r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6583
Expires: Sun, 15 Jan 2023 21:29:23 GMT
Date: Sun, 15 Jan 2023 19:39:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Sun, 15 Jan 2023 20:26:37 GMT
Date: Sun, 15 Jan 2023 19:39:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18988
Expires: Mon, 16 Jan 2023 00:56:08 GMT
Date: Sun, 15 Jan 2023 19:39:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 18:42:08 GMT
content-type: application/json
age: 3452
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BwpgUl+bLbkprfMj83zX32Futju/3NB4FkWmrJQOdXYkgtDvXhh510eKQtM43AIMtGtB4sJv3ug=
x-amz-request-id: 390A0RGF1ECTDWC4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 18:44:16 GMT
age: 3324
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 19:39:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
securedcitizensbank.dns05.com/
50.18.146.2200 OK 94 kB URL HTTP/1.1 securedcitizensbank.dns05.com/
IP 50.18.146.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22433)
Hash ac20a68613e7b34cc7e4771762f1bc38
6a3c3d7bf797fdae38012be25a8a8584c84ffd35
f9649f2a30f1c0cd24e72ea3ff8a330ae3af0e359013d868a89903d88b0dc7da
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET / HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:39:14 GMT
Accept-Ranges: bytes
Content-Length: 94445
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 19:17:25 GMT
age: 1336
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5f9cfd32ba0e755eba2eba2bca5bc3c
012c01ac7a06da9f57e0e1c24658a4bd40e82518
ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3312
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:41 GMT
Last-Modified: Sun, 15 Jan 2023 18:44:29 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
securedcitizensbank.dns05.com/facebook_files/GKILFiHJIh1.js.download
50.18.146.2200 OK 76 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/GKILFiHJIh1.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (32838)
Hash e467b63d1a45ccfde333d665f8471df4
26e2864dba77c43db74e54e4e6545e818c0bb809
541f7848b5da72bdb6184ffe4e745e75464d0fd73acf1c5cdaa7894f37e5f053
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/GKILFiHJIh1.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 76331
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/2oHddz12uT9.js.download
50.18.146.2200 OK 8.8 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/2oHddz12uT9.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (3987)
Hash f9e113bc2c3f5698592467f37677f99e
ede89b5bc0ca163b1d0e250fb66e97d72512b3b9
cf5c0da620ff06c1f111643f006233c2203f0ad416474406b762790d7f16538b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/2oHddz12uT9.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 8848
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/BQPs5nZF6zo.js.download
50.18.146.2200 OK 65 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/BQPs5nZF6zo.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (10595)
Hash 4e47a5f24dab15ba2e081203265756b6
de7108ef41fea4688acc5316d959ea454036bf6c
cc773ebb4f6a8c0f15c91300bb320458e44defa8272ea666c4e734da939fe1c4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/BQPs5nZF6zo.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 65124
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/XmO_5adUbuq.js.download
50.18.146.2200 OK 35 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/XmO_5adUbuq.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (7850)
Hash 01fcaa3f519c999b981f08670970e07e
d13c3713971a488ec16dd3583c1a37d6f2d696ab
872c65d4a63e0013402f3036e831107948f529a0761bc829b97a598970f9a287
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/XmO_5adUbuq.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 34738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/ohs53z_4AL7.js.download
50.18.146.2200 OK 22 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/ohs53z_4AL7.js.download
IP 50.18.146.2:0
File type C source, ASCII text, with very long lines (7258)
Hash 58d6687a74abcc951aa3e3e174c2b077
788400b47be2e7bc8233c2f30792b847cf5a9cfa
530c7275a06a44cf5547e721c8d0b227a78f3cb634e9529d16e0312fcf421d2b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/ohs53z_4AL7.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 22536
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U/0ML6pydJ7K1FATCWrH8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cEtdJY6yma3p1RMOs4EO/XtElqg=
securedcitizensbank.dns05.com/facebook_files/QBkA9ZfAK-V.js.download
50.18.146.2200 OK 42 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/QBkA9ZfAK-V.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (5830)
Hash df1581c017e36d69fe9b1d0a21044dc4
401c89d08101b9983bc6efecf837a978f22c5f1a
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/QBkA9ZfAK-V.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 42424
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/LgvwffuKmeX.js.download
50.18.146.2200 OK 44 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/LgvwffuKmeX.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (32588)
Hash 4d39e7dc83aa51a24d48e63c02fd40af
858e501c752bdc9cc4576e7c48427e093576b40f
a1794060e1ad5af5abac2f5f1ddc804bffc1efeff0897600e637905512d24ebd
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/LgvwffuKmeX.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 43510
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/Sa1jhi1-Bt9.js.download
50.18.146.2200 OK 39 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/Sa1jhi1-Bt9.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (7411)
Hash e5bbf108b2d823147e2feee2a0e3e00e
d99fafb7300c05d9bc9150ca40e5535956e5953a
595da961ec1323abaad902d2221f13e57a60bb5c9e4fdf2049127cdaefe8e6e7
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/Sa1jhi1-Bt9.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 39106
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/0D75Vw0sOuD.js.download
50.18.146.2200 OK 8.8 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/0D75Vw0sOuD.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (6870)
Hash af3a1391eb744fca4f32b53306f226c7
8da8012a0c8103db30ecf58cb81bba45bc18d657
96a1b9a7cfa40aeb294427625db3de9a71609b77c5ff0335a6f8613524a8b660
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/0D75Vw0sOuD.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 8771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/GaT0-DQJdWD.js.download
50.18.146.2200 OK 313 B URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/GaT0-DQJdWD.js.download
IP 50.18.146.2:0
Hash e647dca510effb226de36a63bef2203f
50b0a1ddc258f27ab5a54385384ee2ff6610f04f
0dfdfbee24a09f48ebeaf6475da29c527799a0faeeb20c68a58a2dfdfb3040d3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/GaT0-DQJdWD.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 313
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/m82IO1HXQRH.js.download
50.18.146.2200 OK 33 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/m82IO1HXQRH.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (9053)
Hash 71917e7396c01017d9ae64eceb961fd4
c61dad543cef97b51e87614c5f155ce41aa6cee6
6d8bb83f0fa1391217ab44f4c4d877ed2b37b9f706637deb00514f6f341a4e1b
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/m82IO1HXQRH.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 32639
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/NK70ahZXaY4.js.download
50.18.146.2200 OK 73 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/NK70ahZXaY4.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (11401)
Hash 4f7e6a9ea59b4640a88d58d00ccb5a9f
20ea3519b2860235d3dfb5c9974cff2704156074
4d531e3da2b067376fef15f167e7e5b4d3c102d63614d922e43764a983905431
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/NK70ahZXaY4.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:41 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 72832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/ie38mp0O07P.js.download
50.18.146.2200 OK 25 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/ie38mp0O07P.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (18915)
Hash d03405286255f92c495fb7cbeb7c9556
0fad02cc6fcfca74b57a1db092b5c16e4e9c0759
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/ie38mp0O07P.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 25101
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/B58QfBIwvJh.js.download
50.18.146.2200 OK 57 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/B58QfBIwvJh.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (9910)
Hash 3171fb0e6a99e0146f170f0e863da319
6db5ac0f6e654bdc7e392a1ad55db5a40b1f9a9d
c3c203da899e8bbc1d43ce437b13eb3acb758f4f4f21de49340586a25655e8cf
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/B58QfBIwvJh.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 56822
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/_tJ17sGyxOX.js.download
50.18.146.2200 OK 18 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/_tJ17sGyxOX.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (17932)
Hash 73111912f4b4f7a5b5501dc74d50025b
94bae7be09cae37c16321425b151eb0de4592f0d
ab6777f622dce53efa7d6a93432292afba7757445eb4cc111b25810882375b98
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/_tJ17sGyxOX.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 18154
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/qm0xAdCCfP5.css
50.18.146.2200 OK 14 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/qm0xAdCCfP5.css
IP 50.18.146.2:0
File type ASCII text, with very long lines (7229)
Hash 61a3cdef798841c96d39119ea8ff6b97
dc89a2e1a77e2eb47cc9240d81cd0bf017902b84
457f7366f7bc440db21ff29610d04181fbf97864c0e8117596f0fe4ed85c226a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/qm0xAdCCfP5.css HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 14155
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
securedcitizensbank.dns05.com/facebook_files/lkzqr3glELK.css
50.18.146.2200 OK 39 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/lkzqr3glELK.css
IP 50.18.146.2:0
File type ASCII text, with very long lines (7379)
Hash 7402218481db171931d0077fc231c05a
28fc49d36b01eedc1f1ee9ef4ede467f47c16e14
b9f5a4d5d1acba5a362e427486412100aa5cd676096c9f23ac6cba14124f1d13
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/lkzqr3glELK.css HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:22 GMT
Accept-Ranges: bytes
Content-Length: 38572
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
securedcitizensbank.dns05.com/facebook_files/Y5zG40wLB4c.css
50.18.146.2200 OK 37 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/Y5zG40wLB4c.css
IP 50.18.146.2:0
File type ASCII text, with very long lines (6639)
Hash 33bc24ee46196a438c8b3ed069df760c
46d4372964ded20e546fd48397c8714139e92db0
7a97924564e7b48ae0ecd1d533e08288b2dbbdfd808463cd8e2019b19cc4105c
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/Y5zG40wLB4c.css HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 36963
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
securedcitizensbank.dns05.com/facebook_files/ue_OWlkLDZP.js.download
50.18.146.2200 OK 51 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/ue_OWlkLDZP.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (7732)
Hash 5043c06b1a8282024c9d9b75f2fc2e46
c184be066529699e2e7792c99989d6e25d9bd699
626814a1d050ac62d3290457b6c9986220b14b4719e5e7ed54c84ae75cd07c37
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/ue_OWlkLDZP.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 50828
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/sFUirKWPAtZ.js.download
50.18.146.2200 OK 253 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/sFUirKWPAtZ.js.download
IP 50.18.146.2:0
File type ASCII text, with very long lines (18622)
Size 253 kB (253196 bytes)
Hash 1b1abda4632ec687eba07b8e73d29d76
73fc8e69a05cba9945c9465de188e1ea8ddb1ea8
972a2f8dd0b9cc7908e49d1232cdb96f54d85777a901067a4f005e7d5f8a46f3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/sFUirKWPAtZ.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:24 GMT
Accept-Ranges: bytes
Content-Length: 253196
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
securedcitizensbank.dns05.com/facebook_files/hsts-pixel.gif
50.18.146.2200 OK 43 B URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/hsts-pixel.gif
IP 50.18.146.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/hsts-pixel.gif HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
securedcitizensbank.dns05.com/facebook_files/dF5SId3UHWd.svg
50.18.146.2200 OK 2.4 kB URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/dF5SId3UHWd.svg
IP 50.18.146.2:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2384)
Hash ebd8798bc32c86494851a07770e04e63
b5461dc8f5f5f848033441d506ee05d48742438b
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /facebook_files/dF5SId3UHWd.svg HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:26 GMT
Accept-Ranges: bytes
Content-Length: 2385
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
securedcitizensbank.dns05.com/rsrc.php/v3/yD/r/eOm8UtliYxe.png
50.18.146.2404 Not Found 315 B URL HTTP/1.1 securedcitizensbank.dns05.com/rsrc.php/v3/yD/r/eOm8UtliYxe.png
IP 50.18.146.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /rsrc.php/v3/yD/r/eOm8UtliYxe.png HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/facebook_files/lkzqr3glELK.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 61ead5a5c64e314bee973ab2586bb245
f10abf540d8b8e074cbafbe42351572b96fcbae9
160e2ae893e9ab8bffba3a21409828987cc039fc7f88e130bfbc667d82e3cb78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:43 GMT
Last-Modified: Sun, 15 Jan 2023 18:20:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 61ead5a5c64e314bee973ab2586bb245
f10abf540d8b8e074cbafbe42351572b96fcbae9
160e2ae893e9ab8bffba3a21409828987cc039fc7f88e130bfbc667d82e3cb78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:43 GMT
Last-Modified: Sun, 15 Jan 2023 18:20:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
z-m-static.xx.fbcdn.net/rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 10 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (7850)
Hash 46e7983e2dd03ef65ce614cbdd23e705
da0a4e888fa0b31fa3dfe09a571354cf6945c9bf
38a85b82c07fc6a185dcb75bab166aee744496b6352832007e9c5327311ade0a
GET /rsrc.php/v3/yX/r/XmO_5adUbuq.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 14:20:21 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: RueYPi3QPvZc5hTL3SPnBQ==
x-fb-debug: 7AYpavGd8QGGy9dsPcCQu9tnP4N3/u00Cm5B+efNK0QdlnvHeJ7NHjXrRd7fxZpZyU3JeYIIighMnGTy/dtAYQ==
content-length: 10439
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 12 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (5830)
Hash 7714813710281e982f276a85053aaa44
30873ab1d2b6d89a5e2b65e98638a98f33a6bc6d
bc0cd5ba04e5f899bfeb252d4902b863afd141744ad63733419d6c38ecab0bbf
GET /rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 03 Jan 2024 16:41:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dxSBNxAoHpgvJ2qFBTqqRA==
x-fb-debug: /YrSeOlAxkBcXgD0+fHxSgG6SP+NUsBG3LjOuyWaNuwPIZKvv7eWpe1qIMW2AYwZkZ+H+4zB0TJUZrglLLjdbA==
priority: u=3,i
content-length: 12436
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 7.4 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type C source, ASCII text, with very long lines (7258)
Hash 7c03a817dfb46a88860d522d86544418
f0b6a8daf8bfdc1307edb75f6e69722870742d81
e043a53ffc98f11a23d74efbacc76570701e55807d78e0ec0b6f913c270c0d29
GET /rsrc.php/v3/yi/r/ohs53z_4AL7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 23:53:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: fAOoF9+0aoiGDVIthlREGA==
x-fb-debug: EhLR7kGrS8b4iUGELTPQIY3ppu/FvnfJK1XwE8w4nE9w8ruhh+SUIkKozdLCUqSHfJ77enYiuLT9f/PYrahe+g==
content-length: 7358
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
securedcitizensbank.dns05.com/facebook_files/saved_resource.html
50.18.146.2200 OK 152 B URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/saved_resource.html
IP 50.18.146.2:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/saved_resource.html HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:43 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:28 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
31.13.72.37200 OK 6.7 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
IP 31.13.72.37:0
File type PNG image data, 196 x 196, 8-bit colormap, non-interlaced\012- data
Hash 389dfa18be34d8cf767e06fd5cde4ec6
47b751cffab47d076816c63ce08d3e84600376ee
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
GET /rsrc.php/v3/yj/r/gB76kJXPYJV.png HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OJ36GL402M92fgb9XN5Oxg==
expires: Tue, 09 Jan 2024 04:25:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 3lI9Zf//g6QSsH95NH+YoPQVQ+l7fecfpfz+gk5EvQDGiRSkGikHZA2cT2l7eErcizmAwS5dCy1PtnFORIhAQA==
priority: u=3,i
content-length: 6690
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 61ead5a5c64e314bee973ab2586bb245
f10abf540d8b8e074cbafbe42351572b96fcbae9
160e2ae893e9ab8bffba3a21409828987cc039fc7f88e130bfbc667d82e3cb78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:39:43 GMT
Last-Modified: Sun, 15 Jan 2023 18:20:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9976
Expires: Sun, 15 Jan 2023 22:25:59 GMT
Date: Sun, 15 Jan 2023 19:39:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9976
Expires: Sun, 15 Jan 2023 22:25:59 GMT
Date: Sun, 15 Jan 2023 19:39:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 03:30:55 GMT
age: 58128
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9365e4ddb0fa0d3f6dbdec98433e02a9
a9e0dc338dabcdebb33b35a162b0fb6950b31ddb
cbe4cdf59e5a2f7433485637c88c3fba9c022de1c7559e42ceb9a2c8a872fd21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5463
x-amzn-requestid: 5e0c891d-c5f0-48a9-8f69-6ca2290039b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsaSEHpoAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2774-55e5f2937d688fb00a12d61b;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Feucn9ZUPUt4-pK95m7prVHR5OhBzEuYo4CHMvwqSyHEiRfHpz-25A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:08 GMT
age: 78515
etag: "a9e0dc338dabcdebb33b35a162b0fb6950b31ddb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7ds4KRTpC9H3aDH6fAS0S5W8kONOlSxK7bU2Rzr1d_24GytaZLRTsQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 12:46:14 GMT
age: 24809
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b38d8240-7f85-4fd6-845b-54ddc6da7521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tHxWoAMFTQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-657c5e342a66713b0f5f8f0b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFRrdpdDYEyYq9lFI99gf2mrKB2VRbNmAwbMN9c3wJlbBbc9UTTiaQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:43 GMT
age: 78480
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14f17eb27938efbfade5b80646ffc881
dd23bfbd068f380d7bbd2459921570c63c46cce3
0695aef5736c7c63fb3c45383182824db19045b4eba186feb9da198ac7b9a124
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59115b15-3223-4534-8922-0aff0bedae1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9894
x-amzn-requestid: e5a7bd4f-2d64-44c4-815f-8deae16fd5e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0pbGdOIAMFToA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-283396d9346608cf01ef52e6;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VSKRl2CvP9rNmEn6arD63QK0yFGvMnAjfyS3cVrHlylTjuXKAyZYVg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:24:11 GMT
age: 80132
etag: "dd23bfbd068f380d7bbd2459921570c63c46cce3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90fc5463f271bab652af099cb526f189
805c27d8f82a5eb6583814313c36f5e7699408e5
749dca33aa337b494fb113896bf035bc9dcb17068ecffdf30fc5ac85a4ac5185
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5495
x-amzn-requestid: d76b8f1d-37a2-47ac-9acf-1b0a44a4a5fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqsroF62IAMF-mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0f4b0-67700bfd11f1ad5d0aaab92d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 06:05:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KrCFIa2Dpbas7vvk8nttLRG7HaQ8bEgVmqZUZtlGhdSeV8igH3FLpg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 14:12:40 GMT
age: 19623
etag: "805c27d8f82a5eb6583814313c36f5e7699408e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
31.13.72.12200 OK 79 B URL HTTP/2 scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
IP 31.13.72.12:0
File type PNG image data, 10 x 10, 8-bit/color RGB, non-interlaced\012- data
Hash 8dc258a49b60fae051e9a7ce11ad05cf
dafef280663f4205fc7f0e47799e9945e6a68d6d
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
GET /hads-ak-prn2/1487645_6012475414660_1439393861_n.png HTTP/1.1
Host: scontent.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
expires: Sun, 15 Jan 2023 19:39:43 GMT
cross-origin-resource-policy: cross-origin
content-length: 79
server: proxygen-bolt
x-fb-trip-id: 1904183273
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 9.3 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (7732)
Hash 544d77ebb9e2bdcbb0bf6a266081af0e
c0f62f4a212fb7998dcdc602e46453e0d9cf9668
d4e798354cdbfeed7a6ee6e11a872de9f331f642e06022074a8e4e2beeb4be58
GET /rsrc.php/v3/yY/r/ue_OWlkLDZP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 01:16:57 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VE1367nivcuwv2omYIGvDg==
x-fb-debug: eUzxeP0WoeC3nXlUCbM1z5aMTM9E0XPY/sqa+9HzHEVomvu7F6f1+fMElgODhsVFCVQFRimqyKjABmsjufWjgw==
priority: u=3,i
content-length: 9272
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 7.5 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (17932)
Hash 5b98e07045ca8a854cc251c5589c9a8c
5bf081390c53ab7e8189938e63098e8d7bbce3a0
1c1c815ddbda67edd699b03e86f8755fe5e09a2b435daf0191706e656a66a555
GET /rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 15:33:37 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: W5jgcEXKioVMwlHFWJyajA==
x-fb-debug: 9H1pVkOwh2daZt0B8rf4fv90YbSNlmO5IiZITzBI+6hcaRoavu6C5FXyrReTm1yYvQcSa5jIFaPLo+z2GcvaSA==
content-length: 7497
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/NK70ahZXaY4.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 18 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/y3/r/NK70ahZXaY4.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (11401)
Hash 110eabda4eabdbcadf0209273a03df86
78464b59faf0619015c67228bc7eed79d503bd3c
cb855bad8ed314c6790f741b558b9652698e93aa3cac555cab4166da3c6f58d0
GET /rsrc.php/v3/y3/r/NK70ahZXaY4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 12 Jan 2024 16:21:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: EQ6r2k6r28rfAgknOgPfhg==
x-fb-debug: ZvV6Wg09BskyizfrovIVlHIxghMnJSi1dFrMlMhigV0Cbl+i21og9uqBOscyHMJVHWdHLqCgrEr2FVzZbHG2MA==
content-length: 18235
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3izbB4/yq/l/en_GB/BQPs5nZF6zo.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 20 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3izbB4/yq/l/en_GB/BQPs5nZF6zo.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (10595)
Hash 5e89d76dc2456e11e4e360f4fd116486
fbe33e2b638aa014e29b8fd04951a1940dfbdfae
d5a2e22d102e4689204907cc21a59a3d238b4a3bfa95c3effe71d58a4802a6c2
GET /rsrc.php/v3izbB4/yq/l/en_GB/BQPs5nZF6zo.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 15 Jan 2024 10:04:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: XonXbcJFbhHk42D0/RFkhg==
x-fb-debug: 5CuhNCfHXutbRxt57LCwF3mAdGUUpTesjhy/JII4GplkZDb/e6aAEsgxDyrXmObM386+7YEMWc6eiirqfjF9BA==
priority: u=3,i
content-length: 19646
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 3.4 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (3987)
Hash 636c7c08c6b023dacc956401adb1db8d
10aaaa2fcbd9ee2a31ee6ebec2e324494fe197dc
79dae50f0d2f27414403a22c5b3caf43c253e14ec7d6593c02ceea4d6766acd9
GET /rsrc.php/v3/yc/r/2oHddz12uT9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 03 Jan 2024 16:42:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Y2x8CMawI9rMlWQBrbHbjQ==
x-fb-debug: dKM0UAh+3o4f56Qbp+eb7/V2aQhBS1ITEHKP9iegnyNUIezNvfxF/Wq4BSD63mD6rCNA7YMpiMnsaT/ODRS/NQ==
content-length: 3374
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 11 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (9053)
Hash f37f1777786b32d2198366939aabd7d3
743a07626cb602d272e41fb92ef60d309e0e5fb4
f4b6ae7b9e0ba598001ec1db9d0199252a6eac113eb8bee18a905e967dd62f5a
GET /rsrc.php/v3/yb/r/m82IO1HXQRH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 03 Jan 2024 16:42:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 838Xd3hrMtIZg2aTmqvX0w==
x-fb-debug: 1CgdFnonPrzFUahHEvMlPYZ0fgjgb9/wsQkmnzp8Kmvp1F0qBfwYmtZG2SyXoWfSsyNNuG8WGjlBYiPXn9HYlw==
content-length: 10691
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/yO/l/en_GB/GKILFiHJIh1.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 18 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3i3kA4/yO/l/en_GB/GKILFiHJIh1.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (32838)
Hash a8766891c907e14b418875755886c938
408c4fc52c373678f0445794234534562e6f8eae
cd9c18a5a704c24d8887f4916560f4bdf04f5c7be3e65e58e73a45c1b411dc13
GET /rsrc.php/v3i3kA4/yO/l/en_GB/GKILFiHJIh1.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 16:05:13 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: qHZokckH4UtBiHV1WIbJOA==
x-fb-debug: NU3DK0s0HpkSAxcSyNLZ1hyk26y7Z3aghlibWSKfeh93nHEWhQ2EnrzOGNXy5Iz2ra1+qPs4bgqu+5CAQBoBVA==
content-length: 18172
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 13 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (32588)
Hash 34dd9849794de6e455b38c372e6af714
71d938f601eb56283143df5d367c46f1b25e3c4d
282985aa4c8e10951ed1b17f49a8e28b062187ac741c35bb5c6e6153dd7a27e6
GET /rsrc.php/v3/yf/r/LgvwffuKmeX.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 01 Jan 2024 19:57:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NN2YSXlN5uRVs4w3Lmr3FA==
x-fb-debug: eSeu/7/OhK/ElRYkBEgphScLZhZKBMLCKZ4htBRS1DJwTyCmjwSLt6LNi5sv4SBW0PA31PGyjcfEZDhXlc+prQ==
priority: u=1,i
content-length: 13014
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3iLQG4/yx/l/en_GB/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 10 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3iLQG4/yx/l/en_GB/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (7411)
Hash b498d733f85228a332f0aced10c6f881
148025b40a292386ea20b51b3c033204084083e3
fda32af9ae0ef1da786506a3813fc835e0dbd4ee0aaadcf88deb20cb9122026b
GET /rsrc.php/v3iLQG4/yx/l/en_GB/Sa1jhi1-Bt9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 05 Jan 2024 03:08:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tJjXM/hSKKMy8KztEMb4gQ==
x-fb-debug: 9DPr7C1fSGRhldV0Hv2cXGAovqO+YXkv+HINj11jQs7r99AKxNAmNodT+2+HS2fsrVgGWQj3sOfwMvJ5q8wCdg==
content-length: 10340
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_GB/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 3.3 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_GB/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (6870)
Hash b69cf4e150338ada74a3c71298ab8d30
a4bcd2abd76741b6c3d692fc34538cb304f39d99
108e5fd8d96282336114a82c7235f825d408f6584d2628c234500356060e9d70
GET /rsrc.php/v3iLl54/yw/l/en_GB/0D75Vw0sOuD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 20:16:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: tpz04VAzitp0o8cSmKuNMA==
x-fb-debug: q8yKVVktOoTgsnypejxlr8/vBZ8zHTvcTRZg5XgHM2puc2iD4Dl4XJ82o+Xxt/cBbHj4WjHSFavoMhYk2PbV2A==
content-length: 3273
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 174 B URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
Hash f41dd211dae2e38cc07fb986a0386d54
a4e0398136c7c27e468ddc0e453bd6d1934f7879
410bdb0ca6a62e9ec03f7080bc84bfd619dc6256fd2be9c11250cbdec6721bce
GET /rsrc.php/v3/yg/r/GaT0-DQJdWD.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 17:13:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 9B3SEdri44zAf7mGoDhtVA==
x-fb-debug: ldrYMfNTDM+Y2ZnoTeLwuVEGSkaSCzSyd1mHNbTwRO+u2EGV6AGGRFBTz2TMCBrcgf6MuDiKmQsiGRi6aqGr6A==
content-length: 174
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
z-m-static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 10 kB URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
File type ASCII text, with very long lines (18915)
Hash 084615819834e23edead2d2e6fbb0db2
656c5c532f295c4c3a788ea0a719da7686c05bfe
41c35b99b989e96dd40bfbbfb44fe26556a062069ec4e05ad67f51e2259d295e
GET /rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 04 Jan 2024 23:11:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CEYVgZg04j7erS0ub7sNsg==
x-fb-debug: wQg3vgqXx4tlcfPGHirf8xkHM+raOezbP1ArhuY+XyBpGnJYFthX7TG7rUhn9Fw7H+Oyp7z45NUxy+AWSPHvUQ==
content-length: 10390
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=1&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0
50.18.146.2404 Not Found 315 B URL HTTP/1.1 securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=1&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0
IP 50.18.146.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
POST /a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=1&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0 HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVo60i6nyiw
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------302756123331256241962610363413
Content-Length: 976
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 19:39:43 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=2&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0
50.18.146.2404 Not Found 315 B URL HTTP/1.1 securedcitizensbank.dns05.com/a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=2&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0
IP 50.18.146.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
POST /a/bz?fb_dtsg=NAcO3_Czn-PMWcr_4HIm_DLHaZjQE_SC7ASaApZCRmT0Dcri414AVVQ%3A0%3A0&jazoest=24694&lsd=AVo60i6nyiw&__dyn=1KiEGiE5q2K14zVQ2mml0BxG6U4a2i5U4e0C86u7E39x60lW4o3Bw4Ewk9E4W0om0MU0D2US0na1gwwyo1nVEdE1u86i0N85G0zE1bE881eEdEG0hi0Lo6-0Co2cw8-&__csr=&__req=2&__a=AYkEv283x5yHG8-k3jWaUnGpPh6s_utD8wZnu7Rk_LgTts7dd5szIjN6sueeNri_NfIsnJVCgX1OmOFfnV0ePz7UYzJ-xvdhGbvLScKzy0T3Tg&__user=0 HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
X-Response-Format: JSONStream
X-Requested-With: XMLHttpRequest
X-FB-LSD: AVo60i6nyiw
X_FB_BACKGROUND_STATE: 1
Content-Type: multipart/form-data; boundary=---------------------------319727883215653912571689381059
Content-Length: 5778
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sun, 15 Jan 2023 19:39:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.37200 OK 0 B URL HTTP/2 z-m-static.xx.fbcdn.net/rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.37:0
GET /rsrc.php/v3/yd/r/B58QfBIwvJh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: z-m-static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedcitizensbank.dns05.com
Connection: keep-alive
Referer: https://securedcitizensbank.dns05.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 14 Jan 2024 11:28:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lcScxmaEi+93426OxPw3kQ==
x-fb-debug: 9mbjff6QFRNMsJCxgalGiXfSs3GWFCaexNsZFs4dUJPcpjCZ7ZXpf/7eCn+Z3E4Zns2FsVziPHegOIBSSH/coA==
priority: u=3,i
content-length: 16819
date: Sun, 15 Jan 2023 19:39:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
securedcitizensbank.dns05.com/facebook_files/SdtDSnQ5Pqo.js.download
50.18.146.2200 OK 0 B URL HTTP/1.1 securedcitizensbank.dns05.com/facebook_files/SdtDSnQ5Pqo.js.download
IP 50.18.146.2:0
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Facebook, Inc.
GET /facebook_files/SdtDSnQ5Pqo.js.download HTTP/1.1
Host: securedcitizensbank.dns05.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://securedcitizensbank.dns05.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 19:39:42 GMT
Server: Apache
Last-Modified: Sat, 07 Jan 2023 23:34:28 GMT
Accept-Ranges: bytes
Content-Length: 186866
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript