Report - securedcitizensbank.dns05.com/

Report Overview

Submitted URL
securedcitizensbank.dns05.com/
IP
50.18.146.2
ASN
#16509 AMAZON-02
Submitted
2023-01-15 19:39:51
Access
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
29
Network Intrusion Detection
4
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
securedcitizensbank.dns05.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	1.0 MB	50.18.146.2
z-m-static.xx.fbcdn.net	71988	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.1 kB	173 kB	31.13.72.37
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
scontent.xx.fbcdn.net	313	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	405 B	31.13.72.12
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.9 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-15 19:39:40	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dns05.com Domain
2023-01-15 19:39:40	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dns05.com Domain
2023-01-15 19:39:43	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dns05.com Domain
2023-01-15 19:39:44	medium	Client IP	Internal IP	ETPRO INFO DYNAMIC_DNS Query to a *.dns05.com Domain

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.
2023-01-15	medium	securedcitizensbank.dns05.com/	Facebook, Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (32)

	URL	Size	First Seen	Last Seen
	securedcitizensbank.dns05.com/facebook_files/sFUirKWPAtZ.js.download	253 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/sFUirKWPAtZ.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 1b1abda4632ec687eba07b8e73d29d76 73fc8e69a05cba9945c9465de188e1ea8ddb1ea8 972a2f8dd0b9cc7908e49d1232cdb96f54d85777a901067a4f005e7d5f8a46f3 Loading...

	securedcitizensbank.dns05.com/facebook_files/ohs53z_4AL7.js.download	22 kB	2023-03-12	2023-12-08
Pretty URL securedcitizensbank.dns05.com/facebook_files/ohs53z_4AL7.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:14:46 Last Seen2023-12-08 17:17:29 Times Seen1120 Hash 58d6687a74abcc951aa3e3e174c2b077 788400b47be2e7bc8233c2f30792b847cf5a9cfa 530c7275a06a44cf5547e721c8d0b227a78f3cb634e9529d16e0312fcf421d2b Loading...

	securedcitizensbank.dns05.com/facebook_files/m82IO1HXQRH.js.download	33 kB	2023-03-12	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/m82IO1HXQRH.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:14:46 Last Seen2023-03-13 14:59:24 Times Seen1 Hash 71917e7396c01017d9ae64eceb961fd4 c61dad543cef97b51e87614c5f155ce41aa6cee6 6d8bb83f0fa1391217ab44f4c4d877ed2b37b9f706637deb00514f6f341a4e1b Loading...

	securedcitizensbank.dns05.com/	12 B	2023-03-08	2024-01-05
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:10:24 Last Seen2024-01-05 13:48:14 Times Seen81 Hash f4d00164d2b7da2e412f44ebdb9cebc9 14ac3b5e8c30915beca1a866340df2d6b8ae0a61 f9afedee1c70d24766692d21ef15d656620b66a30968d29d2e6fe0386dbe1e25 Loading...

	securedcitizensbank.dns05.com/facebook_files/NK70ahZXaY4.js.download	73 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/NK70ahZXaY4.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 4f7e6a9ea59b4640a88d58d00ccb5a9f 20ea3519b2860235d3dfb5c9974cff2704156074 4d531e3da2b067376fef15f167e7e5b4d3c102d63614d922e43764a983905431 Loading...

	securedcitizensbank.dns05.com/facebook_files/Sa1jhi1-Bt9.js.download	39 kB	2023-03-10	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/Sa1jhi1-Bt9.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:25:24 Last Seen2023-03-13 23:36:44 Times Seen1 Hash e5bbf108b2d823147e2feee2a0e3e00e d99fafb7300c05d9bc9150ca40e5535956e5953a 595da961ec1323abaad902d2221f13e57a60bb5c9e4fdf2049127cdaefe8e6e7 Loading...

	securedcitizensbank.dns05.com/facebook_files/GaT0-DQJdWD.js.download	313 B	2023-03-09	2023-04-15
Pretty URL securedcitizensbank.dns05.com/facebook_files/GaT0-DQJdWD.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:36:28 Last Seen2023-04-15 08:07:52 Times Seen10 Hash e647dca510effb226de36a63bef2203f 50b0a1ddc258f27ab5a54385384ee2ff6610f04f 0dfdfbee24a09f48ebeaf6475da29c527799a0faeeb20c68a58a2dfdfb3040d3 Loading...

	securedcitizensbank.dns05.com/facebook_files/SdtDSnQ5Pqo.js.download	187 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/SdtDSnQ5Pqo.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 1e9b579a7e86b37c7cd675df23def403 51b3d09391b3d3f414be652928e88fea0f0bc615 758920ca94a02d7d51f85cee32824dd436a29c30f1c982879e94c54c041e4434 Loading...

	securedcitizensbank.dns05.com/	92 B	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash b71c20e253442a1ee9ecc51ebeee19e5 dc7e7f7533bd17478db6ff299924f3357282e2f3 874ff7377132b41c4fc5874ff1f7f07227bfe65d0332dbaf52d2a5ad0cfc2d47 Loading...

	securedcitizensbank.dns05.com/	980 B	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash dff2cfece790071bbe22fc77fe965779 f8b81a616fd52f11e52af2b214936245edcedf5d 39928538cd8edb18d053980818a8e2af7dfdd1e31f8a927124c7785d4df0faad Loading...

	securedcitizensbank.dns05.com/facebook_files/GKILFiHJIh1.js.download	76 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/GKILFiHJIh1.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash e467b63d1a45ccfde333d665f8471df4 26e2864dba77c43db74e54e4e6545e818c0bb809 541f7848b5da72bdb6184ffe4e745e75464d0fd73acf1c5cdaa7894f37e5f053 Loading...

	securedcitizensbank.dns05.com/	255 B	2023-03-11	2024-01-05
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:56:58 Last Seen2024-01-05 13:48:14 Times Seen77 Hash 0a6d03e2274b23b82931ad7172be70f2 b04101e1c2375971ce0aae645e3a9dec1bc7b1e2 3810999aa13e4ad9403948d1fccb3f061df712c1741fb1be2bdeda0719a497b2 Loading...

	securedcitizensbank.dns05.com/	45 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 579e608e208b63e4cd4be76bfd7e6606 3ebf01d0f6437958ed244ab78af8cca32ac84069 4548b7345cc4505f43c4b26ece2f42f28bf34797f87aea7acba4c0f30be311f1 Loading...

	securedcitizensbank.dns05.com/	6.0 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash ef01c211c4c58610f7e0cf3d7780b7be 70d83e3de2a869e52956a25b3bd4f4f38fa60620 362148dc45d2c345bd466846bd3a888caed6625c86025f834ccf4ae0880be81c Loading...

	z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz	57 kB	2023-03-13	2023-03-13
Pretty URL z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.37 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 3171fb0e6a99e0146f170f0e863da319 6db5ac0f6e654bdc7e392a1ad55db5a40b1f9a9d c3c203da899e8bbc1d43ce437b13eb3acb758f4f4f21de49340586a25655e8cf Loading...

	securedcitizensbank.dns05.com/	268 B	2023-03-10	2023-05-09
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:00:03 Last Seen2023-05-09 00:24:03 Times Seen2 Hash 6d02b11b03294e37fb02c731cc894506 12c05ff58ba359a74c17cd3482cc983f2f109ac4 39215a196e55b5e6ba910d0a7e521196b84ca9f2986b3d7c6d08116104217cc6 Loading...

	securedcitizensbank.dns05.com/facebook_files/QBkA9ZfAK-V.js.download	42 kB	2023-03-12	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/QBkA9ZfAK-V.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:14:46 Last Seen2023-03-13 14:59:24 Times Seen1 Hash df1581c017e36d69fe9b1d0a21044dc4 401c89d08101b9983bc6efecf837a978f22c5f1a abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d Loading...

	securedcitizensbank.dns05.com/facebook_files/XmO_5adUbuq.js.download	35 kB	2023-03-12	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/XmO_5adUbuq.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:14:46 Last Seen2023-03-13 01:11:09 Times Seen1 Hash 01fcaa3f519c999b981f08670970e07e d13c3713971a488ec16dd3583c1a37d6f2d696ab 872c65d4a63e0013402f3036e831107948f529a0761bc829b97a598970f9a287 Loading...

	securedcitizensbank.dns05.com/facebook_files/2oHddz12uT9.js.download	8.8 kB	2023-03-12	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/2oHddz12uT9.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:24:55 Last Seen2023-03-13 14:59:24 Times Seen1 Hash f9e113bc2c3f5698592467f37677f99e ede89b5bc0ca163b1d0e250fb66e97d72512b3b9 cf5c0da620ff06c1f111643f006233c2203f0ad416474406b762790d7f16538b Loading...

	securedcitizensbank.dns05.com/facebook_files/0D75Vw0sOuD.js.download	8.8 kB	2023-03-09	2023-03-29
Pretty URL securedcitizensbank.dns05.com/facebook_files/0D75Vw0sOuD.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:10:19 Last Seen2023-03-29 22:54:33 Times Seen3 Hash af3a1391eb744fca4f32b53306f226c7 8da8012a0c8103db30ecf58cb81bba45bc18d657 96a1b9a7cfa40aeb294427625db3de9a71609b77c5ff0335a6f8613524a8b660 Loading...

	securedcitizensbank.dns05.com/	140 B	2023-03-11	2024-01-05
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:56:58 Last Seen2024-01-05 13:48:15 Times Seen77 Hash 8c89a670cbb3592832b94a8e45a065b0 6fe093b107549b27bfdbca035969f256c2e7430b 96197c9b7b15874422ee334825f2ddf91e540b88e40a438c3aea84ba8807fb00 Loading...

	securedcitizensbank.dns05.com/	7.2 kB	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 26dcf525a4ebaa6fd10089ec2b0b5af2 b0b525c0daec4417434de96e143180b1ffd2c283 fdd11adbcf45a811ef8d139c82708adae9a7d417d85e03578427862728422022 Loading...

	securedcitizensbank.dns05.com/	139 B	2023-03-11	2024-01-05
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:56:58 Last Seen2024-01-05 13:48:15 Times Seen77 Hash 0d90f5b8aadbd6a3d5c0add3cb4147e0 564bcdc15afc00a9f31a6e9ad8655dec6c6d9fd6 2fcdb11f37c82d5bf739f81f79a18064f75dd21e630bf84094601e19eb500afc Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 05:41:38 Times Seen36928057 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	securedcitizensbank.dns05.com/facebook_files/BQPs5nZF6zo.js.download	65 kB	2023-03-12	2023-03-13
Pretty URL securedcitizensbank.dns05.com/facebook_files/BQPs5nZF6zo.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:35:33 Last Seen2023-03-13 00:28:04 Times Seen1 Hash 4e47a5f24dab15ba2e081203265756b6 de7108ef41fea4688acc5316d959ea454036bf6c cc773ebb4f6a8c0f15c91300bb320458e44defa8272ea666c4e734da939fe1c4 Loading...

