js.download
IP 146.59.209.152:0
File type C source, ASCII text, with very long lines (1783), with no line terminators
Hash a1c669a49bc3e9130a17d91587029724
ba7d19e7d0e06e3ef73529094501c2216181cf1d
7dfc4b226e099910abf15120938a3d94c44ce1334805d83d5f4096d4d56f2d6b
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/scripts.15572fe86e8a678e73a5.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 730
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:89D6_923BD198:0050_63DBF021_6D23:EB95
x-iplb-instance: 41929
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/polyfills-es2015.395d2bdf0abb5c87e41b.js.download
146.59.209.152200 OK 32 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/polyfills-es2015.395d2bdf0abb5c87e41b.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b766f606fb322e4d1d2a11d1383d7dd5
5648767f3edb1886a597a7610b02bf1f1fa03cd0
5d5b3af0d5f25814b19c9b3d56e3a36aef5d3c6d05104ac485cb8a572065a692
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/polyfills-es2015.395d2bdf0abb5c87e41b.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
content-length: 32198
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:D59E_923BD198:0050_63DBF021_55EE:EB94
x-iplb-instance: 41929
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7295a27c6e56b48eae1c5defeaf70cf
cfcd3454939e07d9e84808a20214a2225c95fe3d
72efa51956cd62ad32cbc75662b9f9d7c97ace6ef09e836a2ccd6f48c1adac9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:17:21 GMT
Last-Modified: Thu, 02 Feb 2023 15:32:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/ajax-loader.gif
146.59.209.152200 OK 8.2 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/ajax-loader.gif
IP 146.59.209.152:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash f64b6f735c03431a65c7b211f55f5522
4d9a0c9e8d7aa20d6e6e3ea7881a41503028a7da
325c9abd3a010d95544f93d94a8ae5b9fae2a70affb4bfa260dd161cbf2e295b
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
GET /wp-admin/images/capitalone.com.asp/one/assets/ajax-loader.gif HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: image/gif
content-length: 8238
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
x-iplb-request-id: 5B5A2A9A:DF7E_923BD198:0050_63DBF021_F8E2:283CB
x-iplb-instance: 41928
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/capital-one-logo.svg
146.59.209.152200 OK 4.0 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/capital-one-logo.svg
IP 146.59.209.152:0
File type ASCII text, with very long lines (3967), with CRLF line terminators
Hash f0b7ad81821effc52540e39cafda48f9
33d64bc7001f414f12bd92e740a45e5ced239add
57dfca5b95599a613da940f4a49ab6378fcf0586366a47cae679796930bf0eed
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/capital-one-logo.svg HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: image/svg+xml
content-length: 3971
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
x-iplb-request-id: 5B5A2A9A:DFC3_923BD198:0050_63DBF021_F8E1:283CB
x-iplb-instance: 41928
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7295a27c6e56b48eae1c5defeaf70cf
cfcd3454939e07d9e84808a20214a2225c95fe3d
72efa51956cd62ad32cbc75662b9f9d7c97ace6ef09e836a2ccd6f48c1adac9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:17:21 GMT
Last-Modified: Thu, 02 Feb 2023 15:32:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7295a27c6e56b48eae1c5defeaf70cf
cfcd3454939e07d9e84808a20214a2225c95fe3d
72efa51956cd62ad32cbc75662b9f9d7c97ace6ef09e836a2ccd6f48c1adac9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6555
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:17:21 GMT
Last-Modified: Thu, 02 Feb 2023 15:28:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/icon-user.svg
146.59.209.152200 OK 584 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/icon-user.svg
IP 146.59.209.152:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (584), with no line terminators
Hash 1f46c36bca03354edd25a3e35b7977db
c002468fca8f3910fccba86c6d67602191eaeaed
32f101709eb4240f21b330c854ed3bd539c0dc9001f08bf51d4e6a5b6bf641c6
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/icon-user.svg HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: image/svg+xml
content-length: 584
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
x-iplb-request-id: 5B5A2A9A:113E_923BD198:0050_63DBF021_8063:630A
x-iplb-instance: 41930
ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2
104.110.12.190200 OK 28 kB URL HTTP/2 ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Rg.woff2
IP 104.110.12.190:0
File type Web Open Font Format (Version 2), TrueType, length 28388, version 1.0\012- data
Hash f4e1fbca28c954a486a90828b2ee7543
7750f00fe0337120e16632ea7fff2a78b11c874a
9b98e19f831844b3dae8e1fd65b6802bc778446fbdacac8203e34bbc02eacbcd
GET /CI_Common/assets/fonts/Optimist_W_Rg.woff2 HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://strategieredacweb.com
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 28388
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
etag: "f4e1fbca28c954a486a90828b2ee7543"
x-amz-server-side-encryption: AES256
x-amz-version-id: 1GgM.ruzxSoQhqV._aklwOsuyVwoqFBE
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: BGWuX4caZ0kfZbeEU9EBXkYNIfAXAQn7qhOobVDMcBZpZGYT9HOYpw==
x-datastream-cache-status: 1
cache-control: max-age=2076424
expires: Sun, 26 Feb 2023 18:04:25 GMT
date: Thu, 02 Feb 2023 17:17:21 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/main-es2015.2095117407d7e41cceb6.js.download
146.59.209.152200 OK 364 kB URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/main-es2015.2095117407d7e41cceb6.js.download
IP 146.59.209.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 364 kB (363637 bytes)
Hash 957bf429b4d0e06dbf232fea6058e74c
3fc9a5c3be1f5266a5593e73987fcfcc30e8e0bb
ec84b24c62b47045fb6e4b4471c94620fca038a487fb1fbcb0255f5a4559b37b
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/main-es2015.2095117407d7e41cceb6.js.download HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:21 GMT
content-type: application/javascript
transfer-encoding: chunked
server: Apache
last-modified: Mon, 05 Dec 2022 21:23:00 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Thu, 02 Feb 2023 17:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:9885_923BD198:0050_63DBF021_6D28:EB95
x-iplb-instance: 41929
ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2
104.110.12.190200 OK 28 kB URL HTTP/2 ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_SBd.woff2
IP 104.110.12.190:0
File type Web Open Font Format (Version 2), TrueType, length 28188, version 1.0\012- data
Hash d647937062406e5cc182de0cc77947d8
9d4c283a4fca43ae95019091bbd0a9e1b77b97bc
48b4ed4ba8ee0eaeddfba861e6772c61f818931816102636a888ec0b49bce056
GET /CI_Common/assets/fonts/Optimist_W_SBd.woff2 HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://strategieredacweb.com
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 28188
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
etag: "d647937062406e5cc182de0cc77947d8"
x-amz-server-side-encryption: AES256
x-amz-version-id: QmX7yv6RJT4hT4UTSJmqyU0reaonF3KP
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: SxgW2j2Ku0ctcy9uifxoUSuEGDe6rOxpREUwMoFk23y-XvIAp5y9VA==
x-datastream-cache-status: 1
cache-control: max-age=1301943
expires: Fri, 17 Feb 2023 18:56:24 GMT
date: Thu, 02 Feb 2023 17:17:21 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2
104.110.12.190200 OK 28 kB URL HTTP/2 ecm.capitalone.com/CI_Common/assets/fonts/Optimist_W_Lt.woff2
IP 104.110.12.190:0
File type Web Open Font Format (Version 2), TrueType, length 27852, version 1.0\012- data
Hash cb37fa55f3dfdd26d61901032a53644f
1115e8d43a08c1f74ec1f6a886d1cb530bb9da97
902c5a9d8ad932630fb2021fe1a1a7f4f06513b19e8d073866178ee65ff33fe9
GET /CI_Common/assets/fonts/Optimist_W_Lt.woff2 HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://strategieredacweb.com
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 27852
last-modified: Fri, 28 Jun 2019 00:26:02 GMT
etag: "cb37fa55f3dfdd26d61901032a53644f"
x-amz-server-side-encryption: AES256
x-amz-version-id: Q75rYxmglrbgkwTTGgaHL71RQB9n5YCD
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: WZLHu-KyMHr9Oi38M7o8z4XXwUqHnVG-f6Rg-E6l9knxWl69APaosA==
x-datastream-cache-status: 1
cache-control: max-age=2425556
expires: Thu, 02 Mar 2023 19:03:17 GMT
date: Thu, 02 Feb 2023 17:17:21 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:07:19 GMT
age: 603
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11668
Expires: Thu, 02 Feb 2023 20:31:50 GMT
Date: Thu, 02 Feb 2023 17:17:22 GMT
Connection: keep-alive
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg
104.110.12.190200 OK 739 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/twitter-social.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 77f2d72cdcf4aaf7acb2fac186d73d88
b37ae89afcddcda7aa42ca0f6e08a1f5d99171de
f9255b9c7d4a83868ae8f4d4757c5ca10701ee564a0128f6c8d412aaa2988fc2
GET /CI_Common/assets/images/footer/social-icons/twitter-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: WY8VBzDyq7FctDDX8MrQBW0rTz7Flw8l
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: gcA3FZ_2GSoxh0bSKcFTC57Y40mQrGEIkILIkr3sRpMMNUZPffZEpw==
content-length: 739
x-datastream-cache-status: 1
cache-control: max-age=1894991
expires: Fri, 24 Feb 2023 15:40:33 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg
104.110.12.190200 OK 773 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/instagram-social.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1670), with no line terminators
Hash c590292db39fd301fe239cab121c47fa
4ade30ea9ec3c6eae149d8b20d0b206bdfcc7045
38e7c2bc6691d6c3306f1c2fa258f0cdba9d1bb9e30aa84f936ddbea7aa8cf36
GET /CI_Common/assets/images/footer/social-icons/instagram-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: FUfIizReL1r02BrKB1G0_CUQXIQQ79Tx
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: 3zWyTF2GjDRuA8_zXbFBO7gTAaTuBuO00CKdgIyXyrjoI2TCxLixcA==
content-length: 773
x-datastream-cache-status: 1
cache-control: max-age=2425415
expires: Thu, 02 Mar 2023 19:00:57 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg
104.110.12.190200 OK 349 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/linkedin-social.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (605), with no line terminators
Hash 64de3d9e5f3776050da1ad3bc8600af4
2ef81f9a7e5589573455c4bcdd2cd23f0389dcae
7abcdb44730a9a13299592a437d3204f4d3003beb1002182a3bc2bd4455cfc10
GET /CI_Common/assets/images/footer/social-icons/linkedin-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: "4135a3d131493d86e0db3c8ad0420602"
x-amz-server-side-encryption: AES256
x-amz-version-id: V4.R2G9M5ytZINKkEHFYF7hbdLSExGPo
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: G52Tu5rqS37X025ZWcrVExJZ-R9oPcxMBTc-R7DPcrolYcdm0bTuZQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 349
x-datastream-cache-status: 1
cache-control: max-age=1154223
expires: Thu, 16 Feb 2023 01:54:25 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg
104.110.12.190200 OK 1.7 kB URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/logos/capital-one-logo.svg
IP 104.110.12.190:0
File type ASCII text, with very long lines (3967), with CRLF line terminators
Hash 3c887b5a7da3e079b28af9611727d603
68699a4791f42d8f8c9885b1d0161b073dd311cb
f5f35ab66bfc36f0b507c2d79daef9fb7d4b6b25517941938a2fd0200786639b
GET /CI_Common/assets/images/logos/capital-one-logo.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 20 Jan 2021 18:06:43 GMT
etag: W/"f0b7ad81821effc52540e39cafda48f9"
x-amz-server-side-encryption: AES256
x-amz-version-id: 8LzbBBEj8zCeatCBoYuv1q1dFFpTcVNl
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: J7vYkMHldk7VQFB1bIHduw5NeYZkhfnOKJKZr7aIcKYAuVn4YqAoug==
content-length: 1737
x-datastream-cache-status: 1
cache-control: max-age=1904074
expires: Fri, 24 Feb 2023 18:11:56 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg
104.110.12.190200 OK 295 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/you-tube-social.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (491), with no line terminators
Hash 7462100767fa7d0d3207511f2d59cf61
36dd49191ef83ff7828aa3383c6c8d6e78da8b84
1890c97b98616b3cefb17f9c783b2748adabec944a833b6fcd88508f522edb18
GET /CI_Common/assets/images/footer/social-icons/you-tube-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: "0a9ec1ae291522dcb84befe6a44c3830"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5PqSeWnBhEvAtcPgf2XAbVZCtyvnbUxM
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: udmibnSSc80ZttssKn9Siq6GfDhl8gbCn4SNNcE3kxwIAwPjRGAh_w==
vary: Accept-Encoding
content-encoding: gzip
content-length: 295
x-datastream-cache-status: 1
cache-control: max-age=1901879
expires: Fri, 24 Feb 2023 17:35:21 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg
104.110.12.190200 OK 299 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/www-ehl.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (437), with no line terminators
Hash 2b98eb56c1f6a772cc16038112af96f0
282bb690f0645ad79c999c9ef8f3063a4b3a8a87
00b44672dfc32e5609a4bea2e6dcac7baaf08026e455da3e3334a66ac068569b
GET /CI_Common/assets/images/footer/www-ehl.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:06 GMT
etag: "30d0ea03dfc7173265c5896affca1ad9"
x-amz-server-side-encryption: AES256
x-amz-version-id: Cfpp_Ya_3POEKViDatTY.UH0GBjWHzjx
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: JSxz0f-D-jytf_m62HmNWnzCfgJw-vtpcW8Xk1sQpAngH2JGTZ_vHQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 299
x-datastream-cache-status: 1
cache-control: max-age=1299256
expires: Fri, 17 Feb 2023 18:11:38 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg
104.110.12.190200 OK 282 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/social-icons/facebook-social.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (431), with no line terminators
Hash 30fa58d0bf1bfed5fdfbdefcb478a2c9
8536df86e5d310f00c29ad1f547a89f0e6df92c7
15ccbac86a9d7f0e11bf328d3c5256e58fa7273e6ac279c671d60f4dcf19a31a
GET /CI_Common/assets/images/footer/social-icons/facebook-social.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:05 GMT
etag: "e43c5a7e7fb8c3c12579162a4986b1ad"
x-amz-server-side-encryption: AES256
x-amz-version-id: sp5rcJ_CixBIFs_Kbc9AtTIkRc82cd4R
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: 9yfOZylyVUTLW-XJqXnsgG1CSEcq-mYUooMIoo_8hg6ye-qdhcPc-A==
vary: Accept-Encoding
content-encoding: gzip
content-length: 282
x-datastream-cache-status: 1
cache-control: max-age=2239095
expires: Tue, 28 Feb 2023 15:15:37 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg
104.110.12.190200 OK 955 B URL HTTP/2 ecm.capitalone.com/CI_Common/assets/images/footer/www-fdic.svg
IP 104.110.12.190:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1959), with no line terminators
Hash 30bc9833d1b4249209bbbbc5712df918
f46f632ab55fa3372d697125b84c489ffb260087
dacca07b11d3e87f5063f5395daab105c502eca91ca4af876df3dfd2fa943df0
GET /CI_Common/assets/images/footer/www-fdic.svg HTTP/1.1
Host: ecm.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Fri, 28 Jun 2019 00:26:06 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8xRP0pbuqhkFsGgLYTsgGzSHlkx4pEGg
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: AA-gr5qFAQOBSOZ6gASftnZWidMs1NQby7eRXqwUj-42Y08HbOViAA==
content-length: 955
x-datastream-cache-status: 1
cache-control: max-age=2425431
expires: Thu, 02 Mar 2023 19:01:13 GMT
date: Thu, 02 Feb 2023 17:17:22 GMT
access-control-request-method: POST,GET,PUT,DELETE
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/saved_resource.html
146.59.209.152200 OK 258 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/saved_resource.html
IP 146.59.209.152:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ecfcb34b5ad977c954f2c20cbcde3638
2801de8efebbc99b4f64383f24c9518510ee716e
ced5a98e65c7729d8ceb1298c095bc93d4d1659a1a0ceafc01793e451ade3a09
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/saved_resource.html HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 02 Feb 2023 17:17:22 GMT
content-type: text/html
content-length: 258
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:113E_923BD198:0050_63DBF021_8066:630A
x-iplb-instance: 41930
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jd9l3JcHDsiIsG7Na8Pm8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zEkSXP8XQEXg1Lv2DSNCn04Kbvk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e9052ee0a7f44fb04bcaab853dabcd8
63f6cc3d67f57681f39a78ca3ee48c5faec1a1ae
1271ab59e84f3e57d6cfa17fa7fada99ee6f09819773ee92d6460b3cacca59d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1271AB59E84F3E57D6CFA17FA7FADA99EE6F09819773EE92D6460B3CACCA59D5"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Thu, 02 Feb 2023 23:16:47 GMT
Date: Thu, 02 Feb 2023 17:17:22 GMT
Connection: keep-alive
strategieredacweb.com/wp-admin/images/capitalone.com.asp/tmp/capitalone_panel?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330
146.59.209.152301 Moved Permanently 603 B URL HTTP/2 strategieredacweb.com/wp-admin/images/capitalone.com.asp/tmp/capitalone_panel?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330
IP 146.59.209.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (445)
Hash 470b3dd49fd73fc91d0ea6ff5584fea7
75ae7949a4f266c1efc2475335f325b801e79c90
c120c3aab5b7032f831765b5d6f61a022af0d1545c4c7666fa9f8dc00059d5f9
GET /wp-admin/images/capitalone.com.asp/tmp/capitalone_panel?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330 HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 17:17:22 GMT
content-type: text/html; charset=iso-8859-1
content-length: 603
server: Apache
location: https://strategieredacweb.com:443/wp-admin/images/capitalone.com.asp/tmp/capitalone_panel/?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330
X-Firefox-Spdy: h2
tms.capitalone.com/capitalone/prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=tms.capitalone.com/capitalone/prod/code/&publishedOn=Thu%20Oct%2013%2018:06:31%20GMT%202022&ClientID=581&PageID=http%3A%2F%2Fstrategieredacweb.com%2Fwp-admin%2Fimages%2Fcapitalone.com.asp%2Fone%2F%3Fwebview%3Dundefined
63.34.68.24200 OK 219 B URL HTTP/1.1 tms.capitalone.com/capitalone/prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=tms.capitalone.com/capitalone/prod/code/&publishedOn=Thu%20Oct%2013%2018:06:31%20GMT%202022&ClientID=581&PageID=http%3A%2F%2Fstrategieredacweb.com%2Fwp-admin%2Fimages%2Fcapitalone.com.asp%2Fone%2F%3Fwebview%3Dundefined
IP 63.34.68.24:0
Hash d54febbcaf4fa595e9ccb54a69fc5d4b
83a05ab1094ca328fd45a81bb03d9354e4426cdf
78d1c883b3f4a83b5202e1c1e2534910a6d706d52d43e766c67ea79e98902f27
GET /capitalone/prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=tms.capitalone.com/capitalone/prod/code/&publishedOn=Thu%20Oct%2013%2018:06:31%20GMT%202022&ClientID=581&PageID=http%3A%2F%2Fstrategieredacweb.com%2Fwp-admin%2Fimages%2Fcapitalone.com.asp%2Fone%2F%3Fwebview%3Dundefined HTTP/1.1
Host: tms.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 17:17:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 02 Feb 2023 17:17:21 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 a9b2260e7964d946bfaccecd2e947938.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: efwdiYUpBTRzvq1gm2dHR9iLzJmP0myto2a4wvpnCUCSw6hINk7ZJg==
Content-Encoding: gzip
strategieredacweb.com/wp-admin/images/capitalone.com.asp/tmp/capitalone_panel/?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330
146.59.209.152200 OK 4.1 kB URL HTTP/2 strategieredacweb.com/wp-admin/images/capitalone.com.asp/tmp/capitalone_panel/?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330
IP 146.59.209.152:0
File type ASCII text, with very long lines (600)
Hash a4d595819bfcc0d5dd7d24cd5a79fe53
f18eb3ca7effee435ef03a0bb0ea38a8a674f193
47cad46541d1e51861d2b4eaa01167c739c7e4e918d1a36973e18ca26edb8651
GET /wp-admin/images/capitalone.com.asp/tmp/capitalone_panel/?master=1&action=set&link=wallet&login_info=Capitalone%20Bank&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1675358269330 HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://strategieredacweb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:17:22 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.2
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 02 Feb 2023 17:17:22 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1169.min.js
151.101.66.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1169.min.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (32021)
Hash b710c03d2405421082b06522e3a0f342
90d7d18f3c5cb62752710b22be35a0c0bf4044bc
821ba7236fc9289747953f9bdeab1232750d1e7c793bc95c739c340ffa91aa42
GET /nr-spa-1169.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xc+Dc8MH+kHp+BhwvxpIHym+IPnTIxfEFguQd1bGEZITtMGSTKDpb3PuMgthZspaF7pMhEIZwPM=
x-amz-request-id: 2VYW9KWD3CHB6A9Z
last-modified: Wed, 20 May 2020 21:16:17 GMT
etag: "5e3590bffa49fddc4bc389e63736da42"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 02 Feb 2023 17:17:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 250
x-timer: S1675358243.121882,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 13996
X-Firefox-Spdy: h2
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json
146.59.209.152301 Moved Permanently 0 B URL HTTP/1.1 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json
IP 146.59.209.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Capital One
fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
Cookie: mycounter=Checked
HTTP/1.1 301 Moved Permanently
date: Thu, 02 Feb 2023 17:17:23 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.2
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json
x-iplb-request-id: 5B5A2A9A:113E_923BD198:0050_63DBF022_80B0:630A
x-iplb-instance: 41930
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9cc68e933a703ab17858b65432c675f7
8ba7f07b32b4c3fdeb40aaf9bb47126c86010cd3
35479672fb8118dfee89e1ba4c16fdee728920bdd349854b39e090ef6a8d2354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5256
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:17:23 GMT
Last-Modified: Thu, 02 Feb 2023 15:49:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
verified.capitalone.com/auth/favicon.ico
104.66.116.139200 OK 15 kB URL HTTP/2 verified.capitalone.com/auth/favicon.ico
IP 104.66.116.139:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash d27e1739c7477b10ec6917546ae61f1d
bb36ab8bce726ce72a2d74a8529526bca0fa515d
5f2123af80970c0478de7f373c9d861d886e070592ebcd55fa372d8dfc9752ec
GET /auth/favicon.ico HTTP/1.1
Host: verified.capitalone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15086
last-modified: Fri, 20 Jan 2023 16:05:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: medYB7YN6vRMUMo4zq9flsKJ1RJkhuHe
accept-ranges: bytes
server: AmazonS3
etag: "d27e1739c7477b10ec6917546ae61f1d"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31622400; includeSubdomains
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: j8NsWfj5YYQ9yBD9vPxffEW0LUia8EheRApVRRN5UNQzcXgTyfXI9w==
date: Thu, 02 Feb 2023 17:17:23 GMT
set-cookie: akacd_phased_release_site_down=1675358303~rv=64~id=8cc7dcc92e27235f07a7bdb93f5745b4; path=/; Expires=Thu, 02 Feb 2023 17:18:23 GMT; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY, deny
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8780
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 17:17:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8780
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 17:17:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8780
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 17:17:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8780
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 17:17:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8780
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 17:17:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 68308
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 68716
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 68320
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 35326
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bam.nr-data.net/1/0a6015c82e?a=793679698&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=2239&ck=1&ref=http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/&be=662&fe=1956&dc=1668&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675358268026,%22n%22:0,%22f%22:-8,%22dn%22:-5,%22dne%22:141,%22c%22:141,%22ce%22:171,%22rq%22:173,%22rp%22:296,%22rpe%22:352,%22dl%22:404,%22di%22:1446,%22ds%22:1667,%22de%22:1674,%22dc%22:1955,%22l%22:1955,%22le%22:1956%7D,%22navigation%22:%7B%7D%7D&fcp=1407&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/0a6015c82e?a=793679698&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=2239&ck=1&ref=http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/&be=662&fe=1956&dc=1668&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675358268026,%22n%22:0,%22f%22:-8,%22dn%22:-5,%22dne%22:141,%22c%22:141,%22ce%22:171,%22rq%22:173,%22rp%22:296,%22rpe%22:352,%22dl%22:404,%22di%22:1446,%22ds%22:1667,%22de%22:1674,%22dc%22:1955,%22l%22:1955,%22le%22:1956%7D,%22navigation%22:%7B%7D%7D&fcp=1407&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/0a6015c82e?a=793679698&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=2239&ck=1&ref=http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/&be=662&fe=1956&dc=1668&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675358268026,%22n%22:0,%22f%22:-8,%22dn%22:-5,%22dne%22:141,%22c%22:141,%22ce%22:171,%22rq%22:173,%22rp%22:296,%22rpe%22:352,%22dl%22:404,%22di%22:1446,%22ds%22:1667,%22de%22:1674,%22dc%22:1955,%22l%22:1955,%22le%22:1956%7D,%22navigation%22:%7B%7D%7D&fcp=1407&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:17:23 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7934947d4bd3b524-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=c514b906fa6dfc7d; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: htcecPD3kYwCPwPPCqgVuXnCuKo6TTKntzaB2xFID5fvBXpZQe463A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:38 GMT
age: 69465
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 67932
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/0a6015c82e?a=793679698&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=3229&ck=1&ref=http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/0a6015c82e?a=793679698&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=3229&ck=1&ref=http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/0a6015c82e?a=793679698&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=3229&ck=1&ref=http://strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 347
Origin: http://strategieredacweb.com
Connection: keep-alive
Referer: http://strategieredacweb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 17:17:24 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 793494824c2bb524-OSL
Access-Control-Allow-Origin: http://strategieredacweb.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json
146.59.209.152404 Not Found 0 B URL HTTP/2 strategieredacweb.com/wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json
IP 146.59.209.152:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/images/capitalone.com.asp/one/assets/configuration/sign-in/default.json HTTP/1.1
Host: strategieredacweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://strategieredacweb.com
Referer: http://strategieredacweb.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 17:17:24 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.2
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://strategieredacweb.com/wp-json/>; rel="https://api.w.org/"
X-Firefox-Spdy: h2