| schwab.bynder.com/default/redirecttoken/e2873f69-e758-43f4-983397648472c94b | 18.158.138.243 | 301 Moved Permanently | 134 B |
URL HTTP/1.1schwab.bynder.com/default/redirecttoken/e2873f69-e758-43f4-983397648472c94b IP18.158.138.243:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /default/redirecttoken/e2873f69-e758-43f4-983397648472c94b HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 21 Mar 2023 10:51:13 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://schwab.bynder.com:443/default/redirecttoken/e2873f69-e758-43f4-983397648472c94b
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash00e304a3fc0c2f01af0e94fcefe0ca40 833969e75e5e13e823c8d97ee59a9821eb157ee3 c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5800
Expires: Tue, 21 Mar 2023 12:27:53 GMT
Date: Tue, 21 Mar 2023 10:51:13 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashec332b81a27117ce9c16b67a5a8e4fac b6d2afa2c859d000ad830d3d8d73f57bac6ffce2 1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14157
Expires: Tue, 21 Mar 2023 14:47:10 GMT
Date: Tue, 21 Mar 2023 10:51:13 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 10:14:57 GMT
content-type: application/json
age: 2176
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash4e6141892ec4705c6a0134f3157b969d 4169fdea42b0fa9cb565e14b8e8fdb293575c78e 905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15719
Expires: Tue, 21 Mar 2023 15:13:12 GMT
Date: Tue, 21 Mar 2023 10:51:13 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 06CU65Sk0if9ZyF8qHyNwo9ZZ3u6iu3mOfPUKhml4bktammGi4HoCRZ003bWyrYyUa0imYmzQ8k=
x-amz-request-id: 7A84K6YV29SJNZQ0
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 09:59:04 GMT
age: 3129
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 10:51:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash9689f94a2e28302bca073e2aaac170c5 ff61d09c96caa0ec3b3bdea26cc9e287fb2ea2dd 15a772234f24934ea9f6857e7fb6a7207aeb185e52416611785cc967af450d1d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123383
Date: Tue, 21 Mar 2023 10:51:13 GMT
Etag: "6418cb18-1d7"
Expires: Wed, 22 Mar 2023 21:07:36 GMT
Last-Modified: Mon, 20 Mar 2023 21:07:36 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 73U0qRgLScPmHh1vDwP1cZFg53rW43BBkemVjPw192-rZSSHgRElGA==
|
|
| schwab.bynder.com/default/redirecttoken/e2873f69-e758-43f4-983397648472c94b | 54.93.114.218 | 302 Found | 0 B |
URL HTTP/2schwab.bynder.com/default/redirecttoken/e2873f69-e758-43f4-983397648472c94b IP54.93.114.218:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /default/redirecttoken/e2873f69-e758-43f4-983397648472c94b HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 21 Mar 2023 10:51:13 GMT
content-type: text/html;charset=UTF-8
content-length: 0
server: nginx
set-cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1;Path=/;Secure;HttpOnly
DEFAULTLOCALE=en_US;Path=/
location: /login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-api-correlation-id: 92677999-69a0-30eb-9ed6-9cf2ec87e47e
permissions-policy: camera=(), geolocation=(), microphone=()
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 10:14:33 GMT
age: 2200
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js | 54.93.114.218 | 200 OK | 6.8 kB |
URL HTTP/2schwab.bynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js IP54.93.114.218:0
File typeASCII text, with very long lines (22928), with no line terminators Hash88f8187f733dfcf72b1cebb49c647fbf 1805b59809886da0d009b71ad8b3622f114a0ea0 4933ff7d9ab07218cb3040f9d4faa04e9acbdbaa5c446dac603f0b8cbb415627
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:14 GMT
content-type: application/javascript
content-length: 6764
server: nginx
content-encoding: gzip
last-modified: Mon, 20 Mar 2023 13:51:20 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-api-correlation-id: 55674fde-fd8d-31c7-d1a1-7d3669bd56f3
permissions-policy: camera=(), geolocation=(), microphone=()
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash4c195a3fc0c2abb831630cef1dcfa770 eda338de3063640556177b9db364c33193d7f6dc c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Tue, 21 Mar 2023 12:59:46 GMT
Date: Tue, 21 Mar 2023 10:51:14 GMT
Connection: keep-alive
|
|
| d8ejoa1fys2rk.cloudfront.net/static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz | 54.230.111.126 | 200 OK | 29 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz IP54.230.111.126:0
File typeASCII text, with very long lines (65536), with no line terminators Hash5b2b1a70f05bdc1020e6c98688e176b2 f228baecdccc7d894982daa91e9a14c4e4f31264 e3b9a74a2a000401ef377ca3f7edcb36d731760882237ba0ede05c4972e6381e
GET /static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 29248
last-modified: Thu, 09 Mar 2023 11:35:51 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 00:48:06 GMT
cache-control: public, max-age=86400
etag: "5b2b1a70f05bdc1020e6c98688e176b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AO2EGy1_woCy0qXUNmX6NIWK222Rl8fvT-pln49k7tMKgsO4p30pLA==
age: 36357
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/0D309C11CE0F9F49E23080A635760D96.cache.js.gz | 54.230.111.126 | 200 OK | 100 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/0D309C11CE0F9F49E23080A635760D96.cache.js.gz IP54.230.111.126:0
File typeASCII text, with very long lines (2978) Size100 kB (100020 bytes) Hash1e3e67578a09a88d46560c1587febe23 7f3ec1a86ca5401444190835c7b09f659e033975 09420aa4d96dbe4187222352ce51de246eb7050bcdfdb1014b80764b3971e441
GET /static/0D309C11CE0F9F49E23080A635760D96.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 100020
last-modified: Thu, 09 Mar 2023 11:36:12 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 05:06:42 GMT
cache-control: public, max-age=86400
etag: "1e3e67578a09a88d46560c1587febe23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MXDBr-95Zu8QOzjAgtdH227mnWI55krNc1hZxzw7OR_RDNS598SahQ==
age: 20744
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/0E0B5477CA6E5F47D63A4512FADE16D0.cache.js.gz | 54.230.111.126 | 200 OK | 9.4 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/0E0B5477CA6E5F47D63A4512FADE16D0.cache.js.gz IP54.230.111.126:0
File typeASCII text, with very long lines (1896) Hash5dc687b2ede69cbe3d822a66901afbaf 5690cd9bcd66b87180df94a2d05695e38307ade5 5abdd4cb3a92831c1dde1bcbc31407d40f8fe46fc49aea98dfa943d38109b504
GET /static/0E0B5477CA6E5F47D63A4512FADE16D0.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9406
last-modified: Mon, 20 Mar 2023 10:04:50 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 10:04:53 GMT
cache-control: public, max-age=86400
etag: "5dc687b2ede69cbe3d822a66901afbaf"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aqtWn-t95hXgMVzZsRC0GYT5hAbAW1p8ikyqsSbUSeUaRhqiIuFxow==
age: 32595
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/13DA7186FD2737F5C47D5ADA7C17EA24.cache.js.gz | 54.230.111.126 | 200 OK | 175 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/13DA7186FD2737F5C47D5ADA7C17EA24.cache.js.gz IP54.230.111.126:0
File typeASCII text, with very long lines (65536), with no line terminators Size175 kB (174915 bytes) Hash45bdcedc6d66d5d96a225e7bc8e394a2 b041e2ef1c7813f13bd4d79949ea5ba11904446f f442e65c2e3131fc3605e91eeb69170bfbd85a5fece6e517bbda1d11665488b3
GET /static/13DA7186FD2737F5C47D5ADA7C17EA24.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 174915
last-modified: Mon, 20 Mar 2023 10:04:51 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 10:05:06 GMT
cache-control: public, max-age=86400
etag: "45bdcedc6d66d5d96a225e7bc8e394a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mu7pt9bUHK8fMW-FLThDpoJ0z3RI6Nmr_c5oor3hnBpedOIdgqAU_Q==
age: 2783
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/62A48BFB93AF83D261064AC5E9D0258F.cache.css.gz | 54.230.111.126 | 200 OK | 39 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/62A48BFB93AF83D261064AC5E9D0258F.cache.css.gz IP54.230.111.126:0
File typeASCII text, with very long lines (7269) Hashdd3d4574d5acaca8621d54cbb34a8e20 e22032485b56a4dc917d95947b90f1c1ce4f7c26 eb263f4495044197826e56490b61f2953ff043cbef8e1bc6187d99c66644854e
GET /static/62A48BFB93AF83D261064AC5E9D0258F.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 39278
last-modified: Thu, 09 Mar 2023 11:35:55 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 00:48:06 GMT
cache-control: public, max-age=86400
etag: "dd3d4574d5acaca8621d54cbb34a8e20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z6srnccHuPT1Gh5R1MLgJmIv3NqhzxmfghVTyEY4SaFqsntOD50IhA==
age: 36842
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz | 54.230.111.126 | 200 OK | 22 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz IP54.230.111.126:0
File typeASCII text, with very long lines (9647) Hash023306483fce322bc1e43c36808467db e9318dd306557d0c26d0a75051007759beb6671e f8f22c0f47b7eb4710ffc3b6682f1da59826729aba5816b7390f83593fd30bf6
GET /static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 22054
last-modified: Fri, 17 Mar 2023 09:09:20 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Mar 2023 18:52:44 GMT
cache-control: public, max-age=86400
etag: "023306483fce322bc1e43c36808467db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hcb-i7CAwkZsYAy_mmyuxWDsS3QWaidGICrwKofEwS9v_4YUN6o5VQ==
age: 57608
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/CDAE6C67B91FFEBAF6579C018AA4811E.cache.css.gz | 54.230.111.126 | 200 OK | 1.9 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/CDAE6C67B91FFEBAF6579C018AA4811E.cache.css.gz IP54.230.111.126:0
File typeASCII text, with very long lines (4290) Hash9161c9a642ccb946c2be24af26f6a26e 846d5b409467ae62e1b2c2e099918a76df30e2c4 bffe3aac9a1aec8e9dc64ff826b5b7327309d6f7ceccc3356e19480e7a4e6144
GET /static/CDAE6C67B91FFEBAF6579C018AA4811E.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 1865
last-modified: Fri, 17 Mar 2023 09:09:23 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Mar 2023 18:52:44 GMT
cache-control: public, max-age=86400
etag: "9161c9a642ccb946c2be24af26f6a26e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D3fzlulXhtvkt4iZjzG2xlOjQv0hpWL82Yn1MahrGOYa1LGHPSPCyA==
age: 57608
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/714918FC51762B562F864F3FD8D3F8E7.cache.css.gz | 54.230.111.126 | 200 OK | 18 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/714918FC51762B562F864F3FD8D3F8E7.cache.css.gz IP54.230.111.126:0
Hashabd9dd437bb4d7ca87ae36a12ec08c1a f65f47c82693003fceb9d16ddc405b32d966a4a7 5c74b2fbd3fd85f25b8936a1839ba8c0cff5c1981e38423ecdfe88c288271f65
GET /static/714918FC51762B562F864F3FD8D3F8E7.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 17455
last-modified: Tue, 14 Mar 2023 11:28:16 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 03:35:44 GMT
cache-control: public, max-age=86400
etag: "abd9dd437bb4d7ca87ae36a12ec08c1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LxgWs9jSQDwB29MvS6_SIUi91XyyPPO0EoeI6iLWZcUpkDXY5Dgzgg==
age: 26228
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/static/66BA9115D78DFC9E4696987C638C6ABB.cache.css.gz | 54.230.111.126 | 200 OK | 217 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/66BA9115D78DFC9E4696987C638C6ABB.cache.css.gz IP54.230.111.126:0
Hash284e7394544ed7bedb43a88a23b58796 af76321edea70ef6ce06473ddaf3609c9ce2d2e2 37d34e442f62d3468f7479488e18a0527f6a61ada848c3b39460c9eea1c98985
GET /static/66BA9115D78DFC9E4696987C638C6ABB.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 217
last-modified: Wed, 15 Mar 2023 11:44:22 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 21 Mar 2023 02:58:05 GMT
cache-control: public, max-age=86400
etag: "284e7394544ed7bedb43a88a23b58796"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: En9xN2LAUqwRwRjqhWTVugCbqMXxi9LNT-WdpIOGLGY2Fc0UTbXRVA==
age: 28960
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.149.149.164 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.149.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XjQuji8EVsGjIq9qKgg+xA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UsbRtHJXtiugIO6ZURz3NliuOqY=
|
|
| schwab.bynder.com/v7/portal/theme/?format=css | 54.93.114.218 | 200 OK | 208 B |
URL HTTP/2schwab.bynder.com/v7/portal/theme/?format=css IP54.93.114.218:0
Hashb24a65992c483ea908034ca36cb35823 4d3337e819865baef37b9dfcf2d57ce90c9d4bba 20de0f66e0bec494119f2b47dd0c3be21b3748b85e5e7b3477d25d9201078b39
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/portal/theme/?format=css HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:14 GMT
content-type: text/css; charset=utf-8
content-length: 208
server: nginx
x-api-correlation-id: 30161c38-3981-888f-3520-d2f453aa4316
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/CharlesModern/CharlesModern-Regular.woff2 | 54.230.111.126 | 200 OK | 15 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/CharlesModern/CharlesModern-Regular.woff2 IP54.230.111.126:0
File typeWeb Open Font Format (Version 2), TrueType, length 15188, version 1.6553\012- data Hash914ab6804618c2cd17d73fece6f496e1 b7bdd62d0c2eee9784f3a04a6dc805f088bc8cb5 fc82cd05b6904475067302ede198238fb6844179b8d37525cdffc618737d0688
GET /5.0.5/includes/fonts/CharlesModern/CharlesModern-Regular.woff2 HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://schwab.bynder.com
Connection: keep-alive
Referer: https://d8ejoa1fys2rk.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 15188
date: Tue, 21 Mar 2023 10:16:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 3000
last-modified: Tue, 21 Mar 2023 08:09:56 GMT
etag: "914ab6804618c2cd17d73fece6f496e1"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lUGQgN8MUyVm1ZptvL49QBX4xrFctY8K27y_PdZfLliHznGwdspM4A==
age: 2103
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0 | 54.230.111.126 | 200 OK | 77 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0 IP54.230.111.126:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://schwab.bynder.com
Connection: keep-alive
Referer: https://d8ejoa1fys2rk.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 77160
date: Tue, 21 Mar 2023 10:16:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 3000
last-modified: Tue, 21 Mar 2023 08:10:36 GMT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -1BigPPIMvu8YsHHWwgBn1P8T_5x4gkawzljryoPflivhdAK9XNJ0w==
age: 2103
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/includes/img/account/bynder/bg-login.jpg | 54.230.111.126 | 200 OK | 58 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/includes/img/account/bynder/bg-login.jpg IP54.230.111.126:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x960, components 3\012- data Hash98daf7652e97134bf46c704a7de07519 8620162d02b2e6d1528414abc2fe5a5693a1f00a aceef20a27161f6c8c62d33316d7fb188e7e5eb12a167073205e63d91d1faed8
GET /includes/img/account/bynder/bg-login.jpg HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d8ejoa1fys2rk.cloudfront.net/static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 57673
last-modified: Tue, 26 Aug 2014 07:19:53 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Mar 2023 18:18:05 GMT
etag: "98daf7652e97134bf46c704a7de07519"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hg2zGV_USHdHkTy0h6NvpS1n9fIMz2SAC-dULwgb0lqKp7hdZuab5w==
age: 59609
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/icons/charlesschwab.ico | 54.230.111.126 | 200 OK | 374 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/icons/charlesschwab.ico IP54.230.111.126:0
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data Hashe7f8ed3df589651e0bb724ebd8284e15 f390dce1c7449022cd12b5e8326ae63e2ce2563e 3973303d473167a644f01c43b44ef6563301a43798cddb8eb0b7e608433e2027
GET /5.0.5/includes/img/icons/charlesschwab.ico HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 374
date: Tue, 21 Mar 2023 10:16:12 GMT
last-modified: Tue, 21 Mar 2023 08:10:55 GMT
etag: "e7f8ed3df589651e0bb724ebd8284e15"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w4l7O1nMQN9mYinoer4OcH4sqWc4Kgav84YA26lny7vaT8EWMyqW7A==
age: 2103
X-Firefox-Spdy: h2
|
|
| d1ra4hr810e003.cloudfront.net/visual/accountlogo/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/medium-1C12E137-21CE-41CA-86ABD7FBB1D6B44F.png | 54.230.245.4 | 200 OK | 22 kB |
URL HTTP/2d1ra4hr810e003.cloudfront.net/visual/accountlogo/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/medium-1C12E137-21CE-41CA-86ABD7FBB1D6B44F.png IP54.230.245.4:0
File typePNG image data, 200 x 199, 8-bit/color RGB, non-interlaced\012- data Hashce1639d7d32978c7ac905b2c7fb1ff25 48b23c66caabfddb59e3c0e1f3e1032d108206d8 56ab180e805d3b797b17660dc539195acf8a4be5fe39cb3aca4574b3c59b405a
GET /visual/accountlogo/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/medium-1C12E137-21CE-41CA-86ABD7FBB1D6B44F.png HTTP/1.1
Host: d1ra4hr810e003.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 21798
date: Sat, 18 Mar 2023 04:47:26 GMT
last-modified: Wed, 05 Jul 2017 14:40:40 GMT
etag: "ce1639d7d32978c7ac905b2c7fb1ff25"
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kSLI7g2s8xCfA0-_eobMrbmL6PdwzsSySVf92-3nF-MMOyAGAPQnDw==
age: 281029
X-Firefox-Spdy: h2
|
|
| d1ra4hr810e003.cloudfront.net/visual/accountbackground/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/xmedium-E72681B8-A630-4B5F-81E6C6B13F6157CF.png | 54.230.245.4 | 200 OK | 3.1 MB |
URL HTTP/2d1ra4hr810e003.cloudfront.net/visual/accountbackground/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/xmedium-E72681B8-A630-4B5F-81E6C6B13F6157CF.png IP54.230.245.4:0
File typePNG image data, 2000 x 1134, 8-bit/color RGBA, non-interlaced\012- data Size3.1 MB (3057192 bytes) Hash7a5c56383e368061e25f6669cfa9c6a2 ce371c3ce3c44fdac5fdba8b2dd1cb7da864e0c8 893e5dd27870a1b39ad06eacbf4b449342e0138148920a4334778fd63d1db6cc
GET /visual/accountbackground/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/xmedium-E72681B8-A630-4B5F-81E6C6B13F6157CF.png HTTP/1.1
Host: d1ra4hr810e003.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3057192
date: Sun, 12 Mar 2023 17:53:06 GMT
last-modified: Sat, 12 Feb 2022 00:03:53 GMT
etag: "7a5c56383e368061e25f6669cfa9c6a2"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-disposition: attachment
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Yl1eN9UoTplbZlLCWbbXtnNcrkzIkVDYHzznKIau7Bm-nVnJYi-HJA==
age: 752289
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/paramount/js/manifest.json | 54.93.114.218 | 200 OK | 14 kB |
URL HTTP/2schwab.bynder.com/v7/paramount/js/manifest.json IP54.93.114.218:0
Hash17bf10c41bac221903322fca0ba4f54e 868668cc81747af3132ec3389f00f58f64d0ba9a 3c1d50b3fe43f1856adf8989c0aabac98af373db4f1483b974b3ecb52ee050c9
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/paramount/js/manifest.json HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:15 GMT
content-type: application/json
server: nginx
last-modified: Tue, 21 Mar 2023 09:31:26 GMT
vary: Accept-Encoding
etag: W/"6419796e-972e"
cache-control: no-cache, public, must-revalidate, proxy-revalidate
content-encoding: gzip
x-api-correlation-id: 108c57ec-844d-8a4e-d247-c5616e891967
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14693
Expires: Tue, 21 Mar 2023 14:56:08 GMT
Date: Tue, 21 Mar 2023 10:51:15 GMT
Connection: keep-alive
|
|
| d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css | 54.230.111.126 | 200 OK | 7.5 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css IP54.230.111.126:0
Hashe40b531fbec7cfb59d362b6570f7e04b 35c23dcc59cf855e261c567efb9216007c161155 121b70d935cbdd95e2751277d9827c9f1b2e26df7d082271af45654331abaab4
GET /5.0.5/includes/css/vendor/font-awesome.min.css HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Tue, 21 Mar 2023 08:13:09 GMT
last-modified: Tue, 21 Mar 2023 08:12:02 GMT
etag: W/"11561142ddf4044e4897a29bd23df349"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CnnyfOmZtEbFX61JInPRzDxOUHgtQUSKZ56k9JkNMLZhJMyZjjfeIQ==
age: 9486
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14693
Expires: Tue, 21 Mar 2023 14:56:08 GMT
Date: Tue, 21 Mar 2023 10:51:15 GMT
Connection: keep-alive
|
|
| d8ejoa1fys2rk.cloudfront.net/static/B2EC870FE40E6F1DDF269A641F27AEAF.cache.js.gz | 54.230.111.126 | 200 OK | 503 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/static/B2EC870FE40E6F1DDF269A641F27AEAF.cache.js.gz IP54.230.111.126:0
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
GET /static/B2EC870FE40E6F1DDF269A641F27AEAF.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 391313
last-modified: Fri, 17 Mar 2023 09:09:27 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Mar 2023 18:35:45 GMT
cache-control: public, max-age=86400
etag: "bc790e9d3b8e67fe4eec5dbdc38ac30d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2zZoJ63O03zJ9TmteSt8UKfXRylsVuQ_7OOnIK89VKT3hpi9a6gOZA==
age: 77749
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashde95776582936b8e129e876cf6d80fa8 0233251e1cf0123f1260d980d7c8ef92718723f9 49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14693
Expires: Tue, 21 Mar 2023 14:56:08 GMT
Date: Tue, 21 Mar 2023 10:51:15 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash08f2d83ce4f0d9158f2414065924955d 76d9b0d87b9ad6f6b5ec225d46eb04154cf113c5 9d11c0726d38515d1f847423ccccbb7b06b14c65e6776741d30d5f4b5bd9cc39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c02b9c1-0ea5-472c-95e9-5fcd5cf9d11d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7714
x-amzn-requestid: 3c48be36-11d4-4e6d-a376-b73f5836ccaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDUuEcXIAMFbUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f51-15606b16594e67e74234c992;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EZb5UlE1ggV28LSzY0AauVJaJ69-EuzM9aUSJA-unn2Ys3sQpTNTBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:57:10 GMT
age: 46445
etag: "76d9b0d87b9ad6f6b5ec225d46eb04154cf113c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2a940b362660fdee25faaa51e08c439b 85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c 18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 45855
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e5f234aedfabd736b50fef3017380f9 71672a6c3523d9999522e005091863d07ea0e94a 3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 46747
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde16c1fb-8973-46d5-a440-8527888510e4.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde16c1fb-8973-46d5-a440-8527888510e4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7e281be899d3a89992cd1c8493e37f77 5a5d5c6a29abd635879671dbf7607df1baa17d56 70232e33aff51589e751c478c326a4e82473c4d53f049b8b551f9dd1ba11e4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde16c1fb-8973-46d5-a440-8527888510e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5093
x-amzn-requestid: 09c682a3-b2d0-4eb8-ae9a-96ddb8716077
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9mzZFI5IAMFYiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641551af-3651fc21214db65e70caa0cf;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 05:52:47 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: VquOENg5ShRpddRHaI04cjOauy3kmVLC3uG7VB21xK4Iu2lvG9XWfw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 13:26:49 GMT
age: 77066
etag: "5a5d5c6a29abd635879671dbf7607df1baa17d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash20e0cf109126f01b80e30c2d40549641 db5eb3144ed0ac478abdf10d270f43d9cc391bc8 7f6eed19068600b6276764a56214b719bf5ed441515dec178cb692f401d1fc46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59eb1d88-9afd-445f-bf6b-f7edc71a4aff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9492
x-amzn-requestid: 812019e6-0484-471d-ba54-235f77118772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CFAazGLQIAMFc_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64184778-7f71615e4ddf5c5c4defb735;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 11:46:00 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PvDhwh79wdNB-IFpt3I3i7B1k5kq_iRdlbe4z6W3Z-rpFhaQg9jhyg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 06:59:02 GMT
age: 13933
etag: "db5eb3144ed0ac478abdf10d270f43d9cc391bc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg | 34.120.237.76 | 200 OK | 3.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash00d5824792d2b97182c7fe2f91880eee 75e82060efb997641f24c68ebc70d0828ba90311 bc5e9cf1d7d78b14e595705eee550f5d6acd712feb4b3a9e428ae4ce863edc58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c47b1c0-04b4-4401-ac29-0541c79f9785.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3835
x-amzn-requestid: 8f05ddb5-6a3c-4902-a3a0-f40a9e59394b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI-GjWIAMFTsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-26854db13f914e1579b9e752;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: nPGp--k2s14M2YR095tI4Y5BjuEyNY4NWF9Nb0Pck3HWn6xapRy9Gw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:51:42 GMT
age: 46773
etag: "75e82060efb997641f24c68ebc70d0828ba90311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/localization/keys/?module=pybynder-frontend&locale=en_US | 54.93.114.218 | 200 OK | 103 kB |
URL HTTP/2schwab.bynder.com/v7/localization/keys/?module=pybynder-frontend&locale=en_US IP54.93.114.218:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (65496), with no line terminators Size103 kB (103140 bytes) Hash12dd1e06684aa087cda20a06210fdaf6 0c88e7d8d8fd01be1c93363952a0bd1bdf3f131f 58e5ffbc969e755a23a6eacb459cc25aed7b6f5b2f4ad93a4acc10ecaf998450
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/localization/keys/?module=pybynder-frontend&locale=en_US HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:15 GMT
content-type: application/json; charset=utf-8
content-length: 103140
server: nginx
etag: "0c88e7d8d8fd01be1c93363952a0bd1bdf3f131f"
cache-control: no-cache
x-api-correlation-id: 1ac9b7e3-9b51-1905-0a9e-f48b0692cb12
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-charlesschwab.css | 54.230.111.126 | 200 OK | 20 kB |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-charlesschwab.css IP54.230.111.126:0
Hash509b685af567fa3397e0b034040daebd d67e2a553c68124f6bd4a8d85ae09a8a476540f9 d71e828308bff6e81af2e39fd0258c73ea281d3c78a08d8545c8793462457001
GET /5.0.5/includes/themes/custom-charlesschwab.css HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Tue, 21 Mar 2023 08:25:43 GMT
last-modified: Tue, 21 Mar 2023 08:12:20 GMT
etag: W/"8b513f55ad39c7969666a47b8c35e232"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZezG972X5Gym5Lnp-LMNPVSYE2AZ-JbtBIyVVfdZWH_rV_W92eYnTg==
age: 8732
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/paramount/js/6055.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js | 54.93.114.218 | 200 OK | 134 kB |
URL HTTP/2schwab.bynder.com/v7/paramount/js/6055.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js IP54.93.114.218:0
Size134 kB (134132 bytes) Hashec8a0e09a2cc1dc9373c6df61068e3e4 7e72947c3d147f62afb6f372cc11b2d0bb6cbe2c e17b20457d18454da795dbaa6a578c6baf7cd2427c40f5371514ae855a3226ea
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/paramount/js/6055.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:16 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 21 Mar 2023 09:31:26 GMT
vary: Accept-Encoding
etag: W/"6419796e-5e8b0"
expires: Wed, 22 Mar 2023 10:51:15 GMT
cache-control: max-age=86400
content-encoding: gzip
x-api-correlation-id: 7d1b1cda-a05f-95bd-9e0f-73eb856e32f0
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/paramount/js/df-26.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js | 54.93.114.218 | 200 OK | 9.0 kB |
URL HTTP/2schwab.bynder.com/v7/paramount/js/df-26.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js IP54.93.114.218:0
File typeASCII text, with very long lines (8893) Hash970de9e65a867b98d252e296980a85ac bb3143f4e471a9f0da0ca53e950692bdb4361be6 b16498666346f8e0810b3b191f86ac0405f7a452ff009c7e072f187f90f113bf
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/paramount/js/df-26.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:16 GMT
content-type: application/javascript; charset=UTF-8
content-length: 8975
server: nginx
last-modified: Tue, 21 Mar 2023 09:31:26 GMT
etag: "6419796e-230f"
expires: Wed, 22 Mar 2023 10:51:16 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-api-correlation-id: 458fe86c-0920-6035-7132-2a790b75ad0a
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/paramount/js/8446.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js | 54.93.114.218 | 200 OK | 9.3 kB |
URL HTTP/2schwab.bynder.com/v7/paramount/js/8446.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js IP54.93.114.218:0
File typeASCII text, with very long lines (9255) Hashf3a732ccebc68620b1d1931aa7361ba7 6c1c32a26339e418e1468322368448e950e14c66 27a4c152fe63234c2dcc6f24f217e51564068f873c102f15154d76512eab2034
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/paramount/js/8446.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:16 GMT
content-type: application/javascript; charset=UTF-8
content-length: 9336
server: nginx
last-modified: Tue, 21 Mar 2023 09:31:26 GMT
etag: "6419796e-2478"
expires: Wed, 22 Mar 2023 10:51:16 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-api-correlation-id: 4dadb9bc-8167-c685-f7b2-3aba0e532583
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/paramount/js/3171.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js | 54.93.114.218 | 200 OK | 5.4 kB |
URL HTTP/2schwab.bynder.com/v7/paramount/js/3171.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js IP54.93.114.218:0
File typeASCII text, with very long lines (5315) Hash1513560e759bd8e50f3b0a64096c25c4 1f589fda3d3f38fb56a4319eaff0e9c98608c440 5addd522e8dc2e36dbc32196369b7a2a4d5235e2a1964bc86c4481e304c174d7
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/paramount/js/3171.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:16 GMT
content-type: application/javascript; charset=UTF-8
content-length: 5396
server: nginx
last-modified: Tue, 21 Mar 2023 09:31:26 GMT
etag: "6419796e-1514"
expires: Wed, 22 Mar 2023 10:51:16 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-api-correlation-id: bf431832-796c-fc1e-563f-6e267f2b8920
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| sentry10.bynder.cloud/api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.43.0 | 34.246.144.243 | 200 OK | 41 B |
URL HTTP/1.1sentry10.bynder.cloud/api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.43.0 IP34.246.144.243:0
File typeJSON data\012- , ASCII text, with no line terminators Hash2b27106e0e159b41feec78e347f83780 81bc74fad91369fee1c83fc7a5c65b648d6c09db d558901543034ba1d3f7bdd2448b84acd7c61ffd7cd50b0671ede8a23d8c60a0
POST /api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.43.0 HTTP/1.1
Host: sentry10.bynder.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://schwab.bynder.com
Content-Length: 18208
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-origin: https://schwab.bynder.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
Content-Type: application/json
Date: Tue, 21 Mar 2023 10:51:17 GMT
Server: nginx
vary: Origin
Content-Length: 41
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074a4e20-c43f-4c99-8ce9-d5a9c6cec458.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074a4e20-c43f-4c99-8ce9-d5a9c6cec458.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfd780a25511e0b884ca63b9f101e3043 5c9847347c321e27c861c3db5c07f8f447961220 58e76646f3c0867de8dd47ba2f6e3f934c9de33e950d5eeda25febf2638079c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074a4e20-c43f-4c99-8ce9-d5a9c6cec458.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6861
x-amzn-requestid: a01ef211-7414-4bef-adb4-9778e34747c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEG0G6NIAMFUpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64178091-173e51f01625d8ff270b2d0a;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yuzhVIDpMssMqAKAzq_7VuEsnuPZ7_ZwlSBUUO9PjSdo3S7R_EcZIg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f268a165a18929fd0a24a3189fbd16b2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:37:38 GMT
age: 47624
etag: "5c9847347c321e27c861c3db5c07f8f447961220"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/DecentStringFormatter/src/dsf.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/DecentStringFormatter/src/dsf.js IP54.230.111.126:0
GET /frontend/0.1.306/deps/DecentStringFormatter/src/dsf.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 12:26:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Mar 2023 17:48:06 GMT
etag: W/"7657e4cea36b3f539945dd6806a778ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: irv7ahnkeO4PvHPQ5q74YwFjeEU_POCNd8LcDdo-CNgPmK8CUBZlDA==
age: 61425
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/ | 54.93.114.218 | 200 OK | 0 B |
URL HTTP/2schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/ IP54.93.114.218:0
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /login/redirectToken/e2873f69-e758-43f4-983397648472c94b/ HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:13 GMT
content-type: text/html;charset=UTF-8
server: nginx
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-api-correlation-id: 5eb403d2-def2-84c5-d351-cf4810668788
permissions-policy: camera=(), geolocation=(), microphone=()
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/styles/css/notifications.css | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/styles/css/notifications.css IP54.230.111.126:0
GET /frontend/0.1.306/styles/css/notifications.css HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 02 Mar 2023 12:26:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 01:48:05 GMT
etag: W/"d3e516ab066a3ba28c390ec01e539df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AQ8nu9z8FrzTfShG7PpBquu9LHg0pyLFW7D_jVfp8ZzJvk5fkLxatw==
age: 32674
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js IP54.230.111.126:0
GET /5.0.5/includes/js/vendor/raven.min.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 21 Mar 2023 08:13:10 GMT
last-modified: Tue, 21 Mar 2023 08:11:03 GMT
etag: W/"31f5119987a4f726dfadef2b7582f453"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kMbjJf9MTmMmUOiV0w1QAOxGmvGvjxSmAphs8Pz2CDEqxTkwm36ZkA==
age: 9485
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.76/app.bundle.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.76/app.bundle.js IP54.230.111.126:0
GET /pynder/microfrontends/0.1.76/app.bundle.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 06 Oct 2021 08:31:53 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 04:02:08 GMT
etag: W/"a7b130e96dd023c809de237e5d776425"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v_7zLvQOVjuTUHO1cQiTwi4u6EXAp9bul4F7YXzyGC40BGNXidRLkw==
age: 24749
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/jade/runtime.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/jade/runtime.js IP54.230.111.126:0
GET /frontend/0.1.306/deps/jade/runtime.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 12:26:05 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 05:06:43 GMT
etag: W/"2a0eb3480991e8458fa6da469774bd78"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QrdJDyZfMeM68ceLhIlmzWYNQfNTnfORq5bMwQf2Mb4Ovm0sJZL6Zw==
age: 20735
X-Firefox-Spdy: h2
|
|
| schwab.bynder.com/v7/paramount/js/loginNotification.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js | 54.93.114.218 | 200 OK | 0 B |
URL HTTP/2schwab.bynder.com/v7/paramount/js/loginNotification.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js IP54.93.114.218:0
Analyzer | Verdict | Alert | openphish | Charles Schwab | |
GET /v7/paramount/js/loginNotification.e7f6368460891af8620eac09cccc87a43d278aab.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/e2873f69-e758-43f4-983397648472c94b/
Connection: keep-alive
Cookie: bynder=B2394E5F-0935-4CC6-A780BF4EDD1034B1; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 10:51:16 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 21 Mar 2023 09:31:26 GMT
vary: Accept-Encoding
etag: W/"6419796e-4997"
expires: Wed, 22 Mar 2023 10:51:16 GMT
cache-control: max-age=86400
content-encoding: gzip
x-api-correlation-id: bf3df5af-349c-7b55-2be9-3eecaa4d11ed
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://schwab.bynder.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/requirejs/require.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/requirejs/require.js IP54.230.111.126:0
GET /frontend/0.1.306/deps/requirejs/require.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 12:26:06 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 01:18:05 GMT
etag: W/"6da8be361b9ee26c5e721e76c6d4afce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6nKtYrGfCbdRNR_lnVRtK5cKMdMytTawXRSo1U5I_6sUEgg975h_qQ==
age: 34876
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/scripts/templates/components.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/scripts/templates/components.js IP54.230.111.126:0
GET /frontend/0.1.306/scripts/templates/components.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 12:26:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 03:18:06 GMT
etag: W/"3658cec2c1f9ccc46567f8982f0a14e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q_gGdykGQ1wmeM4-AgnmxokqJiAWMrjfsznTEwhFmY4iNEOwpRx5VA==
age: 27342
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/scripts/modules/base/requireSettings.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/scripts/modules/base/requireSettings.js IP54.230.111.126:0
GET /frontend/0.1.306/scripts/modules/base/requireSettings.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 12:26:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 03:18:06 GMT
etag: W/"4d6db042b7188ea978326dc05bddce92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XRGBmjU3LktfnWnigTOsdhFWK-cuaVl_PS4HWVZNpNfS8zH5pCen0g==
age: 27388
X-Firefox-Spdy: h2
|
|
| d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/jed/jed.js | 54.230.111.126 | 200 OK | 0 B |
URL HTTP/2d8ejoa1fys2rk.cloudfront.net/frontend/0.1.306/deps/jed/jed.js IP54.230.111.126:0
GET /frontend/0.1.306/deps/jed/jed.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 02 Mar 2023 12:26:05 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 21 Mar 2023 01:38:06 GMT
etag: W/"82f2c0a78039d8744e5f77402dc2313c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0zj5mkQVBk2JnhYoFzKSGEd_GgYKLqLB1MPnKKFEahtQ1fRLfCZ9Uw==
age: 33370
X-Firefox-Spdy: h2
|
|