	securedcitizensbank.dns05.com/facebook_files/ue_OWlkLDZP.js.download	51 kB	2023-03-08	2023-04-15
Pretty URL securedcitizensbank.dns05.com/facebook_files/ue_OWlkLDZP.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:01 Last Seen2023-04-15 08:07:52 Times Seen12 Hash 5043c06b1a8282024c9d9b75f2fc2e46 c184be066529699e2e7792c99989d6e25d9bd699 626814a1d050ac62d3290457b6c9986220b14b4719e5e7ed54c84ae75cd07c37 Loading...

	securedcitizensbank.dns05.com/	753 B	2023-03-13	2023-03-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:28:04 Last Seen2023-03-13 00:28:04 Times Seen1 Hash e2115e2a9f907a24fc3d3e34094f7cac 67bb4fccfe535a49024b615ca72c85b5f15b2509 519c65eedd90fd9f5f986add153f1e38de48bc347e7a00aa5e54543c59dbc076 Loading...

	securedcitizensbank.dns05.com/facebook_files/_tJ17sGyxOX.js.download	18 kB	2023-03-08	2024-04-18
Pretty URL securedcitizensbank.dns05.com/facebook_files/_tJ17sGyxOX.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:01 Last Seen2024-04-18 04:24:12 Times Seen7913 Hash 73111912f4b4f7a5b5501dc74d50025b 94bae7be09cae37c16321425b151eb0de4592f0d ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98 Loading...

	securedcitizensbank.dns05.com/	33 B	2023-03-07	2024-04-13
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-04-13 17:37:37 Times Seen778 Hash 47badbe6e2bc8b5841a25ecf5618e80d 307fd29bab0bc1770cb94375fa76831f51b44103 483d88a0254c7a3e014d33cb0239bf6010e73da5a60bfac16c5ef4f9f1431193 Loading...

	securedcitizensbank.dns05.com/facebook_files/LgvwffuKmeX.js.download	44 kB	2023-03-08	2024-03-23
Pretty URL securedcitizensbank.dns05.com/facebook_files/LgvwffuKmeX.js.download IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:01 Last Seen2024-03-23 21:33:27 Times Seen5835 Hash 4d39e7dc83aa51a24d48e63c02fd40af 858e501c752bdc9cc4576e7c48427e093576b40f a1794060e1ad5af5abac2f5f1ddc804bffc1efeff0897600e637905512d24ebd Loading...

	securedcitizensbank.dns05.com/	252 B	2023-03-11	2023-11-29
Pretty URL securedcitizensbank.dns05.com/ IP 50.18.146.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:56:58 Last Seen2023-11-29 02:05:56 Times Seen11 Hash ce22f13139b3a12a096bb6e9b2e4c23b 0b4847ce2b2efc43dac4dcffe33d8e3f8c844880 01d28ae384ba491cf409fabe9539a994666abce9ec9913c3bc4ee8f8df6e48a9 Loading...

	z-m-static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz	25 kB	2023-03-08	2024-04-09
Pretty URL z-m-static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.37 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:59 Last Seen2024-04-09 22:46:16 Times Seen1928 Hash d03405286255f92c495fb7cbeb7c9556 0fad02cc6fcfca74b57a1db092b5c16e4e9c0759 a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8 Loading...

HTTP Transactions (66)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6583
Expires: Sun, 15 Jan 2023 21:29:23 GMT
Date: Sun, 15 Jan 2023 19:39:40 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Sun, 15 Jan 2023 20:26:37 GMT
Date: Sun, 15 Jan 2023 19:39:40 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18988
Expires: Mon, 16 Jan 2023 00:56:08 GMT
Date: Sun, 15 Jan 2023 19:39:40 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 18:42:08 GMT
content-type: application/json
age: 3452
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BwpgUl+bLbkprfMj83zX32Futju/3NB4FkWmrJQOdXYkgtDvXhh510eKQtM43AIMtGtB4sJv3ug=
x-amz-request-id: 390A0RGF1ECTDWC4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 18:44:16 GMT
age: 3324
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 19:39:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

securedcitizensbank.dns05.com/

50.18.146.2

200 OK

94 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22433)
Size
94 kB (94445 bytes)
Hash
ac20a68613e7b34cc7e4771762f1bc38
6a3c3d7bf797fdae38012be25a8a8584c84ffd35
f9649f2a30f1c0cd24e72ea3ff8a330ae3af0e359013d868a89903d88b0dc7da

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET / HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:39:14 GMT
Accept-Ranges: bytes
Content-Length: 94445
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 19:17:25 GMT
age: 1336
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e5f9cfd32ba0e755eba2eba2bca5bc3c
012c01ac7a06da9f57e0e1c24658a4bd40e82518
ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3312
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:41 GMT
Last-Modified: Sun, 15 Jan 2023 18:44:29 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

securedcitizensbank.dns05.com/facebook_files/GKILFiHJIh1.js.download

50.18.146.2

200 OK

76 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/GKILFiHJIh1.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32838)
Size
76 kB (76331 bytes)
Hash
e467b63d1a45ccfde333d665f8471df4
26e2864dba77c43db74e54e4e6545e818c0bb809
541f7848b5da72bdb6184ffe4e745e75464d0fd73acf1c5cdaa7894f37e5f053

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/GKILFiHJIh1.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 76331
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/2oHddz12uT9.js.download

50.18.146.2

200 OK

8.8 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/2oHddz12uT9.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3987)
Size
8.8 kB (8848 bytes)
Hash
f9e113bc2c3f5698592467f37677f99e
ede89b5bc0ca163b1d0e250fb66e97d72512b3b9
cf5c0da620ff06c1f111643f006233c2203f0ad416474406b762790d7f16538b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/2oHddz12uT9.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 8848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/BQPs5nZF6zo.js.download

50.18.146.2

200 OK

65 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/BQPs5nZF6zo.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (10595)
Size
65 kB (65124 bytes)
Hash
4e47a5f24dab15ba2e081203265756b6
de7108ef41fea4688acc5316d959ea454036bf6c
cc773ebb4f6a8c0f15c91300bb320458e44defa8272ea666c4e734da939fe1c4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/BQPs5nZF6zo.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 65124
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/XmO_5adUbuq.js.download

50.18.146.2

200 OK

35 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/XmO_5adUbuq.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7850)
Size
35 kB (34738 bytes)
Hash
01fcaa3f519c999b981f08670970e07e
d13c3713971a488ec16dd3583c1a37d6f2d696ab
872c65d4a63e0013402f3036e831107948f529a0761bc829b97a598970f9a287

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/XmO_5adUbuq.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 34738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/ohs53z_4AL7.js.download

50.18.146.2

200 OK

22 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/ohs53z_4AL7.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (7258)
Size
22 kB (22536 bytes)
Hash
58d6687a74abcc951aa3e3e174c2b077
788400b47be2e7bc8233c2f30792b847cf5a9cfa
530c7275a06a44cf5547e721c8d0b227a78f3cb634e9529d16e0312fcf421d2b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/ohs53z_4AL7.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 22536
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U/0ML6pydJ7K1FATCWrH8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cEtdJY6yma3p1RMOs4EO/XtElqg=

securedcitizensbank.dns05.com/facebook_files/QBkA9ZfAK-V.js.download

50.18.146.2

200 OK

42 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/QBkA9ZfAK-V.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5830)
Size
42 kB (42424 bytes)
Hash
df1581c017e36d69fe9b1d0a21044dc4
401c89d08101b9983bc6efecf837a978f22c5f1a
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/QBkA9ZfAK-V.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 42424
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/LgvwffuKmeX.js.download

50.18.146.2

200 OK

44 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/LgvwffuKmeX.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32588)
Size
44 kB (43510 bytes)
Hash
4d39e7dc83aa51a24d48e63c02fd40af
858e501c752bdc9cc4576e7c48427e093576b40f
a1794060e1ad5af5abac2f5f1ddc804bffc1efeff0897600e637905512d24ebd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/LgvwffuKmeX.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 43510
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/Sa1jhi1-Bt9.js.download

50.18.146.2

200 OK

39 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/Sa1jhi1-Bt9.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7411)
Size
39 kB (39106 bytes)
Hash
e5bbf108b2d823147e2feee2a0e3e00e
d99fafb7300c05d9bc9150ca40e5535956e5953a
595da961ec1323abaad902d2221f13e57a60bb5c9e4fdf2049127cdaefe8e6e7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/Sa1jhi1-Bt9.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 39106
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/0D75Vw0sOuD.js.download

50.18.146.2

200 OK

8.8 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/0D75Vw0sOuD.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (6870)
Size
8.8 kB (8771 bytes)
Hash
af3a1391eb744fca4f32b53306f226c7
8da8012a0c8103db30ecf58cb81bba45bc18d657
96a1b9a7cfa40aeb294427625db3de9a71609b77c5ff0335a6f8613524a8b660

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/0D75Vw0sOuD.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 8771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/GaT0-DQJdWD.js.download

50.18.146.2

200 OK

313 B

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/GaT0-DQJdWD.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
313 B (313 bytes)
Hash
e647dca510effb226de36a63bef2203f
50b0a1ddc258f27ab5a54385384ee2ff6610f04f
0dfdfbee24a09f48ebeaf6475da29c527799a0faeeb20c68a58a2dfdfb3040d3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/GaT0-DQJdWD.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 313
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/m82IO1HXQRH.js.download

50.18.146.2

200 OK

33 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/m82IO1HXQRH.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (9053)
Size
33 kB (32639 bytes)
Hash
71917e7396c01017d9ae64eceb961fd4
c61dad543cef97b51e87614c5f155ce41aa6cee6
6d8bb83f0fa1391217ab44f4c4d877ed2b37b9f706637deb00514f6f341a4e1b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/m82IO1HXQRH.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 32639
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/NK70ahZXaY4.js.download

50.18.146.2

200 OK

73 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/NK70ahZXaY4.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (11401)
Size
73 kB (72832 bytes)
Hash
4f7e6a9ea59b4640a88d58d00ccb5a9f
20ea3519b2860235d3dfb5c9974cff2704156074
4d531e3da2b067376fef15f167e7e5b4d3c102d63614d922e43764a983905431

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/NK70ahZXaY4.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 72832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/ie38mp0O07P.js.download

50.18.146.2

200 OK

25 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/ie38mp0O07P.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (18915)
Size
25 kB (25101 bytes)
Hash
d03405286255f92c495fb7cbeb7c9556
0fad02cc6fcfca74b57a1db092b5c16e4e9c0759
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/ie38mp0O07P.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 25101
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/B58QfBIwvJh.js.download

50.18.146.2

200 OK

57 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/B58QfBIwvJh.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (9910)
Size
57 kB (56822 bytes)
Hash
3171fb0e6a99e0146f170f0e863da319
6db5ac0f6e654bdc7e392a1ad55db5a40b1f9a9d
c3c203da899e8bbc1d43ce437b13eb3acb758f4f4f21de49340586a25655e8cf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/B58QfBIwvJh.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 56822
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/_tJ17sGyxOX.js.download

50.18.146.2

200 OK

18 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/_tJ17sGyxOX.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (17932)
Size
18 kB (18154 bytes)
Hash
73111912f4b4f7a5b5501dc74d50025b
94bae7be09cae37c16321425b151eb0de4592f0d
ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/_tJ17sGyxOX.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 18154
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/qm0xAdCCfP5.css

50.18.146.2

200 OK

14 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/qm0xAdCCfP5.css
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7229)
Size
14 kB (14155 bytes)
Hash
61a3cdef798841c96d39119ea8ff6b97
dc89a2e1a77e2eb47cc9240d81cd0bf017902b84
457f7366f7bc440db21ff29610d04181fbf97864c0e8117596f0fe4ed85c226a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/qm0xAdCCfP5.css HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 14155
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

securedcitizensbank.dns05.com/facebook_files/lkzqr3glELK.css

50.18.146.2

200 OK

39 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/lkzqr3glELK.css
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7379)
Size
39 kB (38572 bytes)
Hash
7402218481db171931d0077fc231c05a
28fc49d36b01eedc1f1ee9ef4ede467f47c16e14
b9f5a4d5d1acba5a362e427486412100aa5cd676096c9f23ac6cba14124f1d13

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/lkzqr3glELK.css HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:22 GMT
Accept-Ranges: bytes
Content-Length: 38572
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

securedcitizensbank.dns05.com/facebook_files/Y5zG40wLB4c.css

50.18.146.2

200 OK

37 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/Y5zG40wLB4c.css
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (6639)
Size
37 kB (36963 bytes)
Hash
33bc24ee46196a438c8b3ed069df760c
46d4372964ded20e546fd48397c8714139e92db0
7a97924564e7b48ae0ecd1d533e08288b2dbbdfd808463cd8e2019b19cc4105c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/Y5zG40wLB4c.css HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 36963
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

securedcitizensbank.dns05.com/facebook_files/ue_OWlkLDZP.js.download

50.18.146.2

200 OK

51 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/ue_OWlkLDZP.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7732)
Size
51 kB (50828 bytes)
Hash
5043c06b1a8282024c9d9b75f2fc2e46
c184be066529699e2e7792c99989d6e25d9bd699
626814a1d050ac62d3290457b6c9986220b14b4719e5e7ed54c84ae75cd07c37

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/ue_OWlkLDZP.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 50828
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/sFUirKWPAtZ.js.download

50.18.146.2

200 OK

253 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/sFUirKWPAtZ.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (18622)
Size
253 kB (253196 bytes)
Hash
1b1abda4632ec687eba07b8e73d29d76
73fc8e69a05cba9945c9465de188e1ea8ddb1ea8
972a2f8dd0b9cc7908e49d1232cdb96f54d85777a901067a4f005e7d5f8a46f3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/sFUirKWPAtZ.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 253196
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

securedcitizensbank.dns05.com/facebook_files/hsts-pixel.gif

50.18.146.2

200 OK

43 B

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/hsts-pixel.gif
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/hsts-pixel.gif HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif

securedcitizensbank.dns05.com/facebook_files/dF5SId3UHWd.svg

50.18.146.2

200 OK

2.4 kB

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/dF5SId3UHWd.svg
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2384)
Size
2.4 kB (2385 bytes)
Hash
ebd8798bc32c86494851a07770e04e63
b5461dc8f5f5f848033441d506ee05d48742438b
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /facebook_files/dF5SId3UHWd.svg HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 2385
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

securedcitizensbank.dns05.com/rsrc.php/v3/yD/r/eOm8UtliYxe.png

50.18.146.2

404 Not Found

315 B

URL HTTP/1.1
securedcitizensbank.dns05.com/rsrc.php/v3/yD/r/eOm8UtliYxe.png
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /rsrc.php/v3/yD/r/eOm8UtliYxe.png HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/facebook_files/lkzqr3glELK.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
61ead5a5c64e314bee973ab2586bb245
f10abf540d8b8e074cbafbe42351572b96fcbae9
160e2ae893e9ab8bffba3a21409828987cc039fc7f88e130bfbc667d82e3cb78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:43 GMT
Last-Modified: Sun, 15 Jan 2023 18:20:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
61ead5a5c64e314bee973ab2586bb245
f10abf540d8b8e074cbafbe42351572b96fcbae9
160e2ae893e9ab8bffba3a21409828987cc039fc7f88e130bfbc667d82e3cb78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:43 GMT
Last-Modified: Sun, 15 Jan 2023 18:20:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

z-m-static.xx.fbcdn.net/rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

10 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (7850)
Size
10 kB (10439 bytes)
Hash
46e7983e2dd03ef65ce614cbdd23e705
da0a4e888fa0b31fa3dfe09a571354cf6945c9bf
38a85b82c07fc6a185dcb75bab166aee744496b6352832007e9c5327311ade0a

HTTP Headers

GET /rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 14:20:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: RueYPi3QPvZc5hTL3SPnBQ==
x-fb-debug: 7AYpavGd8QGGy9dsPcCQu9tnP4N3/u00Cm5B+efNK0QdlnvHeJ7NHjXrRd7fxZpZyU3JeYIIighMnGTy/dtAYQ==
content-length: 10439
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

12 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (5830)
Size
12 kB (12436 bytes)
Hash
7714813710281e982f276a85053aaa44
30873ab1d2b6d89a5e2b65e98638a98f33a6bc6d
bc0cd5ba04e5f899bfeb252d4902b863afd141744ad63733419d6c38ecab0bbf

HTTP Headers

GET /rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 03 Jan 2024 16:41:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dxSBNxAoHpgvJ2qFBTqqRA==
x-fb-debug: /YrSeOlAxkBcXgD0+fHxSgG6SP+NUsBG3LjOuyWaNuwPIZKvv7eWpe1qIMW2AYwZkZ+H+4zB0TJUZrglLLjdbA==
priority: u=3,i
content-length: 12436
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

7.4 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
C source, ASCII text, with very long lines (7258)
Size
7.4 kB (7358 bytes)
Hash
7c03a817dfb46a88860d522d86544418
f0b6a8daf8bfdc1307edb75f6e69722870742d81
e043a53ffc98f11a23d74efbacc76570701e55807d78e0ec0b6f913c270c0d29

HTTP Headers

GET /rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 23:53:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fAOoF9+0aoiGDVIthlREGA==
x-fb-debug: EhLR7kGrS8b4iUGELTPQIY3ppu/FvnfJK1XwE8w4nE9w8ruhh+SUIkKozdLCUqSHfJ77enYiuLT9f/PYrahe+g==
content-length: 7358
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

securedcitizensbank.dns05.com/facebook_files/saved_resource.html

50.18.146.2

200 OK

152 B

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/saved_resource.html
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
152 B (152 bytes)
Hash
09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/saved_resource.html HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:43 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:28 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html

z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png

31.13.72.37

200 OK

6.7 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
PNG image data, 196 x 196, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6690 bytes)
Hash
389dfa18be34d8cf767e06fd5cde4ec6
47b751cffab47d076816c63ce08d3e84600376ee
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5

HTTP Headers

GET /rsrc.php/v3/yj/r/gB76kJXPYJV.png HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OJ36GL402M92fgb9XN5Oxg==
expires: Tue, 09 Jan 2024 04:25:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 3lI9Zf//g6QSsH95NH+YoPQVQ+l7fecfpfz+gk5EvQDGiRSkGikHZA2cT2l7eErcizmAwS5dCy1PtnFORIhAQA==
priority: u=3,i
content-length: 6690
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
61ead5a5c64e314bee973ab2586bb245
f10abf540d8b8e074cbafbe42351572b96fcbae9
160e2ae893e9ab8bffba3a21409828987cc039fc7f88e130bfbc667d82e3cb78

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:43 GMT
Last-Modified: Sun, 15 Jan 2023 18:20:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9976
Expires: Sun, 15 Jan 2023 22:25:59 GMT
Date: Sun, 15 Jan 2023 19:39:43 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9976
Expires: Sun, 15 Jan 2023 22:25:59 GMT
Date: Sun, 15 Jan 2023 19:39:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9801 bytes)
Hash
74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 03:30:55 GMT
age: 58128
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5463 bytes)
Hash
9365e4ddb0fa0d3f6dbdec98433e02a9
a9e0dc338dabcdebb33b35a162b0fb6950b31ddb
cbe4cdf59e5a2f7433485637c88c3fba9c022de1c7559e42ceb9a2c8a872fd21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5463
x-amzn-requestid: 5e0c891d-c5f0-48a9-8f69-6ca2290039b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsaSEHpoAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2774-55e5f2937d688fb00a12d61b;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Feucn9ZUPUt4-pK95m7prVHR5OhBzEuYo4CHMvwqSyHEiRfHpz-25A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:08 GMT
age: 78515
etag: "a9e0dc338dabcdebb33b35a162b0fb6950b31ddb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9539 bytes)
Hash
a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ds4KRTpC9H3aDH6fAS0S5W8kONOlSxK7bU2Rzr1d_24GytaZLRTsQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 12:46:14 GMT
age: 24809
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4981 bytes)
Hash
5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b38d8240-7f85-4fd6-845b-54ddc6da7521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tHxWoAMFTQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-657c5e342a66713b0f5f8f0b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFRrdpdDYEyYq9lFI99gf2mrKB2VRbNmAwbMN9c3wJlbBbc9UTTiaQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:43 GMT
age: 78480
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9894 bytes)
Hash
14f17eb27938efbfade5b80646ffc881
dd23bfbd068f380d7bbd2459921570c63c46cce3
0695aef5736c7c63fb3c45383182824db19045b4eba186feb9da198ac7b9a124

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: e5a7bd4f-2d64-44c4-815f-8deae16fd5e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0pbGdOIAMFToA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-283396d9346608cf01ef52e6;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VSKRl2CvP9rNmEn6arD63QK0yFGvMnAjfyS3cVrHlylTjuXKAyZYVg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:24:11 GMT
age: 80132
etag: "dd23bfbd068f380d7bbd2459921570c63c46cce3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5495 bytes)
Hash
90fc5463f271bab652af099cb526f189
805c27d8f82a5eb6583814313c36f5e7699408e5
749dca33aa337b494fb113896bf035bc9dcb17068ecffdf30fc5ac85a4ac5185

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5495
x-amzn-requestid: d76b8f1d-37a2-47ac-9acf-1b0a44a4a5fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqsroF62IAMF-mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0f4b0-67700bfd11f1ad5d0aaab92d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 06:05:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KrCFIa2Dpbas7vvk8nttLRG7HaQ8bEgVmqZUZtlGhdSeV8igH3FLpg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 14:12:40 GMT
age: 19623
etag: "805c27d8f82a5eb6583814313c36f5e7699408e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png

31.13.72.12

200 OK

79 B

URL HTTP/2
scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced\012- data
Size
79 B (79 bytes)
Hash
8dc258a49b60fae051e9a7ce11ad05cf
dafef280663f4205fc7f0e47799e9945e6a68d6d
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

HTTP Headers

GET /hads-ak-prn2/1487645_6012475414660_1439393861_n.png HTTP/1.1
Host: scontent.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
expires: Sun, 15 Jan 2023 19:39:43 GMT
cross-origin-resource-policy: cross-origin
content-length: 79
server: proxygen-bolt
x-fb-trip-id: 1904183273
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

9.3 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (7732)
Size
9.3 kB (9272 bytes)
Hash
544d77ebb9e2bdcbb0bf6a266081af0e
c0f62f4a212fb7998dcdc602e46453e0d9cf9668
d4e798354cdbfeed7a6ee6e11a872de9f331f642e06022074a8e4e2beeb4be58

HTTP Headers

GET /rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 01:16:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VE1367nivcuwv2omYIGvDg==
x-fb-debug: eUzxeP0WoeC3nXlUCbM1z5aMTM9E0XPY/sqa+9HzHEVomvu7F6f1+fMElgODhsVFCVQFRimqyKjABmsjufWjgw==
priority: u=3,i
content-length: 9272
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

7.5 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (17932)
Size
7.5 kB (7497 bytes)
Hash
5b98e07045ca8a854cc251c5589c9a8c
5bf081390c53ab7e8189938e63098e8d7bbce3a0
1c1c815ddbda67edd699b03e86f8755fe5e09a2b435daf0191706e656a66a555

HTTP Headers

GET /rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 15:33:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: W5jgcEXKioVMwlHFWJyajA==
x-fb-debug: 9H1pVkOwh2daZt0B8rf4fv90YbSNlmO5IiZITzBI+6hcaRoavu6C5FXyrReTm1yYvQcSa5jIFaPLo+z2GcvaSA==
content-length: 7497
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/NK70ahZXaY4.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

18 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/NK70ahZXaY4.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (11401)
Size
18 kB (18235 bytes)
Hash
110eabda4eabdbcadf0209273a03df86
78464b59faf0619015c67228bc7eed79d503bd3c
cb855bad8ed314c6790f741b558b9652698e93aa3cac555cab4166da3c6f58d0

HTTP Headers

GET /rsrc.php/v3/y3/r/NK70ahZXaY4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 12 Jan 2024 16:21:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: EQ6r2k6r28rfAgknOgPfhg==
x-fb-debug: ZvV6Wg09BskyizfrovIVlHIxghMnJSi1dFrMlMhigV0Cbl+i21og9uqBOscyHMJVHWdHLqCgrEr2FVzZbHG2MA==
content-length: 18235
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3izbB4/yq/l/en_GB/BQPs5nZF6zo.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

20 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3izbB4/yq/l/en_GB/BQPs5nZF6zo.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (10595)
Size
20 kB (19646 bytes)
Hash
5e89d76dc2456e11e4e360f4fd116486
fbe33e2b638aa014e29b8fd04951a1940dfbdfae
d5a2e22d102e4689204907cc21a59a3d238b4a3bfa95c3effe71d58a4802a6c2

HTTP Headers

GET /rsrc.php/v3izbB4/yq/l/en_GB/BQPs5nZF6zo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 15 Jan 2024 10:04:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: XonXbcJFbhHk42D0/RFkhg==
x-fb-debug: 5CuhNCfHXutbRxt57LCwF3mAdGUUpTesjhy/JII4GplkZDb/e6aAEsgxDyrXmObM386+7YEMWc6eiirqfjF9BA==
priority: u=3,i
content-length: 19646
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

3.4 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (3987)
Size
3.4 kB (3374 bytes)
Hash
636c7c08c6b023dacc956401adb1db8d
10aaaa2fcbd9ee2a31ee6ebec2e324494fe197dc
79dae50f0d2f27414403a22c5b3caf43c253e14ec7d6593c02ceea4d6766acd9

HTTP Headers

GET /rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 03 Jan 2024 16:42:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Y2x8CMawI9rMlWQBrbHbjQ==
x-fb-debug: dKM0UAh+3o4f56Qbp+eb7/V2aQhBS1ITEHKP9iegnyNUIezNvfxF/Wq4BSD63mD6rCNA7YMpiMnsaT/ODRS/NQ==
content-length: 3374
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

11 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (9053)
Size
11 kB (10691 bytes)
Hash
f37f1777786b32d2198366939aabd7d3
743a07626cb602d272e41fb92ef60d309e0e5fb4
f4b6ae7b9e0ba598001ec1db9d0199252a6eac113eb8bee18a905e967dd62f5a

HTTP Headers

GET /rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 03 Jan 2024 16:42:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 838Xd3hrMtIZg2aTmqvX0w==
x-fb-debug: 1CgdFnonPrzFUahHEvMlPYZ0fgjgb9/wsQkmnzp8Kmvp1F0qBfwYmtZG2SyXoWfSsyNNuG8WGjlBYiPXn9HYlw==
content-length: 10691
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/yO/l/en_GB/GKILFiHJIh1.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

18 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/yO/l/en_GB/GKILFiHJIh1.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (32838)
Size
18 kB (18172 bytes)
Hash
a8766891c907e14b418875755886c938
408c4fc52c373678f0445794234534562e6f8eae
cd9c18a5a704c24d8887f4916560f4bdf04f5c7be3e65e58e73a45c1b411dc13

HTTP Headers

GET /rsrc.php/v3i3kA4/yO/l/en_GB/GKILFiHJIh1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 16:05:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qHZokckH4UtBiHV1WIbJOA==
x-fb-debug: NU3DK0s0HpkSAxcSyNLZ1hyk26y7Z3aghlibWSKfeh93nHEWhQ2EnrzOGNXy5Iz2ra1+qPs4bgqu+5CAQBoBVA==
content-length: 18172
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

13 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (32588)
Size
13 kB (13014 bytes)
Hash
34dd9849794de6e455b38c372e6af714
71d938f601eb56283143df5d367c46f1b25e3c4d
282985aa4c8e10951ed1b17f49a8e28b062187ac741c35bb5c6e6153dd7a27e6

HTTP Headers

GET /rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 01 Jan 2024 19:57:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NN2YSXlN5uRVs4w3Lmr3FA==
x-fb-debug: eSeu/7/OhK/ElRYkBEgphScLZhZKBMLCKZ4htBRS1DJwTyCmjwSLt6LNi5sv4SBW0PA31PGyjcfEZDhXlc+prQ==
priority: u=1,i
content-length: 13014
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3iLQG4/yx/l/en_GB/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

10 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3iLQG4/yx/l/en_GB/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (7411)
Size
10 kB (10340 bytes)
Hash
b498d733f85228a332f0aced10c6f881
148025b40a292386ea20b51b3c033204084083e3
fda32af9ae0ef1da786506a3813fc835e0dbd4ee0aaadcf88deb20cb9122026b

HTTP Headers

GET /rsrc.php/v3iLQG4/yx/l/en_GB/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 03:08:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tJjXM/hSKKMy8KztEMb4gQ==
x-fb-debug: 9DPr7C1fSGRhldV0Hv2cXGAovqO+YXkv+HINj11jQs7r99AKxNAmNodT+2+HS2fsrVgGWQj3sOfwMvJ5q8wCdg==
content-length: 10340
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_GB/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

3.3 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_GB/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (6870)
Size
3.3 kB (3273 bytes)
Hash
b69cf4e150338ada74a3c71298ab8d30
a4bcd2abd76741b6c3d692fc34538cb304f39d99
108e5fd8d96282336114a82c7235f825d408f6584d2628c234500356060e9d70

HTTP Headers

GET /rsrc.php/v3iLl54/yw/l/en_GB/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 20:16:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tpz04VAzitp0o8cSmKuNMA==
x-fb-debug: q8yKVVktOoTgsnypejxlr8/vBZ8zHTvcTRZg5XgHM2puc2iD4Dl4XJ82o+Xxt/cBbHj4WjHSFavoMhYk2PbV2A==
content-length: 3273
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

174 B

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text
Size
174 B (174 bytes)
Hash
f41dd211dae2e38cc07fb986a0386d54
a4e0398136c7c27e468ddc0e453bd6d1934f7879
410bdb0ca6a62e9ec03f7080bc84bfd619dc6256fd2be9c11250cbdec6721bce

HTTP Headers

GET /rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 17:13:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9B3SEdri44zAf7mGoDhtVA==
x-fb-debug: ldrYMfNTDM+Y2ZnoTeLwuVEGSkaSCzSyd1mHNbTwRO+u2EGV6AGGRFBTz2TMCBrcgf6MuDiKmQsiGRi6aqGr6A==
content-length: 174
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z-m-static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

10 kB

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18915)
Size
10 kB (10390 bytes)
Hash
084615819834e23edead2d2e6fbb0db2
656c5c532f295c4c3a788ea0a719da7686c05bfe
41c35b99b989e96dd40bfbbfb44fe26556a062069ec4e05ad67f51e2259d295e

HTTP Headers

GET /rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 23:11:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CEYVgZg04j7erS0ub7sNsg==
x-fb-debug: wQg3vgqXx4tlcfPGHirf8xkHM+raOezbP1ArhuY+XyBpGnJYFthX7TG7rUhn9Fw7H+Oyp7z45NUxy+AWSPHvUQ==
content-length: 10390
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=1&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0

50.18.146.2

404 Not Found

315 B

URL HTTP/1.1
securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=1&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

POST /a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=1&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0 HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVo60i6nyiw
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------302756123331256241962610363413
Content-Length: 976
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 19:39:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=2&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0

50.18.146.2

404 Not Found

315 B

URL HTTP/1.1
securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=2&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

POST /a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=2&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0 HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVo60i6nyiw
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------319727883215653912571689381059
Content-Length: 5778
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 19:39:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.37

200 OK

0 B

URL HTTP/2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.37:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 14 Jan 2024 11:28:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lcScxmaEi+93426OxPw3kQ==
x-fb-debug: 9mbjff6QFRNMsJCxgalGiXfSs3GWFCaexNsZFs4dUJPcpjCZ7ZXpf/7eCn+Z3E4Zns2FsVziPHegOIBSSH/coA==
priority: u=3,i
content-length: 16819
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

securedcitizensbank.dns05.com/facebook_files/SdtDSnQ5Pqo.js.download

50.18.146.2

200 OK

0 B

URL HTTP/1.1
securedcitizensbank.dns05.com/facebook_files/SdtDSnQ5Pqo.js.download
IP
50.18.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
openphish	Facebook, Inc.

HTTP Headers

GET /facebook_files/SdtDSnQ5Pqo.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:28 GMT
Accept-Ranges: bytes
Content-Length: 186866
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML