Report - greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363

Report Overview

Submitted URL
greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
IP
192.124.249.7
ASN
#30148 SUCURI-SEC
Submitted
2023-06-10 12:56:18
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22	2023-06-10	336 B	2.4 kB	192.124.249.22
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-10	1.0 kB	95 kB	216.58.207.227
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-10	1.0 kB	2.8 kB	54.230.80.227
www.trustedsite.com	15448	2004-06-07	2017-01-30	2023-06-10	456 B	1.3 kB	54.191.54.95
greggeng.com	unknown	2008-11-10	2014-03-04	2023-05-23	689 B	1.2 kB	192.124.249.7
www.greggeng.com	unknown	2008-11-10	2014-03-04	2023-05-22	12 kB	1.0 MB	192.124.249.7
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-10	1.3 kB	2.8 kB	142.250.74.131
s3-us-west-2.amazonaws.com	unknown	2005-08-18	2017-01-29	2023-06-10	990 B	2.0 kB	52.92.194.0
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-10	448 B	7.3 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-10 12:56:01	high	Client IP	192.124.249.7	ET PHISHING Generic Phishkit Activity (GET)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363	117 B	2023-05-21	2023-06-10
Pretty URL www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363 IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 10:34:25 Last Seen2023-06-10 14:56:21 Times Seen14 Hash 2247ecf3397015da8a3976bd965f5ff3 ee80dd4ab482d2d51f2b53fbbc4a4a0a19c86577 cf2a93ae659b5715576bbbd62805fe239ff955b88524c542ec715ed0ad4af1ab Loading...

	www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363	1.4 kB	2023-03-07	2024-04-21
Pretty URL www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363 IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-21 05:12:26 Times Seen1941 Hash baa52dd43e0e29340348ae52a88fdcfd a85cd8502fafa4fb5cb0786c1ab1e6c0c957093e 49117ca60d8aeb4aa478d3541e09db31ce6fe2608ff7f96e9409239390e6b1bc Loading...

	www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-07ff82d1548183f0aa45b4b4f2759c69.js	160 kB	2023-05-21	2023-06-10
Pretty URL www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-07ff82d1548183f0aa45b4b4f2759c69.js IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 10:34:25 Last Seen2023-06-10 14:56:21 Times Seen28 Hash d3cadfa668e80050ad8aad3d3278cc08 38b1ce6a6238b2fa556a3eea69807522859c6170 ae7391cdb8fe6af84fd0a352010174d1297f954a8e7b461d14539f7edd27e827 Loading...

	www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=greggeng.com&rand=1686401763841	6 B	2023-03-07	2024-04-18
Pretty URL www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=greggeng.com&rand=1686401763841 IP 54.191.54.95 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:57 Last Seen2024-04-18 08:28:18 Times Seen945 Hash 714941ce444573628d1d7f71369ec475 8abc077c85bdcd2fa69103c0f9253aa4fa0f5400 a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1 Loading...

	www.greggeng.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-29	2024-04-24
Pretty URL www.greggeng.com/wp-includes/js/jquery/jquery.min.js IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:52:25 Last Seen2024-04-24 11:47:13 Times Seen102864 Hash 0e850a69bc7fd0acc2e92ce6eee87959 8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Loading...

	www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363	207 B	2023-05-21	2023-06-10
Pretty URL www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363 IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 10:34:25 Last Seen2023-06-10 14:56:21 Times Seen14 Hash e293a23b0d5151f0989640ca891ed7f9 e2d0d1f877677f6b7434b50a98b8bbeea3cf58f2 8c11b2ed06e72ad8f57f507c396b0e86bc3673ac25ddac93fc83048b61ace525 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 129f5fd162665cd0abc0f39fea8c9e8f	24 kB	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:33:09 Last Seen2024-04-22 12:32:09 Times Seen1066 Hash 129f5fd162665cd0abc0f39fea8c9e8f 253c21387dc8055cee42777276f455c7794de3cf a6336811b695da7dff581c054bbcb90502e899d034ec0f26005f91236c3817b1 Loading...

HTTP Transactions (33)

URL IP Response Size

ocsp.starfieldtech.com/

192.124.249.22

1.8 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
b2c938d0df31dbfee56801ebf2859fd8
90eebdfa19c91f03bc3ff4a989fbb6d5aed9fa63
4a6ed96f33e48ad181bc887af164f3bcf9c25a62e762855d6538c3e79df8fc2e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 10 Jun 2023 12:56:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 10 Jun 2023 08:57:21 GMT
Expires: Sun, 11 Jun 2023 08:57:21 GMT
ETag: "90eebdfa19c91f03bc3ff4a989fbb6d5aed9fa63"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363

192.124.249.7

301 Moved Permanently

461 B

URL User Request GET HTTP/2
greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Size
461 B (461 bytes)
Hash
4903676ec82b71b8b6dbe894ca132489
b51b5a6e9291acce8e40206bc49fd107a5f01f76
2e2522ddfb2955cf0cf193d3fd3eda822c6812139aad63d2bcc6fcae462f1f25

HTTP Headers

GET /language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363 HTTP/1.1
Host: greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 10 Jun 2023 12:56:00 GMT
content-type: text/html; charset=iso-8859-1
content-length: 461
location: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363

192.124.249.7

404 Not Found

461 B

URL User Request GET HTTP/2
www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Size
461 B (461 bytes)
Hash
4903676ec82b71b8b6dbe894ca132489
b51b5a6e9291acce8e40206bc49fd107a5f01f76
2e2522ddfb2955cf0cf193d3fd3eda822c6812139aad63d2bcc6fcae462f1f25

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363 HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Sat, 10 Jun 2023 12:56:01 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 461
Connection: keep-alive
X-Sucuri-ID: 19007
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0301 NC:000000 UP:
X-Sucuri-Cache: MISS

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
039bd5f5536d1b489d46e52d9cd5a21e
88770d7c23bb9aefa7d8fad6262332c0a682a0d3
6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:56:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
039bd5f5536d1b489d46e52d9cd5a21e
88770d7c23bb9aefa7d8fad6262332c0a682a0d3
6195b2c8747988942a35a477b811d323d137e697b23c6670d093a1b10c4879c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:56:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

192.124.249.7

404 Not Found

7.7 kB

URL User Request GET HTTP/2
www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (17312)
Size
7.7 kB (7718 bytes)
Hash
e64a927fb1ebd9f3d7465603da1fcdf7
f2ac66a87dd3b00c2eb1aa42d988750ad9988626
8c7bbe56363f8ca3603cd8d4f16eed5f626df33068fd7b245b284dea2135efbd

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363 HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-cache-enabled: True
link: <https://www.greggeng.com/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://www.greggeng.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.greggeng.com
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:56:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

46 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size
46 kB (46524 bytes)
Hash
c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

HTTP Headers

GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 10:39:52 GMT
expires: Wed, 05 Jun 2024 10:39:52 GMT
cache-control: public, max-age=31536000
age: 353771
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

46 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size
46 kB (46524 bytes)
Hash
c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

HTTP Headers

GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 10:39:52 GMT
expires: Wed, 05 Jun 2024 10:39:52 GMT
cache-control: public, max-age=31536000
age: 353771
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/font/ozy/fonts/ozythemes.woff

192.124.249.7

200 OK

157 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/font/ozy/fonts/ozythemes.woff
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
Web Open Font Format, CFF, length 157276, version 1.0\012- data
Size
157 kB (157276 bytes)
Hash
bd3b793d5bb8675be94b2285c31c808f
51a4a6d00b5caf18d90019893cf8d9e6bd882ec5
dcaeffb8ad46c825cda91a295a56405559ac6ff8a9a85c950f58cbabd0df2081

HTTP Headers

GET /wp-content/themes/logistic/font/ozy/fonts/ozythemes.woff HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/wp-content/themes/logistic/font/font.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:03 GMT
content-type: font/woff
content-length: 157276
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
etag: "60dba5c7-2665c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 12:56:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.greggeng.com/wp-content/themes/logistic/images/assets/trees2.png

192.124.249.7

200 OK

264 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/images/assets/trees2.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
PNG image data, 1920 x 457, 8-bit/color RGBA, non-interlaced\012- data
Size
264 kB (263686 bytes)
Hash
b717fd4fe5e44d3a27fe6e0b012e00ea
6f2c923b70f654de8e8dc41c78e2b33b9ed23651
a40309268f6a5a990170a0ce819c1c7b87d8c0ff36c84e10c85be7594fdfd32f

HTTP Headers

GET /wp-content/themes/logistic/images/assets/trees2.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/wp-content/themes/logistic/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:03 GMT
content-type: image/png
content-length: 263686
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
etag: "60dba5c7-40606"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-192x192.png

192.124.249.7

200 OK

12 kB

URL GET HTTP/2
www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-192x192.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12188 bytes)
Hash
1e1e38579456e0d9882ea97deb091b9f
905fa9154d0a5b69c378657f7a2fbeab2670e649
6014ef412e2c2a33d37274cda081cc2fdffcb2fbeb7f251ce7b622737127480e

HTTP Headers

GET /wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-192x192.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:03 GMT
content-type: image/png
content-length: 12188
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 22 Sep 2018 14:14:00 GMT
etag: "5ba64e28-2f9c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css

192.124.249.7

200 OK

40 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (65358)
Size
40 kB (40122 bytes)
Hash
4c348dcc9f75f14af534ec81462f9d74
ab03af7512bb03004317bc5ba49e3776c52c5402
e97075bd70ab8a70cc576b5d90bd13a3e715313272cec401c9342f4665a4c353

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 06 Jun 2023 20:40:50 GMT
vary: Accept-Encoding
etag: W/"647f99d2-70f6e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/font/font.min.css

192.124.249.7

200 OK

13 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/font/font.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (13369 bytes)
Hash
5199ce698b8f39a66ecb0f118fbb4d03
f27403ab7eddb1ddbd72e2b76a6356dcd444c240
587557aad01cbbb2498e52f56b3bdc1a525b71595da22c8027918c5dcf04c9c2

HTTP Headers

GET /wp-content/themes/logistic/font/font.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
vary: Accept-Encoding
etag: W/"60dba5c7-133c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
495d48604a5121ac7849e3c657b6fc88
55c1283488b6b4f4cecd60b81a5263c51110c9eb
8325a06d83fc1ad59b360f8052ae85cd4b287b70d1d73953da5d4b482d21e7e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 10 Jun 2023 12:56:04 GMT
Last-Modified: Sat, 10 Jun 2023 11:13:41 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8sxmLbNkc0-aSkSDXBrP4iLpGKzxbTcS38iq0juyjpYRUWfCI1LTAw==
Age: 6143

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
495d48604a5121ac7849e3c657b6fc88
55c1283488b6b4f4cecd60b81a5263c51110c9eb
8325a06d83fc1ad59b360f8052ae85cd4b287b70d1d73953da5d4b482d21e7e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 10 Jun 2023 12:56:04 GMT
Last-Modified: Sat, 10 Jun 2023 11:46:30 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -A_z0beRPrjPpucpc5KCchc5LxWSj58deWFXBWBvI9O0u99sgJHLBw==
Age: 4174

s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsmain

52.92.194.0

200 OK

152 B

URL GET HTTP/1.1
s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsmain
IP
52.92.194.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerAmazon
Subject*.s3-us-west-2.amazonaws.com
Fingerprint4B:CD:30:FC:7D:85:73:AF:B7:B6:E7:68:00:54:01:3B:0E:B6:CD:10
ValidityTue, 11 Apr 2023 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
d16b1a35f59478f4ec2da311fe3e72e2
9f0da1f2c552271f3163b85d849a315efd8989e5
8e1f852ff9a3fbac94a2d04d75161839bd92667352153acd5fe3163823139633

HTTP Headers

GET /mfesecure-public/host/greggeng.com/client.json?source=jsmain HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: lpsS/ozSgpCp7VlVNiZx9eVAngPiKxUpx1xRbri1gOIk8d0GTUyZWWEfB9e0zc/mSAcEy7eRvtc=
x-amz-request-id: R6TSD0M7GBKP1E3H
Date: Sat, 10 Jun 2023 12:56:05 GMT
Access-Control-Allow-Origin: https://www.greggeng.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 04 Jun 2023 15:01:15 GMT
ETag: "f53fc5ed8a7625e12e6c18ea133ff640"
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: Ql8HhfJ7aBPFG36KBNWSu15UKckjH9EZ
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 152

s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsinline

52.92.194.0

200 OK

152 B

URL GET HTTP/1.1
s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsinline
IP
52.92.194.0:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerAmazon
Subject*.s3-us-west-2.amazonaws.com
Fingerprint4B:CD:30:FC:7D:85:73:AF:B7:B6:E7:68:00:54:01:3B:0E:B6:CD:10
ValidityTue, 11 Apr 2023 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
d16b1a35f59478f4ec2da311fe3e72e2
9f0da1f2c552271f3163b85d849a315efd8989e5
8e1f852ff9a3fbac94a2d04d75161839bd92667352153acd5fe3163823139633

HTTP Headers

GET /mfesecure-public/host/greggeng.com/client.json?source=jsinline HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: HVSQWBp6S/X9jy4xCrkpFUKFYTEqF99knfkV1KrFdjxuMGUqwZLREbbkf7K7F1RuDHXjN2qaArc=
x-amz-request-id: R6TN23Z1EWEK84CA
Date: Sat, 10 Jun 2023 12:56:05 GMT
Access-Control-Allow-Origin: https://www.greggeng.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Sun, 04 Jun 2023 15:01:15 GMT
ETag: "f53fc5ed8a7625e12e6c18ea133ff640"
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: Ql8HhfJ7aBPFG36KBNWSu15UKckjH9EZ
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 152

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bc2cbcd39602b789eb4ed0b8bbd39411
c79c22402863acd16b52cde19c093a00735da61d
0512cef7eec63280cb1396d680028c32dde22dde41500859d1e6295b8fd3db70

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 10 Jun 2023 12:56:04 GMT
Last-Modified: Sat, 10 Jun 2023 11:44:54 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m-Jv3kY-ORuyJGEh0ddqDvxciXGpSTwaNVZmndFCGrYy2hhJWZob0A==
Age: 4270

www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=greggeng.com&rand=1686401763841

54.191.54.95

200 OK

26 B

URL GET HTTP/2
www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=greggeng.com&rand=1686401763841
IP
54.191.54.95:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerAmazon
Subject*.trustedsite.com
FingerprintAD:0C:49:BC:83:14:75:71:D4:D1:17:03:87:79:4E:43:72:CA:B5:FF
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 09 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
26 B (26 bytes)
Hash
714941ce444573628d1d7f71369ec475
8abc077c85bdcd2fa69103c0f9253aa4fa0f5400
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

HTTP Headers

GET /rpc/ajax?do=tmjs-visit&host=greggeng.com&rand=1686401763841 HTTP/1.1
Host: www.trustedsite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 Jun 2023 12:56:05 GMT
content-type: text/javascript; charset=utf-8
content-length: 26
set-cookie: AWSALB=KzvuawWQEBrmWNFIlaBffDPRoG5nUlRuvGMTxgADLBrhAJ8wwo0NOcNZjOzqlo5BVEbEqnfC8/8opRi7Smte5trEOd3gT7J4KWeSsg921sAqpyupEfNq7CAoXIyy; Expires=Sat, 17 Jun 2023 12:56:05 GMT; Path=/
AWSALBCORS=KzvuawWQEBrmWNFIlaBffDPRoG5nUlRuvGMTxgADLBrhAJ8wwo0NOcNZjOzqlo5BVEbEqnfC8/8opRi7Smte5trEOd3gT7J4KWeSsg921sAqpyupEfNq7CAoXIyy; Expires=Sat, 17 Jun 2023 12:56:05 GMT; Path=/; SameSite=None; Secure
server: Apache
x-trace: 2BF354CA32726412CA47747D382F0FEC0D186E03D4000000000000000000
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/framework/public/css/vendor/font-awesome.min.css

192.124.249.7

200 OK

18 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/framework/public/css/vendor/font-awesome.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (648), with CRLF line terminators
Size
18 kB (18495 bytes)
Hash
9b44bbc6b6531ea7c6aca9b98c355cf7
07d4bf9ae5cad1626c60627e46b40fd97b2b86ea
8d6b157f6513244ac6f8db9af5615c9954f58d6c42dbf742dc9c1ba6d166a1ac

HTTP Headers

GET /wp-content/themes/logistic/framework/public/css/vendor/font-awesome.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
vary: Accept-Encoding
etag: W/"60dba5c7-483f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/style.css

192.124.249.7

200 OK

220 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/style.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type

Size
220 kB (219788 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/logistic/style.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/wp-content/themes/logistic-child/style.min.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
vary: Accept-Encoding
etag: W/"60dba5c7-35a8c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-32x32.png

192.124.249.7

200 OK

946 B

URL GET HTTP/2
www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-32x32.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
946 B (946 bytes)
Hash
9e15330e71041048e816e93744ca23d1
34c82c866e65b8862771cdb49cdf772997903db1
dec425a4b603bb514a4eb3feafc7798149fb58ca590271b460d49673570e8a16

HTTP Headers

GET /wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-32x32.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:03 GMT
content-type: image/png
content-length: 946
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 22 Sep 2018 14:14:00 GMT
etag: "5ba64e28-3b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/images/assets/gradient.png

192.124.249.7

200 OK

2.6 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/images/assets/gradient.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
PNG image data, 7 x 528, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2632 bytes)
Hash
e307a5ece20d8270bb61c716c7e3d441
97ca8d7d9a96aac40061093b25e1c91ec132a542
e11154fa0d604ef244046d94d890d215d6831e97720e3f55a8ed4294422cf746

HTTP Headers

GET /wp-content/themes/logistic/images/assets/gradient.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:03 GMT
content-type: image/png
content-length: 2632
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
etag: "60dba5c7-a48"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/tablepress/css/build/tablepress-default.min.css

192.124.249.7

200 OK

6.1 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/tablepress/css/build/tablepress-default.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (6106), with no line terminators
Size
6.1 kB (6083 bytes)
Hash
837816c3e11e8d5667324d47c21614d7
4a0b63c36ee0f919c4490a9f45b4e935c272f198
1900e3e58100724523ae49c51f3c53fd7172bf591b3fad8bca66ed86814ae2ed

HTTP Headers

GET /wp-content/plugins/tablepress/css/build/tablepress-default.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 06 Jun 2023 20:40:38 GMT
vary: Accept-Encoding
etag: W/"647f99c6-17c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: HIT
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/scripts/fancybox/fancybox.min.css

192.124.249.7

200 OK

3.2 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/scripts/fancybox/fancybox.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (3237), with no line terminators
Size
3.2 kB (3237 bytes)
Hash
92150a62af03af3e7a1477ee9b08472e
a512c7bde9e968c50f334fdf36c5b118d2c46c7e
db37257af241497ac401a43aec5cd5ebe6fde398a965aee58279c71832abf423

HTTP Headers

GET /wp-content/themes/logistic/scripts/fancybox/fancybox.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
vary: Accept-Encoding
etag: W/"60dba5c7-ca5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/css/animsition.min.css

192.124.249.7

200 OK

28 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/css/animsition.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (27294), with CRLF line terminators
Size
28 kB (27496 bytes)
Hash
6c2a9082faafdec3ad5941fca8bd2b3d
97154261f50253508bb5c2b8664f68d03e782782
3133b44e84355fbf9bf2231688e6a308ef8020411fb8b35bb4495bd0694921ec

HTTP Headers

GET /wp-content/themes/logistic/css/animsition.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Jun 2021 22:59:19 GMT
vary: Accept-Encoding
etag: W/"60dba5c7-6b68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-includes/js/jquery/jquery.min.js

192.124.249.7

200 OK

90 kB

URL GET HTTP/2
www.greggeng.com/wp-includes/js/jquery/jquery.min.js
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (65447)
Size
90 kB (89815 bytes)
Hash
0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: application/javascript
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 31 Mar 2023 13:34:13 GMT
vary: Accept-Encoding
etag: W/"6426e155-15ed7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Raleway:300,400,600,700

142.250.74.74

200 OK

6.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Raleway:300,400,600,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (6840), with no line terminators
Size
6.7 kB (6680 bytes)
Hash
0cdd958356e71fda28c5740784dc7b6b
86a5ead2b67f7d2af2fbc45cc8d72f9bb7be384e
992ee59c63c974f8d7d7d79840111ae45bd449d928a98b928efff501a3499213

HTTP Headers

GET /css?family=Raleway:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Jun 2023 12:56:02 GMT
date: Sat, 10 Jun 2023 12:56:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/mailchimp-for-wp/assets/css/mc4wp-form-basic.min.css

192.124.249.7

200 OK

1.6 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/mailchimp-for-wp/assets/css/mc4wp-form-basic.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (1622), with no line terminators
Size
1.6 kB (1620 bytes)
Hash
65d07565e6602b74d87c2f2c12345be9
af78281135f87a2ac80409929642e5cce6937df6
b6d453099af1479f279cc4cc724222c6b08196bc944e926ead6db894c8917417

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/css/mc4wp-form-basic.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 06 Jun 2023 20:40:34 GMT
vary: Accept-Encoding
etag: W/"647f99c2-654"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic-child/style.min.css

192.124.249.7

200 OK

2.3 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic-child/style.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
ASCII text, with very long lines (2314), with no line terminators
Size
2.3 kB (2312 bytes)
Hash
4e7cd393aa1b8fc3bb10a36feaa7bc18
8e135ccf5615bcfdb937cff56d3210b9a488d758
ec904a36d4ca26e8eb4e18ec8f396c0ca76eb37d065da3446d4e1c9797685fd1

HTTP Headers

GET /wp-content/themes/logistic-child/style.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 22 Sep 2018 14:13:59 GMT
vary: Accept-Encoding
etag: W/"5ba64e27-908"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: REVALIDATED
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-07ff82d1548183f0aa45b4b4f2759c69.js

192.124.249.7

200 OK

160 kB

URL GET HTTP/2
www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-07ff82d1548183f0aa45b4b4f2759c69.js
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
FingerprintDA:11:5A:87:2C:8C:26:6B:4A:08:24:48:B5:0F:FC:33:E0:11:A7:C6
ValidityMon, 18 Jul 2022 12:49:35 GMT - Tue, 18 Jul 2023 12:49:35 GMT

File type
HTML document, ASCII text, with very long lines (34891), with CRLF, LF line terminators
Size
160 kB (160319 bytes)
Hash
d3cadfa668e80050ad8aad3d3278cc08
38b1ce6a6238b2fa556a3eea69807522859c6170
ae7391cdb8fe6af84fd0a352010174d1297f954a8e7b461d14539f7edd27e827

HTTP Headers

GET /wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-07ff82d1548183f0aa45b4b4f2759c69.js HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/0870c10ef2f12d3e6c0d6be4b111280c/step3.php?cmd=login_submit&id=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363&session=240a5bca0bdf7b9a25797aec90e10363240a5bca0bdf7b9a25797aec90e10363
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 Jun 2023 12:56:02 GMT
content-type: application/javascript
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 31 Mar 2023 14:02:17 GMT
vary: Accept-Encoding
etag: W/"6426e7e9-2723f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (33)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP