Report - c0gt.com/rbfcu/login.php

Report Overview

Submitted URL
c0gt.com/rbfcu/login.php
IP
198.211.100.39
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-11-13 13:34:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.linkedin.com	608	2015-06-18T18:10:03Z	2023-03-10T11:11:31Z	576 B	2.8 kB	13.107.42.14
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	4.1 kB	8.4 kB	142.250.74.35
cdn.appdynamics.com	3266	2017-01-26T21:49:30Z	2023-03-08T12:42:49Z	1.5 kB	85 kB	54.230.111.106
maps.googleapis.com	33876	2019-10-17T17:56:16Z	2023-03-10T14:06:43Z	1.2 kB	127 kB	142.250.74.170
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.186.209.73
www.rbfcu.org	97420	2013-01-20T05:34:29Z	2023-02-28T20:35:21Z	1.2 kB	473 kB	107.162.179.221
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-10T09:34:35Z	1.3 kB	14 kB	13.107.21.200
cdn.segmint.net	47091	2014-12-15T20:42:01Z	2023-03-03T13:53:58Z	1.3 kB	17 kB	54.230.111.99
rbfcu.org	63673	2014-04-11T22:05:27Z	2023-02-27T18:19:12Z	812 B	896 B	107.162.179.221
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	3.2 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	372 B	90 kB	142.250.74.168
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	54.230.245.39
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	61 kB	34.120.237.76
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	946 B	34 kB	216.58.207.195
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-10T10:16:19Z	373 B	4.8 kB	23.36.76.121
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-10T11:11:31Z	952 B	2.3 kB	13.107.42.14
c0gt.com	unknown	2022-11-12T17:45:44Z	2022-11-13T14:33:55Z	8.2 kB	471 kB	198.211.100.39
cdn.linkedin.oribi.io	unknown	2022-10-19T16:36:39Z	2023-03-10T11:40:01Z	1.9 kB	1.8 kB	54.230.111.112
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	834 B	627 B	142.250.74.174
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	1.7 kB	4.4 kB	23.36.77.32
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	589 B	699 B	142.251.1.156
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	1.6 kB	3.0 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-13	medium	c0gt.com/randolph-common.js?matcher	Phishing
2022-11-13	medium	c0gt.com/randolph-common.js?async	Phishing
2022-11-13	medium	c0gt.com/randolph-common.js?cache	Phishing
2022-11-13	medium	c0gt.com/rbfcu/login.php	Phishing
2022-11-13	medium	c0gt.com/rbfcu/vendor-scripts/additional.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/runtime.9d4ca3b7051e14c1983b.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/polyfills.8817abd40f028960e8fd.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/main.5c0bee6a0a555059e0ae.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/rbfcu-logo.svg	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/EHL-logo-gray.svg	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/NCUA-logo-gray.svg	Phishing
2022-11-13	medium	c0gt.com/randolph-common.js?matcher	Phishing
2022-11-13	medium	c0gt.com/randolph-common.js?cache	Phishing
2022-11-13	medium	c0gt.com/randolph-common.js?async	Phishing
2022-11-13	medium	c0gt.com/rbfcu/vendor-scripts/additional.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/runtime.9d4ca3b7051e14c1983b.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/main.5c0bee6a0a555059e0ae.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/polyfills.8817abd40f028960e8fd.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js	Phishing
2022-11-13	medium	c0gt.com/rbfcu/images/white-phone-header.4a066fd87a48426d8cf5.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	cdn.appdynamics.com/adrum/adrum-latest.js	111 kB	2023-03-07	2024-02-27
Pretty URL cdn.appdynamics.com/adrum/adrum-latest.js IP 54.230.111.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:15 Last Seen2024-02-27 00:41:08 Times Seen22 Hash deff3987ae725d726c0db6711bd5736f 0501d79c468f185c63590ac3c1a4918db7804d10 a4ea3de02f4ec1874478b152a09b89aecc2fc4f63ae2a4208ee8fb6585cebb11 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 15:49:39 Times Seen37040724 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maps.googleapis.com/maps-api-v3/api/js/49/6/intl/fr_ALL/util.js	159 kB	2023-03-08	2024-02-03
Pretty URL maps.googleapis.com/maps-api-v3/api/js/49/6/intl/fr_ALL/util.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:17 Times Seen7 Hash bfdc8d4fbb868aaa9c0c3a45f74e5a6d 077de4ef5d333a4bdef8a2f5e242179e106c33e0 edfe42faa7d83daff14230a76e2ca1ec897ff0cccae17f498d8caf69742e275c Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5B5PGN	294 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5B5PGN IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 11:39:01 Last Seen2023-03-11 11:39:01 Times Seen1 Hash d57ea790e15c2278c513fe9b978a7220 d10dfd3b6ccd6c3bfdf98f108b34ca493f98e652 0bc487611f974229c3c2e806b6679d67c1bfd6c803349ada3dc5e4a3a77a9b1c Loading...

	c0gt.com/rbfcu/login.php	512 B	2023-03-08	2024-02-03
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:16 Times Seen4 Hash 25e2ffb945f6f75fa5065bfed31bfff3 7b3392ea7d2370c4f789fa00ed327c259ed55380 1050aebd0da2e7d1d20bf2872f989777aac15c3d1a0ad9e215b05925db752e49 Loading...

	c0gt.com/rbfcu/login.php	1.3 kB	2023-03-08	2024-02-03
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:17 Times Seen4 Hash 4aa8b313e7c4ea0f0a58793675b50d54 fd4ee37eaba0f5e1cd560172270b6909206ff70e 6ef26abd0b90b7bd32d79241d463fde92487b215e627f120b02a5af28b44de79 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js	254 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:45 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 7caaf941be566b5a0ab845ebbe6fa41c 6baa9fd462731f60d53390e8e808bca815601226 b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc Loading...

	cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js	53 kB	2023-03-08	2024-02-03
Pretty URL cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js IP 54.230.111.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:18 Times Seen44 Hash ee4398c8c426d971ea29cbaa42d79f51 773ef3843708ffb4f357c5425820fff4be564128 ec18f578c88849b492d2199102714284f50cb3eba8c81f95da3876f82fb0438e Loading...

	rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684	1.3 MB	2023-03-08	2024-02-03
Pretty URL rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684 IP 107.162.179.221 ASN #55002 DEFENSE-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:17 Times Seen7 Hash 95b9a38bddcec6bd9559d092fa40b1dc 8f8752fc58aa88ec818e644b05d16130d13eb854 957b107162420ade69d24853d00350cd1b0d3ae629d29b740e96bffe6e337d0e Loading...

	c0gt.com/rbfcu/login.php	98 B	2023-03-08	2024-02-03
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:17 Times Seen4 Hash 872b465dd298a95f261d970292ee895f 19d0056edf0478ccd63122a9c4a2d9006f99e27c 8c35f0d7a4a7c39ff393a6ad7fda5d108a86c027888965472fcec7dd5aff983f Loading...

	c0gt.com/rbfcu/login.php	471 B	2023-03-08	2024-02-03
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:17 Times Seen4 Hash d739d83b8a97edf8be806868f81bcc74 15a38667c7d4118f926451b35d90e605aa52cc5a dd74b513868e475708edacfb17d84829493ca159a4d9f2336263e3cb57ff42ba Loading...

	c0gt.com/rbfcu/login.php	423 B	2023-03-07	2024-03-14
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:30 Last Seen2024-03-14 16:37:11 Times Seen40 Hash e5ec3ed84e563769d9fc2e1c5f0b5b38 b976aee8727fc5e6e44bfcc41c5285ecfa542068 4f969cab80eac365938b22ce9be07b10b2361485d8b3a6355ef11d4108edd9ab Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.rbfcu.org/tp/trustev.min.js	35 kB	2023-03-07	2024-03-14
Pretty URL www.rbfcu.org/tp/trustev.min.js IP 107.162.179.221 ASN #55002 DEFENSE-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:19 Last Seen2024-03-14 16:37:11 Times Seen7 Hash 3858449a29cb6e4c9674e676cb43800b 7cc943faf5439e4897e88933b9cff4fbb595b8b4 aeb978c283f75e5d28bded65b65f4bbf2c867414162039f8ded5b6b75eb1d94e Loading...

	cdn.segmint.net/segmint.min.js	16 kB	2023-03-07	2023-03-11
Pretty URL cdn.segmint.net/segmint.min.js IP 54.230.111.99 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:05:46 Last Seen2023-03-11 11:39:01 Times Seen1 Hash bb68f3a9974d3f6b01beaa828d97ccbc c3bf75a47a05369df9ff0cad756e15f143aa4000 7fdb8afc727d7ffe7284ffa9c67f54a419c5c05317cb4d7602651cd703f2f154 Loading...

	c0gt.com/rbfcu/login.php	1.1 kB	2023-03-08	2024-02-03
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:17 Times Seen4 Hash 749cd810f3a3b7cfdcf74f8a239d1e9e 5223f353f62eefbe7fd3b4b745611f47b3058b86 740f11b362647f80cb600b843bf8940edd79f576798397fcd5bdf0ee6968ed66 Loading...

	cdn.appdynamics.com/adrum-xd.ebf1620b3b847dfbf76f6e109dcacd8e.html	1.8 kB	2023-03-08	2023-03-13
Pretty URL cdn.appdynamics.com/adrum-xd.ebf1620b3b847dfbf76f6e109dcacd8e.html IP 54.230.111.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2023-03-13 02:35:28 Times Seen1 Hash 0ebd82aa0cfe52e27beecf45dc5e68eb becefa1680541f5de4397377c2d59185a14ba0a8 50a055ae350ab3901e3cd6a326d09b90dbb4245a6365e0f4ffe60c4de37091b2 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-13
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:42 Last Seen2023-03-13 04:47:26 Times Seen1 Hash ccebe282ded746fbb6ea21ac6a200a36 75bb7beb33754f5a6fc3bee95674aef319613501 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-08	2023-12-01
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-12-01 19:12:11 Times Seen33 Hash 4ffa93c7b72214cba0395e236738648c 89a3b99eebfa5ebcea11ba92e0e3e63f0007b6f9 492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29 Loading...

	c0gt.com/rbfcu/login.php	119 B	2023-03-08	2024-02-03
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:00:55 Last Seen2024-02-03 21:56:16 Times Seen4 Hash 2d8fa9912b6d00f8b4f6c479bf63a052 0052fda515fc2f080c65821cddac7df7fb569db9 6a93666a8f3dfadf6e22e192ff79e9e33a0d958da456ad5b7a4af457bef8f337 Loading...

	c0gt.com/rbfcu/login.php	370 B	2023-03-07	2024-04-23
Pretty URL c0gt.com/rbfcu/login.php IP 198.211.100.39 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:23 Last Seen2024-04-23 19:44:46 Times Seen2370 Hash b6b119180bcc96f40ecd5fd91140a032 07ea482d42ce34c40736cf054c23a544ef974853 11e7942e9444a650d26544955bded8ac1a733c296d3d3fc18158afcd4b6e6703 Loading...

	cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js	54 kB	2023-03-07	2024-02-27
Pretty URL cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js IP 54.230.111.106 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:55:15 Last Seen2024-02-27 00:41:08 Times Seen30 Hash 2f00c36a98a61ed5bacde3c5ad0a3efe b6fcd72181d79a4225bb7cd4288260fa9aa44624 9b0f859e5508780a810e47e772554395a5d2ae5e679c338df1b6cd600d69dad2 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js	170 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:19 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 0b9b4e5d1bc7a1ae4ca5568310adcc16 8cb5a2a559d5d30b15e5feadea686192f2474462 9c794b1db0cce54971541669b8c23bbe83b3406db2d70eecac666136e6627b93 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9a89048290cebd0762bf273ff887864a	77 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 12:09:30 Last Seen2024-04-21 15:50:43 Times Seen329 Hash 9a89048290cebd0762bf273ff887864a 87a7b34f9fdb6b33639a0bc71130f207f6f2d49c 47fb84282c9b85f0efcf0fb50cf1c470648332598816aa9e0ac8f373079463c0 Loading...

HTTP Transactions (94)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10643
Expires: Sun, 13 Nov 2022 16:31:19 GMT
Date: Sun, 13 Nov 2022 13:33:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4225
Expires: Sun, 13 Nov 2022 14:44:21 GMT
Date: Sun, 13 Nov 2022 13:33:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: NB6IHgnhcOuGyDNHhxBsvatCQ+8jHxjLCVQJA0fuixXDnSIrs7nf/Gnspo99BeJdlLJDS0nqj0E=
x-amz-request-id: 07KW0GNK1Q7HFYPT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 13 Nov 2022 13:13:26 GMT
age: 1230
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5910
Cache-Control: max-age=167755
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 12:09:51 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 13 Nov 2022 12:44:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2976
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 13 Nov 2022 13:33:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c0gt.com/randolph-common.js?matcher

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/randolph-common.js?matcher
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /randolph-common.js?matcher HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 13 Nov 2022 13:25:00 GMT
cache-control: public,max-age=3600
age: 536
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5B5PGN

142.250.74.168

200 OK

90 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (44551)
Size
90 kB (89583 bytes)
Hash
8a720ddf584d5b00729a7d172d533fa7
4b8169051148b7f8ceb1158d2c7059c203a2a83b
78eb74c313a71852933ebfc989ee59716ab2bb54ac61d2e4701aa4b009854d05

HTTP Headers

GET /gtm.js?id=GTM-5B5PGN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 13 Nov 2022 13:33:56 GMT
expires: Sun, 13 Nov 2022 13:33:56 GMT
cache-control: private, max-age=900
last-modified: Sun, 13 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c0gt.com/randolph-common.js?async

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/randolph-common.js?async
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /randolph-common.js?async HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/randolph-common.js?cache

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/randolph-common.js?cache
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /randolph-common.js?cache HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c0gt.com/rbfcu/login.php

198.211.100.39

200 OK

346 kB

URL HTTP/1.1
c0gt.com/rbfcu/login.php
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (424), with CRLF line terminators
Size
346 kB (346264 bytes)
Hash
a47c00a8054b34d4916c1a3e13b5da8d
50c710732efc4ec8f1f06af1355c1a39b71333db
6c6293106597c9330d85d8fed7bcbbc4a36d2786c67616bae955199e04b54201

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/login.php HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdn.appdynamics.com/adrum/adrum-latest.js

54.230.111.106

200 OK

40 kB

URL HTTP/1.1
cdn.appdynamics.com/adrum/adrum-latest.js
IP
54.230.111.106:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (644)
Size
40 kB (40203 bytes)
Hash
cd86db0f552897dc33e8433d0cf9bad2
676df314ca85d1418ffb110f3979c31281da027d
fd30f76d2b4bebd4b4bd680793a8a993b46a15808c0cea0533e629fc2990889f

HTTP Headers

GET /adrum/adrum-latest.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 04 Nov 2022 06:21:09 GMT
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:13 GMT
ETag: W/"6317b609-1b2d9"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Cache-Control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eeFmNaswrZyaJpKSxynrhrxyXk5ub1BFGkXrUy5UvWNLuPg4QP2MeA==
Age: 803567

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5538
Cache-Control: max-age=162314
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 10:39:10 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7474aa190ac8925376cf97954a58f7bd
11d19916b6fff3688ac99ad6a51780856dddf6b2
8d76c61301a1b2a123ea87787d8363093f23243304c533bcdcfe0ee038aaed94

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2882
Cache-Control: max-age=131611
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Etag: "6370461d-1d7"
Expires: Tue, 15 Nov 2022 02:07:27 GMT
Last-Modified: Sun, 13 Nov 2022 01:19:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
09e34f959d3013b2af3518d56b8c53e7
e612f651d8b2c01f88f0e744be414670e5515de1
dddd957b77e869966792ad4136361f5db4d6c7dba972634765ffcb81521541cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4175
Cache-Control: max-age=98674
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Etag: "636fc067-1d7"
Expires: Mon, 14 Nov 2022 16:58:30 GMT
Last-Modified: Sat, 12 Nov 2022 15:48:55 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

c0gt.com/rbfcu/vendor-scripts/additional.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/vendor-scripts/additional.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/vendor-scripts/additional.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/images/runtime.9d4ca3b7051e14c1983b.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/runtime.9d4ca3b7051e14c1983b.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/runtime.9d4ca3b7051e14c1983b.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/vendor-scripts/update-browser.js?vers=1

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/vendor-scripts/update-browser.js?vers=1
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /rbfcu/vendor-scripts/update-browser.js?vers=1 HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/styles.68bf2cfc87e31757b71b.css

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/styles.68bf2cfc87e31757b71b.css
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /rbfcu/styles.68bf2cfc87e31757b71b.css HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.googleapis.com/maps-api-v3/api/js/49/6/intl/fr_ALL/common.js

142.250.74.170

200 OK

69 kB

URL HTTP/2
maps.googleapis.com/maps-api-v3/api/js/49/6/intl/fr_ALL/common.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (550)
Size
69 kB (68766 bytes)
Hash
c704baaff1fa530a276a9ca0bc36aa08
bbec01a66b1a1e80b98ab9db021066cc00167c86
4c4f0f25e696538829debd79826beac49bb90959b2339f0645fdb7aee6afd627

HTTP Headers

GET /maps-api-v3/api/js/49/6/intl/fr_ALL/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68766
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 13:02:16 GMT
expires: Mon, 13 Nov 2023 13:02:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
content-type: text/javascript
age: 1900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC2AdLpShQk1DnoA0NHjCvvZQUevNDYHlQ

142.250.74.170

200 OK

56 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC2AdLpShQk1DnoA0NHjCvvZQUevNDYHlQ
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2464)
Size
56 kB (55543 bytes)
Hash
e51ea8be8118908cde1f6470a7d8f377
90b2c96074cd7d3d82e97847ffa272453f60263e
e8fc71d222650eeefd1b376bc672e44e949145e93d56c4034fca86cd005f7130

HTTP Headers

GET /maps/api/js?libraries=places&key=AIzaSyC2AdLpShQk1DnoA0NHjCvvZQUevNDYHlQ HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 13 Nov 2022 13:33:56 GMT
expires: Sun, 13 Nov 2022 14:03:56 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55543
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c0gt.com/rbfcu/images/polyfills.8817abd40f028960e8fd.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/polyfills.8817abd40f028960e8fd.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/polyfills.8817abd40f028960e8fd.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b33790131352e4338449c8802f5afb8
701decd98f4cb435d14266a0401e7daa2e85fbf4
ce99fbdcc954cadd06053f3ed2b85964ac232272a01081a1d82d310d0fdd0018

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150823
Date: Sun, 13 Nov 2022 13:33:56 GMT
Etag: "63709366-1d7"
Expires: Tue, 15 Nov 2022 07:27:39 GMT
Last-Modified: Sun, 13 Nov 2022 06:49:10 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uKyrEfR0Qdc1zaCx-0__syykxvET_Jovn4HI_6oEjoEM0eTAeEzbSg==
Age: 2309

c0gt.com/rbfcu/images/main.5c0bee6a0a555059e0ae.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/main.5c0bee6a0a555059e0ae.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/main.5c0bee6a0a555059e0ae.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:56 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

cdn.segmint.net/segmint.min.js

54.230.111.99

200 OK

16 kB

URL HTTP/1.1
cdn.segmint.net/segmint.min.js
IP
54.230.111.99:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (15549), with no line terminators
Size
16 kB (15549 bytes)
Hash
bb68f3a9974d3f6b01beaa828d97ccbc
c3bf75a47a05369df9ff0cad756e15f143aa4000
7fdb8afc727d7ffe7284ffa9c67f54a419c5c05317cb4d7602651cd703f2f154

HTTP Headers

GET /segmint.min.js HTTP/1.1
Host: cdn.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 15549
Connection: keep-alive
Date: Sun, 13 Nov 2022 04:36:27 GMT
Last-Modified: Thu, 03 Mar 2022 11:36:09 GMT
ETag: "bb68f3a9974d3f6b01beaa828d97ccbc"
Cache-Control: max-age:900
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G1l2UZavvUELz2aSLOlSItY7-v9a6anTNitS5XA--dQwZMTn7MwRgA==
Age: 32251

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y88s41IjWs4aRkOB2iEqYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V1xEGWIC8suSK996Wm6TTQ/nB14=

rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684

107.162.179.221

301 Moved Permanently

23 B

URL HTTP/1.1
rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684
IP
107.162.179.221:0
ASN
#55002 DEFENSE-NET

File type
data
Size
23 B (23 bytes)
Hash
a19aeef3f17fc180df7c905b652a27c0
3402e9d127a3f61ec8bd982778e6d2ae1ecff3ee
1b693620bb3c4ab97c52c6a5dd409b43f12a0f03b2dc31ac4e34759c27b6bc4e

HTTP Headers

GET /ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684 HTTP/1.1
Host: rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Location: https://www.rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!VSn7gZ+wcPhwu4AfAlrt/gAymWxGa9xSny0dy4ky7tCDf18i2TYlWLLwT71aGhxCbEOwVtfZ2ewKuqc=; path=/; Httponly; Secure
Via: 1.1 dca1-bit7011
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23
Connection: Keep-Alive

rbfcu.org/ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685

107.162.179.221

301 Moved Permanently

20 B

URL HTTP/1.1
rbfcu.org/ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685
IP
107.162.179.221:0
ASN
#55002 DEFENSE-NET

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685 HTTP/1.1
Host: rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Location: https://www.rbfcu.org/ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!Mp84xiCioSF4e3HhrnwYohVdbB9C8xAhruP+hOTqgxijYsYJldamSUOLGbpDHmjQvdUlQDVYk8fy1Fo=; path=/; Httponly; Secure
Via: 1.1 dca1-bit13027
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20
Connection: Keep-Alive

www.rbfcu.org/tp/trustev.min.js

107.162.179.221

200 OK

10 kB

URL HTTP/1.1
www.rbfcu.org/tp/trustev.min.js
IP
107.162.179.221:0
ASN
#55002 DEFENSE-NET

File type
ASCII text, with very long lines (35386), with no line terminators
Size
10 kB (10524 bytes)
Hash
bcae06b2c6f605d58163d4d64e28bf38
1df935c19be93c8d7fe2317e3549fc5d4a679052
489bb28550572a95ec05e2a010ee1384923f1f25e39e2c7f78263f22ad3e1bc7

HTTP Headers

GET /tp/trustev.min.js HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 476618
Content-MD5: OFhEminLbkyWdOZ2y0OACw==
Content-Type: application/javascript
Date: Sun, 13 Nov 2022 13:33:57 GMT
Etag: "0x8D93D40CF976310"
Last-Modified: Fri, 02 Jul 2021 10:04:41 GMT
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a6b4e3c8-401e-005e-4e0e-f3f3da000000
x-ms-version: 2014-02-14
Content-Length: 10524
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: ECAcc (dac/9C33)
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!jNDZjqhFtkLeXMIfAlrt/gAymWxGa+x+/sqAlVj6YqeaQc2gAa87xZxHJ6GnkHKEzuPD+cvo6LDB9LE=; path=/; Httponly; Secure
Via: 1.1 dca1-bit7011
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: Keep-Alive

www.rbfcu.org/ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685

107.162.179.221

200 OK

244 B

URL HTTP/1.1
www.rbfcu.org/ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685
IP
107.162.179.221:0
ASN
#55002 DEFENSE-NET

File type
ASCII text, with CRLF line terminators
Size
244 B (244 bytes)
Hash
a24fa1c1d5c6efd16b1db0ca174f8e38
c6e3bc30ec1d7f7438b95dc3df19f55148274f6f
35145df64e98e4d82bc8f2c89dac342e21ca59350bfd3a610a34c4a517cc1515

HTTP Headers

GET /ResourcePackages/chat/css/olb/chat-bundle.css?v=1655999950685 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c0gt.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Age: 3534
Date: Sun, 13 Nov 2022 12:35:03 GMT
Cache-Control: max-age=2678400
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
ETag: "b045e0f92753d81:0"
Content-Type: text/css
Last-Modified: Mon, 18 Apr 2022 13:26:56 GMT
Accept-Ranges: bytes
SystemID: AU-01
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3915
Expires: Sun, 13 Nov 2022 14:39:13 GMT
Date: Sun, 13 Nov 2022 13:33:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3915
Expires: Sun, 13 Nov 2022 14:39:13 GMT
Date: Sun, 13 Nov 2022 13:33:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3915
Expires: Sun, 13 Nov 2022 14:39:13 GMT
Date: Sun, 13 Nov 2022 13:33:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLWa-RphwZqiAmeqffmEE8Mmfsfs9ZYz0bmANBEc5Ru1--VKDL4Fsw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:45:55 GMT
age: 56883
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7867 bytes)
Hash
26249508ef18eac51cf62cf6e90339a4
a9922959c532dd26f21bda4f74ee1fa8496e862e
25075ef6337bae8e60412cdca98afbae6aca61d889aadce4cbad4a8522f4c4b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7867
x-amzn-requestid: e05d4978-6f46-4395-8121-4d969a222328
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqFWIoAMF01A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-4033150d0180e56e2965e26e;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDkJ7OIcS3FiDPufRTj5VtL5CMxbNN2o2Zq50QQ9UNeDw4uE4j3jrw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 56369
etag: "a9922959c532dd26f21bda4f74ee1fa8496e862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a71d85-6d34-4bb8-8293-97875c72aa74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9540 bytes)
Hash
221170365ec0ab6bb773472933bccb4e
2f8d80c36b9d52bbca60ddc946176b8bca2f05f5
c1fedf00b8a0defa4fada242cf3e28c90937bf5f1c10145aebb3494c5a0b5066

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a71d85-6d34-4bb8-8293-97875c72aa74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9540
x-amzn-requestid: 69c339ec-ac3c-49a4-8029-01d21a7f50b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: be3itHj1oAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f6c77-79d478af722a4ecf50a381a9;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 09:50:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uxbx0xudJDX6_72_MTyyW6R2FXmdfV_5APgpZhqG-6QIeE_yPdGxSg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 22:05:19 GMT
age: 55719
etag: "2f8d80c36b9d52bbca60ddc946176b8bca2f05f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2942789-3784-432b-a380-73951d12767a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8582 bytes)
Hash
93d4c9b75e8e21151056247b8a76e1d5
98eebc284e7a7817cc3397a40defaf7f2cc2f9af
621a65a13db5f93806e90094ca71a82eb586f383950278a0cbed3dba2a8fb9f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2942789-3784-432b-a380-73951d12767a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8582
x-amzn-requestid: e82ca80b-e945-4c56-a8f8-0c139aae8e86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqEh8IAMFeSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-400c01252ab480d9366a9410;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XhzX6HVmgnoesOaTa40kRgxZziVaT8odcVPIPfVT9Fa7zj0DoG5XBQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:58:03 GMT
age: 56155
etag: "98eebc284e7a7817cc3397a40defaf7f2cc2f9af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f5427e2-3528-4845-9f17-27540185ac8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5366 bytes)
Hash
715c6a18c1af63c346ae193038dd3892
c47f502cac855b004d351eea75c5eb93d98d9b0b
ab59d34f794e8fe8fae82e3a93140e0f887a40cfb24150008a904ca22f1995b8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f5427e2-3528-4845-9f17-27540185ac8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5366
x-amzn-requestid: 7d1ce6f4-2b63-402c-aa1e-5b13b1fecee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEI_FFkEoAMFa2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364bb93-19aa790f7dfd22b37ea89277;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:13:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: A6bUyiuS9O5z_Kciz_KH8w-pqCSYUkGvsRNzbrDBTfrh90JnFrOlew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 22:00:03 GMT
age: 56035
etag: "c47f502cac855b004d351eea75c5eb93d98d9b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11187 bytes)
Hash
4f181df0e475c123b46f016d3c0bbaa5
399ce32b1fdcdef9061bddb840663f35e39b919a
ed9ba753f718903cd997c027f58b63f41e32107367b22b03f964d7eecdf9ba16

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfc69f5-02e2-48e4-a7f8-345ee02dd656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11187
x-amzn-requestid: 475229e1-bbb5-43a0-8733-1140a99b6b6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIaqFFrIAMF7KA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364baaa-4261a60e57ae0c4d7a62e5e9;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:09:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JN1YNJmiZpeJsUVH5sQhYw2rZbvvzxVrt2IgDxHro9z3CfcFeVCGg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 06:02:58 GMT
age: 27060
etag: "399ce32b1fdcdef9061bddb840663f35e39b919a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684

107.162.179.221

200 OK

460 kB

URL HTTP/1.1
www.rbfcu.org/ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684
IP
107.162.179.221:0
ASN
#55002 DEFENSE-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
460 kB (460231 bytes)
Hash
304d0e0f232b1d1d39df127bccdf129a
a23badb72590f974079a9dbe054f88e1ea6dd793
6afa8e67b70448ea6d8ef67b2895351df5ef9a95e1f23c2ca95cdf3fa276cb54

HTTP Headers

GET /ResourcePackages/chat/plugin/olb/chat-bundle.js?v=1655999950684 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c0gt.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2678400
Content-Type: application/javascript
Last-Modified: Wed, 13 Apr 2022 21:19:19 GMT
Accept-Ranges: bytes
ETag: "8aa77b237c4fd81:0"
SystemID: AU-01
Date: Sun, 13 Nov 2022 13:33:57 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!3LMHQaEBV06/UK4fAlrt/gAymWxGa+EfhEFZtTEeSnFi2vkcM9JFivCdQ1QLd2YqIbeEl8VYlVpVg+4=; path=/; Httponly; Secure
Via: 1.1 dca1-bit7011
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

c0gt.com/rbfcu/images/rbfcu-logo.svg

198.211.100.39

200 OK

5.4 kB

URL HTTP/1.1
c0gt.com/rbfcu/images/rbfcu-logo.svg
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5383), with no line terminators
Size
5.4 kB (5383 bytes)
Hash
2d436455d162d3e00f0ca92055cef754
5b64a30fd987d469bd818fc8ed6a4ed89b873d02
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/rbfcu-logo.svg HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 13:33:58 GMT
Server: Apache
Last-Modified: Thu, 23 Jun 2022 22:22:44 GMT
Accept-Ranges: bytes
Content-Length: 5383
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

c0gt.com/rbfcu/images/EHL-logo-gray.svg

198.211.100.39

200 OK

1.6 kB

URL HTTP/1.1
c0gt.com/rbfcu/images/EHL-logo-gray.svg
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (364)
Size
1.6 kB (1613 bytes)
Hash
4c3e76f3539f8138ce127058adda3f16
3d24cf4b8ac04557b1cb49ba5200e06513bc5136
8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/EHL-logo-gray.svg HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 13:33:58 GMT
Server: Apache
Last-Modified: Thu, 23 Jun 2022 22:22:58 GMT
Accept-Ranges: bytes
Content-Length: 1613
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

c0gt.com/rbfcu/images/NCUA-logo-gray.svg

198.211.100.39

200 OK

105 kB

URL HTTP/1.1
c0gt.com/rbfcu/images/NCUA-logo-gray.svg
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1230)
Size
105 kB (104580 bytes)
Hash
0cea5f835834b0242132d38350ccba3b
15b2b81ab5910276eeec3a96b2089b67110666b4
3dff3ca4b7e7bdeb6a9ee2c92c7141a270ab5f2373304299a99339ef96454759

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/NCUA-logo-gray.svg HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 13:33:58 GMT
Server: Apache
Last-Modified: Thu, 23 Jun 2022 22:22:54 GMT
Accept-Ranges: bytes
Content-Length: 104580
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml

c0gt.com/randolph-common.js?matcher

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/randolph-common.js?matcher
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /randolph-common.js?matcher HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/randolph-common.js?cache

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/randolph-common.js?cache
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /randolph-common.js?cache HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/randolph-common.js?async

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/randolph-common.js?async
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /randolph-common.js?async HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/vendor-scripts/additional.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/vendor-scripts/additional.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/vendor-scripts/additional.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/styles.68bf2cfc87e31757b71b.css

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/styles.68bf2cfc87e31757b71b.css
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /rbfcu/styles.68bf2cfc87e31757b71b.css HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/vendor-scripts/update-browser.js?vers=1

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/vendor-scripts/update-browser.js?vers=1
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /rbfcu/vendor-scripts/update-browser.js?vers=1 HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c0gt.com/rbfcu/images/runtime.9d4ca3b7051e14c1983b.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/runtime.9d4ca3b7051e14c1983b.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/runtime.9d4ca3b7051e14c1983b.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/images/main.5c0bee6a0a555059e0ae.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/main.5c0bee6a0a555059e0ae.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/main.5c0bee6a0a555059e0ae.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://c0gt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 323991
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c0gt.com/rbfcu/images/polyfills.8817abd40f028960e8fd.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/polyfills.8817abd40f028960e8fd.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/polyfills.8817abd40f028960e8fd.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

c0gt.com/rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/scripts.8bd4377bc7fbc2f4bdbc.js HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://c0gt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 343587
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c0gt.com/rbfcu/images/white-phone-header.4a066fd87a48426d8cf5.svg

198.211.100.39

200 OK

1.7 kB

URL HTTP/1.1
c0gt.com/rbfcu/images/white-phone-header.4a066fd87a48426d8cf5.svg
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (845)
Size
1.7 kB (1653 bytes)
Hash
4a066fd87a48426d8cf5d81f2f1e7622
bc25e0aaa78aa736100d278b1a4beb5fa46db78b
2c0b8abef50020a91c0b8f07a8478c65eea5bd77446467b9a44ae1b1d98828b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /rbfcu/images/white-phone-header.4a066fd87a48426d8cf5.svg HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 200 OK
Date: Sun, 13 Nov 2022 13:33:59 GMT
Server: Apache
Last-Modified: Thu, 23 Jun 2022 22:22:38 GMT
Accept-Ranges: bytes
Content-Length: 1653
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:33:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json

54.230.111.99

200 OK

0 B

URL HTTP/1.1
cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json
IP
54.230.111.99:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /9c5f6414-c968-4bd7-a81b-b661f66a7000.json HTTP/1.1
Host: cdn.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://c0gt.com/
Origin: http://c0gt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Date: Sun, 13 Nov 2022 13:34:01 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LkkSM9mcY-0Zsqma7VIyYiz0tDKFvsxshhNAP4NblTt1h747QGesrQ==

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.121

200 OK

4.5 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12826)
Size
4.5 kB (4530 bytes)
Hash
806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 09 Nov 2022 19:27:04 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=73334
date: Sun, 13 Nov 2022 13:34:00 GMT
content-length: 4530
x-cdn: AKAM
X-Firefox-Spdy: h2

cdn.appdynamics.com/adrum-xd.ebf1620b3b847dfbf76f6e109dcacd8e.html

54.230.111.106

200 OK

21 kB

URL HTTP/2
cdn.appdynamics.com/adrum-xd.ebf1620b3b847dfbf76f6e109dcacd8e.html
IP
54.230.111.106:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1325)
Size
21 kB (21039 bytes)
Hash
35e6d393f4a0b19b763e29b83b5b2ee3
1de3084003c05eb4927df4ad7657eda349a336af
393bd60aec49eaa757296e378f03d09c2764c676d4b9272f0edc3582d6c6db4c

HTTP Headers

GET /adrum-xd.ebf1620b3b847dfbf76f6e109dcacd8e.html HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Sat, 29 Oct 2022 10:23:02 GMT
server: nginx/1.16.1
last-modified: Fri, 15 Apr 2022 21:40:36 GMT
etag: W/"6259e654-77c"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MUOtn_nN07cGoZOsoGaIISSJxeo5i_TZWs5mnx-Drqhf1SdbX0bzww==
age: 1307457
X-Firefox-Spdy: h2

bat.bing.com/bat.js

13.107.21.200

200 OK

11 kB

URL HTTP/1.1
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Size
11 kB (11421 bytes)
Hash
22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/

HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11421
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 21:23:50 GMT
Accept-Ranges: bytes
ETag: "077538f81f4d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=2303421BC0526D7639D65040C1056C5B; domain=.bing.com; expires=Fri, 08-Dec-2023 13:34:00 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2684BF1C8FB948D8B5B46235FA40CA47 Ref B: OSL30EDGE0311 Ref C: 2022-11-13T13:34:00Z
Date: Sun, 13 Nov 2022 13:34:00 GMT

cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token

54.230.111.112

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/2367698/domain/c0gt.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://c0gt.com/
Origin: http://c0gt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Sat, 12 Nov 2022 16:53:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Kec1CtZUEtoAi12WK9VSje_KqcJYzzyaf3GSzrifMv5NWDb2q9xwmg==
age: 74418
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token

54.230.111.112

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/2367698/domain/c0gt.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://c0gt.com/
Origin: http://c0gt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Sat, 12 Nov 2022 16:53:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KOmgONSHY7_n1OW6g7ypasje0Kl1EpLOW2jv7xrEp47qoebHPB5-yQ==
age: 74418
X-Firefox-Spdy: h2

c0gt.com/rbfcu/images/favicon/favicon.ico

198.211.100.39

404 Not Found

315 B

URL HTTP/1.1
c0gt.com/rbfcu/images/favicon/favicon.ico
IP
198.211.100.39:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /rbfcu/images/favicon/favicon.ico HTTP/1.1
Host: c0gt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/rbfcu/login.php

HTTP/1.1 404 Not Found
Date: Sun, 13 Nov 2022 13:34:00 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.google-analytics.com/j/collect?v=1&_v=j98&a=2098956231&t=pageview&_s=1&dl=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=1332247997&gjid=1857614703&cid=929090241.1668346439&tid=UA-6286893-1&_gid=1085712032.1668346439&_r=1&gtm=2wgb905B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=c0gt.com%2Frbfcu%2Flogin.php&z=1131142769

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2098956231&t=pageview&_s=1&dl=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=1332247997&gjid=1857614703&cid=929090241.1668346439&tid=UA-6286893-1&_gid=1085712032.1668346439&_r=1&gtm=2wgb905B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=c0gt.com%2Frbfcu%2Flogin.php&z=1131142769
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j98&a=2098956231&t=pageview&_s=1&dl=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=1332247997&gjid=1857614703&cid=929090241.1668346439&tid=UA-6286893-1&_gid=1085712032.1668346439&_r=1&gtm=2wgb905B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=c0gt.com%2Frbfcu%2Flogin.php&z=1131142769 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://c0gt.com
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: http://c0gt.com
date: Sun, 13 Nov 2022 13:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=4031169&Ver=2&mid=cb5d9094-569b-4b72-beb1-80cf1285b09d&sid=d419aa60635711edb76111f1ae3f3b66&vid=d419b600635711edb8ef813b85fba8c6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%20-%20Sign%20In&p=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&r=&lt=4186&evt=pageLoad&sv=1&rn=131006

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=4031169&Ver=2&mid=cb5d9094-569b-4b72-beb1-80cf1285b09d&sid=d419aa60635711edb76111f1ae3f3b66&vid=d419b600635711edb8ef813b85fba8c6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%20-%20Sign%20In&p=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&r=&lt=4186&evt=pageLoad&sv=1&rn=131006
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=4031169&Ver=2&mid=cb5d9094-569b-4b72-beb1-80cf1285b09d&sid=d419aa60635711edb76111f1ae3f3b66&vid=d419b600635711edb8ef813b85fba8c6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%20-%20Sign%20In&p=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&r=&lt=4186&evt=pageLoad&sv=1&rn=131006 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=167245E84006651301D257B3415164E3; domain=.bing.com; expires=Fri, 08-Dec-2023 13:34:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A831CFC987C343229520E9E1374EE605 Ref B: OSL30EDGE0420 Ref C: 2022-11-13T13:34:00Z
date: Sun, 13 Nov 2022 13:34:00 GMT
X-Firefox-Spdy: h2

bat.bing.com/p/action/4031169.js

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/4031169.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/4031169.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=198ADE8F32FC60003CF8CCD433AB61FB; domain=.bing.com; expires=Fri, 08-Dec-2023 13:34:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09EE3381B27F43898ADA8A750CF77E8E Ref B: OSL30EDGE0420 Ref C: 2022-11-13T13:34:00Z
date: Sun, 13 Nov 2022 13:34:00 GMT
X-Firefox-Spdy: h2

cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json

54.230.111.99

200 OK

161 B

URL HTTP/1.1
cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json
IP
54.230.111.99:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
8c239da2fb85196f49a8f207ae300041
2069a8a7b5b4d15a0a067274f5d39a124f31dc47
0aa159eea82ebc0d001771c5962ad5e577d5f73a5c0e728d5cbfd19eebfb5219

HTTP Headers

GET /9c5f6414-c968-4bd7-a81b-b661f66a7000.json HTTP/1.1
Host: cdn.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://c0gt.com
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 161
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Max-Age: 3000
Last-Modified: Wed, 11 Mar 2020 20:19:54 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 13 Nov 2022 13:34:01 GMT
Cache-Control: max-age=900
ETag: "8c239da2fb85196f49a8f207ae300041"
X-Cache: RefreshHit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yiI5ZK82vBIT1htUGiMcemlYXeQ5mtvkUSKKsj73lZOKL2r3eHLD9g==

px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1668346438963%26url%3Dhttp%253A%252F%252Fc0gt.com%252Frbfcu%252Flogin.php%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJ5uh7whNo-_AAAAYRxMmrrwDKyXj-yC5I8lAcQi-wpBg2hnieuU6cQ7I8Px1tjbZ4jorure17_xQ; Max-Age=2592000; Expires=Tue, 13 Dec 2022 13:34:00 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJHDBPpojoVuwAAAYRxMmrrDI_1pCQBjM7M6pDNlidxz2h4vtqP5sOdxC9GPdBAdzbXnWhi6BMFUQHocN3nIA; Max-Age=2592000; Expires=Tue, 13 Dec 2022 13:34:00 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&92c24ada-9c4f-4a63-82bf-f3aa7c999f3d"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 13-Nov-2023 13:34:00 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2416:u=1:x=1:i=1668346440:t=1668432840:v=2:sig=AQGTSxbQT4MkyCrrtEZEdeWdtvFe1KUy"; Expires=Mon, 14 Nov 2022 13:34:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtWizxiBzgsHD9PDxXkw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EAE4019F35E649D88C06396B57269800 Ref B: OSL30EDGE0220 Ref C: 2022-11-13T13:34:00Z
date: Sun, 13 Nov 2022 13:34:00 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1668346438963%26url%3Dhttp%253A%252F%252Fc0gt.com%252Frbfcu%252Flogin.php%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1668346438963%26url%3Dhttp%253A%252F%252Fc0gt.com%252Frbfcu%252Flogin.php%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1668346438963%26url%3Dhttp%253A%252F%252Fc0gt.com%252Frbfcu%252Flogin.php%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c0gt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&bfef23da-1092-4ffc-834c-cfd9b6c8c50f"; Domain=.linkedin.com; Expires=Mon, 13-Nov-2023 13:34:00 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221113133400d6818f8e-9397-47a4-8135-6522fa27b896AQFtnuZCcoDfxkA3l6aRqIvf18mx4TXR"; Domain=.www.linkedin.com; Expires=Mon, 13-Nov-2023 13:34:00 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjgzNDY0NDA7MjswMjHaQtjDB+PLPt5G40g+XMyzQwthpiqTVgbDpeAmIoxwkw==; Domain=.linkedin.com; Expires=Fri, 12 May 2023 13:34:00 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2430:u=1:x=1:i=1668346440:t=1668432840:v=2:sig=AQELrfCPYxUKlly9-BDbpAR669CL_aH8"; Expires=Mon, 14 Nov 2022 13:34:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtWizzxY4h58tTmQi6+w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 19E10C2A046A46DE86E551798A5D04A4 Ref B: OSL30EDGE0220 Ref C: 2022-11-13T13:34:00Z
date: Sun, 13 Nov 2022 13:34:00 GMT
content-length: 0
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=2367698&time=1668346438963&url=http%3A%2F%2Fc0gt.com%2Frbfcu%2Flogin.php&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://c0gt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&088cd530-9e62-4f4e-8c77-9e1e80523a66"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 13-Nov-2023 13:34:00 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2416:u=1:x=1:i=1668346440:t=1668432840:v=2:sig=AQGTSxbQT4MkyCrrtEZEdeWdtvFe1KUy"; Expires=Mon, 14 Nov 2022 13:34:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtWiz2H4pUGQkhOjuMuA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 02C7AB63C070486E8C467B4FEF4D562B Ref B: OSL30EDGE0220 Ref C: 2022-11-13T13:34:00Z
date: Sun, 13 Nov 2022 13:34:00 GMT
content-length: 0
X-Firefox-Spdy: h2

cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js

54.230.111.106

200 OK

20 kB

URL HTTP/1.1
cdn.appdynamics.com/adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js
IP
54.230.111.106:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (574)
Size
20 kB (20314 bytes)
Hash
cca1b9c013b93bd73bf4f55b122ba8db
ed011720d910a5b69db06ebaabcd95d013255752
d5ef573c9770681c3a75ec78445d0c785ca6659a0cf25f145ddfbae414b0b77a

HTTP Headers

GET /adrum-ext.c74f9315ac2eb17a0d3c4975c3deb222.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c0gt.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Tue, 06 Sep 2022 21:05:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 18:27:39 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"6317b608-d132"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JVtAVdmRj15Y9f51Pq4v0QS5lQ4m6dJJkjhL_vHs8IjEj1U0PoRMvg==
Age: 327981

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0df79cbc834bd5e53cf14431365341dc
00e5191435de6d5804d36e8db45d1858dfc67e62
6a4d0997ea345b437ad5f53d41699920f946ba31bbc2b01e005516485328d033

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6286893-1&cid=929090241.1668346439&jid=1332247997&gjid=1857614703&_gid=1085712032.1668346439&_u=YEBAAEAAAAAAACAAI~&z=2116346216

142.251.1.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6286893-1&cid=929090241.1668346439&jid=1332247997&gjid=1857614703&_gid=1085712032.1668346439&_u=YEBAAEAAAAAAACAAI~&z=2116346216
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6286893-1&cid=929090241.1668346439&jid=1332247997&gjid=1857614703&_gid=1085712032.1668346439&_u=YEBAAEAAAAAAACAAI~&z=2116346216 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://c0gt.com
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://c0gt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Nov 2022 13:34:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0df79cbc834bd5e53cf14431365341dc
00e5191435de6d5804d36e8db45d1858dfc67e62
6a4d0997ea345b437ad5f53d41699920f946ba31bbc2b01e005516485328d033

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 13 Nov 2022 13:34:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js

54.230.111.106

200 OK

0 B

URL HTTP/2
cdn.appdynamics.com/adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js
IP
54.230.111.106:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adrum-ext.ebf1620b3b847dfbf76f6e109dcacd8e.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 09 Nov 2022 03:15:57 GMT
server: nginx/1.16.1
last-modified: Fri, 15 Apr 2022 21:40:35 GMT
etag: W/"6259e653-ce76"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fKBdKVZL6h0oPgFv58Gf1rBUD9W8ua-qqt64mHQN7XCqR8YsHuYAXQ==
age: 382679
X-Firefox-Spdy: h2

maps.googleapis.com/maps-api-v3/api/js/49/6/intl/fr_ALL/util.js

142.250.74.170

200 OK

0 B

URL HTTP/2
maps.googleapis.com/maps-api-v3/api/js/49/6/intl/fr_ALL/util.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /maps-api-v3/api/js/49/6/intl/fr_ALL/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 58491
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 13:02:16 GMT
expires: Mon, 13 Nov 2023 13:02:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Jun 2022 18:11:35 GMT
content-type: text/javascript
age: 1900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 13 Nov 2022 13:33:56 GMT
date: Sun, 13 Nov 2022 13:33:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato|Open+Sans|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato|Open+Sans|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato|Open+Sans|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 13 Nov 2022 13:33:56 GMT
date: Sun, 13 Nov 2022 13:33:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 13 Nov 2022 13:33:56 GMT
date: Sun, 13 Nov 2022 13:33:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 13 Nov 2022 13:33:56 GMT
date: Sun, 13 Nov 2022 13:33:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token

54.230.111.112

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/2367698/domain/c0gt.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://c0gt.com
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Sun, 13 Nov 2022 13:02:20 GMT
access-control-allow-origin: *
cache-control: public, max-age=10153
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5v_UCpiXDc4YEMqJxBWbreMzFql6UWLqlQH6Dj6JZIQXU610A-LW1w==
age: 1900
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token

54.230.111.112

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/2367698/domain/c0gt.com/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/2367698/domain/c0gt.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://c0gt.com
Connection: keep-alive
Referer: http://c0gt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Sun, 13 Nov 2022 13:02:20 GMT
access-control-allow-origin: *
cache-control: public, max-age=10153
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: phdSyrhM8NLP9Zej9UrzhWH6qVg8KIYDLFUCQt97jR6Q3MDmg7BJuw==
age: 1900
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP