r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8936
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 02:07:05 GMT
Connection: keep-alive
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
172.67.222.251200 OK 5.4 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (466), with CRLF line terminators
Hash ed755473ab7815524e4beda893025750
ab889e5623b4ea724548fc9f6d5329644f6c55cd
bf40540fc321118c694a18afa7e468505b9e722eacb53feefad457905bc01cb3
Analyzer Verdict Alert openphish Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/ HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7EmFKASiaHTbye0G02TRLShF9cYnz1NsFHf9c6CGcWQi2LJ2H3EVJD6SqEOKzzBjCjFCBFJjXn0r1eU%2F6iS1HEYnS2p4V7w%2BvMwMMkWfrCRjNztrqKcxgTm4OjvCluEW361XvJgOfnQX%2FQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ab09611c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5708
Cache-Control: max-age=122364
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:05 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:06:29 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 02:07:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:19:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2851
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WI4qpxfpGMl+3UXVU5lVi02/YqSNrCMbD59tjoEt4yqLYBrLfoVCo6kHhUxe5CFboG0Tfussnlg=
x-amz-request-id: H84NB9J72QTPN0VP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 01:42:19 GMT
age: 1486
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 02:07:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/css.css
172.67.222.251200 OK 658 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/css.css
IP 172.67.222.251:0
Hash b8e0523f47884490e8dd8d25335c1160
8805ce8da01ec802791550bcf1fc65c281cf96f8
f950644cdca8e5b60dfa41e35a0cfb40bd01055878dab34e3169c98e94b363f0
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/css.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: text/css
Content-Length: 658
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:44 GMT
etag: "14d2-638468ff-531b56e;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfren2jifwbdaCd8oDrRzdpbjkd39hvJRr2JwOM0F%2FZRcv3uW1TroFgTqsfxoEbfX9J3Z9dwh%2BZl0IzEtJsx5aCIWi2pAAj3K45QeYpp7DhylIy142O%2B6hQdDwOAroRlfbtO9lO%2BYmHc32o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adc9f31c06-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/nfcu-icons-599150400912c8247ee1872211972b2a.css
172.67.222.251200 OK 1.9 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/nfcu-icons-599150400912c8247ee1872211972b2a.css
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash 65b81dd5dc3129e7de261e4e154e8c9c
76ef6e94435ba8615cbd84e17a49d7e8936d3852
5b31ed79d5f3759fb3b32af2543756870f6ee8b81d6aae87b12f862272b121b7
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/nfcu-icons-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: text/css
Content-Length: 1892
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "27eb-638468ff-531b56b;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE2vw3pQiaFba1Sp3UV7MTMtoLiUHTWHH5uSG%2BTWjXDJtz6vZx0JsIGdcytqOi6UTYE%2FmeIpojJPhzjpEdJq9zgbk7NBLMYGIOEkZsGOQtqlWUgvAeUcMgIdWXml31qbokgDpPlyZRtQi28%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adcb44b4ff-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/all-599150400912c8247ee1872211972b2a.css
172.67.222.251200 OK 11 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/all-599150400912c8247ee1872211972b2a.css
IP 172.67.222.251:0
File type ASCII text, with very long lines (50194), with CRLF line terminators
Hash e625984b15bd12ed9b8cd85a99990ad2
a4241955bf78ae6809c39ed48cf8f07b9da2b512
7e12fa3353000af23bfd7c9129b6e8533b4f285e3367387ac443f1f5bb0671ea
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/all-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: text/css
Content-Length: 11007
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:44 GMT
etag: "c4cf-638468ff-531b574;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNAWublaIdUb7oycRLeufN12kRVWR%2FaW%2BZNEf%2B3vcsVqntb3JSa8aSGP8tjozmZwJrnf5VIoolNdyQNfZsgldqvbGiPGCN2YJTPEulw2f2D76hMWH7LjS6%2FpJkv%2FKPYKraONAJVGhRxoK7k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adcefa0b39-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/s_code.js
172.67.222.251200 OK 18 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/s_code.js
IP 172.67.222.251:0
File type ASCII text, with very long lines (954)
Hash 57231b4740b08ad5465d629b7e48955d
99945653b924fe4e2b29f1b79794a25e8cb8aae2
26b8ceca4e802045a5828cc200b7c9f56ec15fc0e7249b239bb2a0e916f51bc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/s_code.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 17956
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "b8fe-638468ff-531b546;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ej%2Fsq32zlZSGIOTmxM52Zifjb9b2dcZIruydaQ1sYmx0h6NJrdzyENSoO5HpwDv6NudB92qHkJlMv6jYHbYzUUlh%2Fmnq6QpIpTrq3RTUsvguD3y8BWBW7nQ7SsBl1mykvtFc7A1wW9sApkw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adc9fb1c06-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
172.67.222.251200 OK 22 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
IP 172.67.222.251:0
File type assembler source, ASCII text, with very long lines (384), with CRLF line terminators
Hash 29a86791a7518efabc7e40b55bb1405a
7347bcf28f8f286288a6209276f1d1f608eadafa
c942346cafbbce97838f5a9ea26413d6f2c3a12004e190c72dc2326b73a22d8c
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: text/css
Content-Length: 21835
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:44 GMT
etag: "21cdc-638468ff-531b566;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4lLv%2BfV3Eb5LnklPEdjcKM8RgJLVp%2BKO0Ww%2FGMTC9qDXFWGI615XNPPYK4moUYyrbrViYJUucCVKcQYtqDwa2yLxN0HNS3qY1WBdZySTANQ%2Fxy5Ke7XXEExjuUMq%2F0a8T9Zr9z%2BciLMU%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adcf33b521-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/nauth-599150400912c8247ee1872211972b2a.css
172.67.222.251200 OK 1.3 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/nauth-599150400912c8247ee1872211972b2a.css
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash 798605650e5e2901a56b6e2a03283fd3
b0af61971ce50e4f2abf3cc9aec4a5f1a5606460
a7b4cc299499a198de23b57ad5758b7dd462b911c595501c1275ac5d6429c9a8
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/nauth-599150400912c8247ee1872211972b2a.css HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: text/css
Content-Length: 1334
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:44 GMT
etag: "1208-638468ff-531b56a;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Vl9Pt5txA%2Bn9LQbDM63nCS2qwKCRbNY1WXF0sNlp3tNqW0uISW%2BQq5zb3sS3ImHzZ4qAypj0l0ruEvTFLmQRG2sEu5iOO6AULHbSILqPndqoDvxbbozXZ0YB4FhdHRFaxs7E0G5wxg6hA0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adc8ab1bfe-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/recaptcha__en.js
172.67.222.251200 OK 138 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/recaptcha__en.js
IP 172.67.222.251:0
File type ASCII text, with very long lines (549)
Size 138 kB (137483 bytes)
Hash 77cdb837800fca9dca04772c51c3a88d
d73f76d704b7c10fa9bbec2bb5d51bd603a167da
9aa44d5ef96dbd7540640dc45eb0b24e122a1a0a92c63e5474f34ff5db163796
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/recaptcha__en.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 137483
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:44 GMT
etag: "55f9b-638468ff-531b543;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuQL0FqKlbKlrYeBDmbyDL2LXtGesRnd98YRa2NgqqvMHIRv8j77TymfhAt%2FBHvjfZj9WkVi7hZ5528lVwMXzSIMOlcaxFTXGcSZo6GjkNuASibfdz%2Fi1qr9y9bteXVeWNCJEyPvFhJLiM0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9adc806fac0-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
172.67.222.251200 OK 1.5 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash 1a86176f2c88833e9dabbbbe766f8409
0259c57051d9c6089f63ed9af045e2c118dade2d
477353a4077e7f95aba065cb6d0bf868ed2f3af4a56c407bb6eeb4eb079c53cf
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/dropdown-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 1546
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "132c-638468ff-531b555;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34278
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5w6e6%2BeEK7VJPxfm47%2BQnZmq5iI3oJpwHq1%2FocloT8jBEKd9EWVIi2Ngn900MRN%2BrYWFgEj6Uipd6h0FyV%2Bni5x%2Fq1HYYcqfca8WEXs%2BSy8rl5TdbkOsp5s65uLsurOD4L4GHweJJOno4c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9add9ff1c06-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
172.67.222.251200 OK 86 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash e87f0ef1e4e373872e496b0dcca89433
f986b8adc0c1fb752fcacc609a757cd3493aabd5
a0693cbbb78165d55bea4cb96177babe076ddeba377b87605773cd7bbb2cf6dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/jquery-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 85688
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "48e06-638468ff-531b54e;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAftDIxNEKYe2XMPXBCqBiW1g8DVswyfNm3Fn8EksNAmE%2FPNjNF4JtWjuCSPyTHzhtRykfolY02bKgyUNbwvcBtvygQAhzV2HDI8rl9y9GkoJNFxS6GXP9x0ll7juASbtttfiuDjYXuqmDA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9addb4cb4ff-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js
172.67.222.251200 OK 2.5 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash f8614888610451b1c4e0016a05a902ac
65d030323066210a93b2a153d83cdc03f2c8cfc6
d553e5b5f1e9a999e7bc8625785507c7c311d753aede3acb53fcbe2425af0cfd
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/common-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 2498
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "1d3c-638468ff-531b545;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEu3mNToDGAQ3YylaKL4BfrWm9BwrtzZRfTF6L8zHTxrERkgU3twXYLTszAwb1GwN2ySbYd%2FSzUN5KD7%2B1wC2a6VpboelxNUkGGSwG7hF61GnaCEyLe7xc6sF0JGGlbzjYC%2FDnqMG8EEfSo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9addf070b39-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
172.67.222.251200 OK 782 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js
IP 172.67.222.251:0
File type HTML document, ASCII text, with very long lines (1213), with CRLF line terminators
Hash 9506101200c6e3ef3d3de3bf5ff1e7f3
1179096634ace29c378be78d819f23a893742529
aa93b1d73f0b88f880df468e1bdd51ee45a32e6839608bc0632e1281d87e9d34
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/keypad-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 782
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "cf2-638468ff-531b552;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34278
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elKlINsdpv%2FCcm6R6ZG6EO1Wf6ZMEV%2B1UaAMOdbdiLry%2F4AsJsmgWIeeAOyhe%2BW3LgKSGWEBFwbRkNrbxNfidw5mtV5wpYdzqesfLkgapacFldUHDMCPTSvHM01Rfr0t2%2BFfxDkE%2By1melw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9add8b21bfe-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
172.67.222.251200 OK 861 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash e1827f0e630abb3df3b1b09f60151710
b5cfe7dbd791ab73ca2bbefefb1aace022ab1fcc
f1a107da176734cee7cf9ba4c7889e0f19047dfb3545877896f1c97efc7892a3
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/cookieGenerator-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/x-javascript
Content-Length: 861
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "95a-638468ff-531b549;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y9447WRWKM0k2GtthRWBQR9IdsueUol3Tx0UXTxwk2vAqfZi0J5Ms7%2FQ2AI7%2Bsy0VBgbc3fNcSawTlmINDWlzrCPm2WztO0PLzmnwxIWYSfx8rQNCjIzjp2660iPPdmGDzcTHsKYuMC%2FnM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ae8a291c06-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js
172.67.222.251200 OK 1.1 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js
IP 172.67.222.251:0
File type ASCII text, with CRLF line terminators
Hash 40ebffa2ac7c3d11a5e12c0e2cc9893a
e8dd3b159cd41371e260d06f96d89190c7179dfd
d279facebbbfb2141abb7f63ddcc5bda7f860b68c03ac6e1b2fad7905e88813c
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/login-ec401aee041a200e3dd94ec7982f0f2f.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/x-javascript
Content-Length: 1073
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "d4a-638468ff-531b556;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrXrAVm4CeTel4cBp0ltILIXzKTD7OKSGESQAyQRvlURU6pDKober%2B2Aa3LKf1ZsPNGWkcc%2BYvm%2Falbz5UIgG5hdTsfOmNle8htObiSFT2o6%2FDxdV774D76%2F1tKEx2hzyTTkHI99sUeeNpo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ae8b94b4ff-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/api.js
172.67.222.251200 OK 558 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/api.js
IP 172.67.222.251:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 2a0fbeaff401daf7f8d961960efa46c4
8c4c3f2d10be69f7fb0fcb659e9232a03f7d7955
8d6f9522208a16b57d9930f7b2b0d828c91492d747c2d9cdd8915abe57842e63
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/api.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/x-javascript
Content-Length: 558
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "352-638468ff-531b571;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syYcllKkLZnyUbJhy0LeG%2FVGq9hGffYedx9iBfUj1u3GmKVxVmpLdJ3fJvjNxtp%2FUcZM6EmH8BaCyTxoCdnWpE%2B4oYk2458LrNJsH1JiY31NfH9trQQAU1v4VjXeVS%2FfaNW6lInbSMwEciw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ae8f790b39-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/le2-mtagconfig.js
172.67.222.251200 OK 5.7 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/le2-mtagconfig.js
IP 172.67.222.251:0
File type ASCII text, with very long lines (1788)
Hash 36eb654aef08e98c53c84daf3137e6f2
b5fa1486b0af186d956f18ee52bc0787d9ddc8b2
4872af9b656f713443c14dc3518111cd79244f41f59dcbc0800e2bd12c9d7aa5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/le2-mtagconfig.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/x-javascript
Content-Length: 5731
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "4e30-638468ff-531b54f;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfhvHXp3bCyb%2BIo1auImwIDUxR2l9d4W1cU0n9GGOBevqOrHJ8rcctFaEkIZRcV9hqNzoxTVd1%2BJa0fr8pd3UzDj6%2BT1hfcNSOrWU0seh2XW58s%2FPcyC0I%2BZlMJlOyeYOpKm4UroR18%2Fyo4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ae88dc1bfe-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/tag.js
172.67.222.251200 OK 7.5 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/tag.js
IP 172.67.222.251:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 3bdf59c9ec85ec43d46e5cf9edda2e96
a06ccc8d75554a7e44dd8ce9656e90420b42f38b
d964494995ee4b7de40b3569370e33773c447c759a21fbb3e746e53b61449b35
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/tag.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/x-javascript
Content-Length: 7541
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "5494-638468ff-531b572;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P05V6oM6tT2kRZbp1YsqyviqMdwkqFBzxk6GP7mGF1mLUQkOakDJi54pz%2F%2FdinFa1K7i2skr5PpDuZOUDyHiR416aGMFObRXEykuJDLZwllJJGw4rHlRFOJaGk8ii56a%2FB43YvhBp%2B494Po%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ae8f99b521-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
172.67.222.251200 OK 6.1 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
IP 172.67.222.251:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2618), with CRLF line terminators
Hash 6af0c59ecd24f7391c348485c3ef761e
2cad8139cbe910551a123dd55a3419e06694e432
472c03150b5eb8189c417c7dab141f653c9ce938226b14d9270f7641312df720
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: image/svg+xml
Content-Length: 6104
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:46 GMT
etag: "55ca-638468ff-531b576;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXhvMMzwhcDR%2Bvz6KGSTq9tJa%2F524LKaLZTxi%2FVoyoh2bc3Jm7Zy%2FobP5%2BHR4Hk1GE3nP43rAhnC7j1wTuKXbDjggQbpK07DVs6WObVmiY331%2BUSJynq3JYRKVTdjzVIVH71aIYOiehCqlQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9aedbbbb4ff-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
172.67.222.251200 OK 0 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
IP 172.67.222.251:0
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: image/jpeg
Content-Length: 185745
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:46 GMT
etag: "2d591-638468ff-531b575;;;"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNzT2yJDs%2B7mGhDHPb1NZNGz6vSpX6b6OFceKDgSolVvkCKPo%2FLIwGfMxZvAulpE6YdP7eWeGXRmi1WwyNkc72VSJDVHUJzQODWutkpeorci7ycwf2TdK17tTKLdwqxyVePvL8KO%2FEfOGcw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7717c9aedfb6b521-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a.js
172.67.222.251200 OK 471 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a.js
IP 172.67.222.251:0
Hash 17c9251f8ba70b81b8125fe62663bb02
a74b718f0b771124a67176bb1e555ad6bcc058b6
d75593736a6343634236915b30de716349ab0bda14c8a6102e3b3fb06233f0bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/x-javascript
Content-Length: 82655
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "4083f-638468ff-531b565;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34279
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8vq3doWIXguo8E7%2BjoqUFM30AYo0lOxW8hspblE36nxgPGFmydJ%2Fy%2B9DZvCJL9wpXL0fO7h%2BN0tdoSDayeJ5fEZ42xwNJqAxjdVDBXlvgj4n9TeiQstfABvR9sQzbI9X4PpKCELFSRbfjY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9ae9831fac0-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 17c9251f8ba70b81b8125fe62663bb02
a74b718f0b771124a67176bb1e555ad6bcc058b6
d75593736a6343634236915b30de716349ab0bda14c8a6102e3b3fb06233f0bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6418
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Last-Modified: Tue, 29 Nov 2022 00:20:08 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdf8fcc67ef5a6697d5b9e25088bb9e1
d7390ff89e205cc059d4466a4dcdcb66f5726c0b
99aab94597be8e161f919be17ad0a5b286a3263147c323fbb1ba20354f5b6d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1521
Cache-Control: max-age=171467
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Etag: "63855e24-1d7"
Expires: Thu, 01 Dec 2022 01:44:53 GMT
Last-Modified: Tue, 29 Nov 2022 01:19:32 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/f67c327263eti209967cda713cd843baa
172.67.222.251200 OK 72 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/f67c327263eti209967cda713cd843baa
IP 172.67.222.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 335f2776eaf4ca7eca9953d2240c3316
5f5702f072d8e721dd3557ccd2a0944b3cc58fa5
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/f67c327263eti209967cda713cd843baa HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Length: 72012
Connection: keep-alive
etag: "1194c-638468ff-531b55a;;;"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
accept-ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVqn%2FCOkh2Bom%2FyM%2FOw5qdG%2FkW%2BRafvdSWmcruJGSmzwV8tEHYEDW2CNMcLjy0bE1ansi%2FZTbuMjmIRgJ0VQVJhZlPqFvRHzIojNfqE5YQAb0%2BTwilRVrhMPIAKap3eyyT01Xno8vuVdNnw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9aeaa2e1c06-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15948, version 1.0\012- data
Hash c85615b296302af51e683eecb5e371d4
ff7c20b0947804c607759aa46eab666d94cf12ea
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:44:37 GMT
expires: Fri, 24 Nov 2023 16:44:37 GMT
cache-control: public, max-age=31536000
age: 379349
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16112, version 1.0\012- data
Hash 899c8f78ce650d4009d42443897aa723
d2e2faa9780b7fca5a5cb20a853dd7df55b3101e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:41:53 GMT
expires: Thu, 23 Nov 2023 18:41:53 GMT
cache-control: public, max-age=31536000
age: 458713
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm
172.67.222.251200 OK 116 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm
IP 172.67.222.251:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ab868ea2d57aa884dabacc0b5fe6e67e
7888951020722fea401a25c7064ce8e1c6b07c9d
fc5c15abbbcac24900d44a7ba4081648da8dc2d8688fafdcde7d2e5f575ab88d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIQLRmEKLMDs7fmykKgIK8xW%2B%2Fhv3yXwFmBiQGQYbV%2FlpeuRYZIAE6hHRl6Oi4c0BwaaO%2F5yRSATS5U%2Be8tG923HwkX7HqUdMZxQM862qYZVs0lsUEPqnl02bZ8n1j2H3y%2BIEBsp1URXV4s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b0886bb521-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 16b76d735c7e4906982ad178fe871d3b
a3da055c743cc922ee42c660b252f512849f872a
f6d66af6111c59ac82f7d0d9dc2cc22032d0b83186511b868395acf9b28d4fa6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87113
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Etag: "63841a93-118"
Expires: Wed, 30 Nov 2022 02:18:59 GMT
Last-Modified: Mon, 28 Nov 2022 02:18:59 GMT
Server: nginx
Content-Length: 280
my.navyfederal.org/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg
104.88.20.141404 Not Found 1.0 kB URL HTTP/1.1 my.navyfederal.org/NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg
IP 104.88.20.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1536cc36842f2165300106001ee4b19a
d3bd2ed7be7778ebb3fef66672f216982e1d2e45
4ece4a1ee577bdbd46f9f55ee93ad77713bdd635c5a547e575f230fca329ae42
GET /NFOAA_Auth/resources/images/Group5158-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP:
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Language: en-US
Content-Length: 1018
Date: Tue, 29 Nov 2022 02:07:06 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=63~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=20afa0dcfdeeb75848bcae16416a1e86; path=/; Secure; SameSite=None; Domain=.navyfederal.org
ak_bmsc=6B88CF77FA11F984EF1A39F493B53C43~000000000000000000000000000000~YAAQPDIQYBlvE3qEAQAAfksjwRHApGqppmJn8HNHLYksDFDOB2yXO1QSuyjQN6Z4R2MD20icS9iRLG3+/i9DBHlyP5OQlmgZQi/daj1ybxU9Q/Kb4qlaxBYnyPo/PtZ4kBf2JbwF+/CpGTQIQntad7GcAL4WojskeJe1C2+z04D91Bayphh4Uxz0klVxmpTF/KmDLWoc+Z5FPFEE7qQT+X8f1XKNMlwGPgs6rU7yIy64b4G/UT38RC22A/hNi64pt18HrqGWJSlGxLcDJaON80POEUkj8N4zHC4fSHEqDUkUnwiRnpOFgCyTAPFM1hpT4AUyITKg9vQ0Hu4HHGBw5LCyYEvyK5zgMYTZzUc2r3mPsyI1qEtz+amESVLBGAuNEknn2Q==; Domain=.navyfederal.org; Path=/; Expires=Tue, 29 Nov 2022 04:07:06 GMT; Max-Age=7200; HttpOnly
Strict-Transport-Security: max-age=31536000
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/icons.png
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/icons.png
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/icons.png HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdSbrSEee%2F2CieUggS5m37v5hsktGIOIygqLf29WX2I9mteFtJi4vwWgfF9iYOQL24bjzznAZ0u5wrQtcRDuCwrWXzVf88%2BEkM5UX5JORsqRpY9fepcCuMPIapcBIjcYaS2n3ab0jHUOGTI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b0995c1bfe-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/img-billboard-BG.svg
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/img-billboard-BG.svg
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/img-billboard-BG.svg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHDNHtcmO7wbf1nMgQrA%2B6yyxrdBezNxDLW8fgkNgWw2OA7xwlPwcozBwetApumeEK1d1Ebyv5a6Ozbc2KwR9ZwwKQ2soLoaKUfCMxcRahkG29uMWaWls6ulhisCqs5qY%2BMO5u33hlFdESY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b09c79b4ff-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/bg_globe.png
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/bg_globe.png
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/bg_globe.png HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPY2N4RfRxHK8TxkIbv8gDqfGPPxq570caSCI%2BQCNLsOIe7VavM3d3eyNRlcmiCBv0d7Sv4AXxx6sAXe%2FKGnIA5ve%2B4uAz7mEdm4Q8vlamWcgVYLhH21opc0F%2B8a6gh2n%2BbqkS%2F99TS1jLU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b09893fac0-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/toolTip.svg
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/toolTip.svg
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/images/css/toolTip.svg HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V3bEjipGJTpbd9IJtLiYkXXWGooL1a2xevpuWdBjQzGxhlVeqD6oIt4juK6LM4AuYUd5VGSgOqakGjSrMGud0iyD5yAWP%2BsPpIyEc%2FKFID%2FBFGKFt%2FIVMEvDdZcW8qFqnqjNIwvYYUIksg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b098260b39-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 3354
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/nfcu-icons.woff
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/nfcu-icons.woff
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/nfcu-icons.woff HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2xHnHFXKv%2BF%2B20LY2GikgV0Vaf%2B7Wp84YRKwJDko5BF1YklaP7QiRzcg8Z9GksIYwbP4O8vbX%2FTDoW69B8Q3B3almWUd0i9oMrBD9NYsZoAJZVgALeHjs9BjOboCyRopb1a0qDE%2Bo%2BqDcU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b0bad21c06-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm
172.67.222.251200 OK 116 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm
IP 172.67.222.251:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ab868ea2d57aa884dabacc0b5fe6e67e
7888951020722fea401a25c7064ce8e1c6b07c9d
fc5c15abbbcac24900d44a7ba4081648da8dc2d8688fafdcde7d2e5f575ab88d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so%2FaUYDgtlhBht6tWZMFRV0nkmod6NaXoBz6EqzQ3OK8T%2Bo9ymG8Cg%2BNyrUWAM3dxxTO7w0nx%2F0HPaqf22mWfyV9ACIEfeyNQW7WEgB6CmdrhSFoW4J7zKYaYQvJS5UqnY2DRa%2FGwHdHyYg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b2dd2cb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba180e86f06bc8c0b324db6c49ef9ecf
d5c05c61496c7cf7b772d789f5038d0547e94898
fd2344b5a5bf472fd260aae5135b5a7f61903db72d7ebbdbf98b5649ed0c2e60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 546
Cache-Control: max-age=92680
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Etag: "63842e30-1d7"
Expires: Wed, 30 Nov 2022 03:51:46 GMT
Last-Modified: Mon, 28 Nov 2022 03:42:40 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 886ef3f0739f32fad7714c0b7cdfd6f3
740a8d656210f0842a8fe52659b9251549707d46
c2a27ff581a9dffe103cb677e4dd531f2c686fd0e57bcfdaacb9f60bdbbfe0d1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 16:31:55 GMT
Expires: Fri, 02 Dec 2022 16:31:54 GMT
Etag: "740a8d656210f0842a8fe52659b9251549707d46"
Cache-Control: max-age=310487,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7717c9b27a4eb4f4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 886ef3f0739f32fad7714c0b7cdfd6f3
740a8d656210f0842a8fe52659b9251549707d46
c2a27ff581a9dffe103cb677e4dd531f2c686fd0e57bcfdaacb9f60bdbbfe0d1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 16:31:55 GMT
Expires: Fri, 02 Dec 2022 16:31:54 GMT
Etag: "740a8d656210f0842a8fe52659b9251549707d46"
Cache-Control: max-age=310487,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7717c9b27ac41c16-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 700
Cache-Control: max-age=112289
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:06 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:18:35 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/storage.htm
172.67.222.251200 OK 14 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/storage.htm
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32192), with CRLF line terminators
Hash 796c27cd02dd072f3698734435fff671
7e3757d06afeca281a8ba6ae5b698fa5788811cd
5dc4c90c4ee7f6c654c54916ea8e0eabdbfed2458108d0ad7a028613936256c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/storage.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqAxsuEfxuqT8qNpN1X2bF0jjcKZ1R%2FcUwpmn%2BTdCj7l6jHljsI%2FGYWQRtENavbtOy96xVHDR%2Fd1VrgPdyQMA2oUpu80UNm5uUCQD3Pm%2B4r59Qg17%2FSd1dclGo7Qw5rZd4%2BEvPHJqeCmbgY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b299f71bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.woff2
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.woff2
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.woff2 HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2ONE7842pbo0nGO%2Bb7GfW%2FZh6UC1grl6c%2B0X7e%2B3GaCBzSQTP3RuaUIHn4ZhIIlyGZ4UctstXATOizerpALdn%2FiNJeTqORG%2FVg%2FNl1jqJv%2FBacsuIf8NRcM4686s8MKF9Fox6vl%2FSzomZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b1e90fb521-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm
172.67.222.251200 OK 116 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm
IP 172.67.222.251:0
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ab868ea2d57aa884dabacc0b5fe6e67e
7888951020722fea401a25c7064ce8e1c6b07c9d
fc5c15abbbcac24900d44a7ba4081648da8dc2d8688fafdcde7d2e5f575ab88d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/a_003.htm HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy5%2Bz5HCkq3Uo8MlBDs0WGOrNYj3lavl9I74yZ6NEVZai1K6np5VLQ6f7ISb%2Bk994cVPwBetPOyQAFq8nq24GFhDv64MikrCvlGea%2FT63ACQ3%2B6AyzrRKrkzOcq%2BaAtMj5ccrcPdhPjZIzU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b2d903fac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/nfcu-icons.ttf
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/nfcu-icons.ttf
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/nfcu-icons.ttf HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrBGq6yEd0rDAGiBKiYyvvWACIqmfudn0owVP5dHaNBvBEBVKbzmSAUMo4%2BEz8Snv9Q8ukjXKq5zOvu4hIawKc7lPn4VkUFjwjU8AZKqLj3GNJJ0usTDr8VQhFMgDX%2FElnAnbn0dvKAShSA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b328d70b39-OSL
alt-svc: h2=":443"; ma=60
my.navyfederal.org/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg
104.88.20.141404 Not Found 1.0 kB URL HTTP/1.1 my.navyfederal.org/NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg
IP 104.88.20.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1536cc36842f2165300106001ee4b19a
d3bd2ed7be7778ebb3fef66672f216982e1d2e45
4ece4a1ee577bdbd46f9f55ee93ad77713bdd635c5a547e575f230fca329ae42
GET /NFOAA_Auth/resources/images/contact-us-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP:
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Language: en-US
Content-Length: 1018
Date: Tue, 29 Nov 2022 02:07:07 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=80~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=f876820ea699c8e3b6d5486218117fd7; path=/; Secure; SameSite=None; Domain=.navyfederal.org
ak_bmsc=052414FB40E8D6F11CBF96F130910253~000000000000000000000000000000~YAAQPDIQYBpvE3qEAQAAQk0jwREknY8OEBXUCAP4nbXateKKFNE75S7u1Gan5W6QmikTsBbOBi+VrTimU6L7V2NkuZtLD8LHMt8VBzTFdl1tjNKlOjK8dX2AdnBlcqbZsGy/54HWMJfeTOJrw4dk8nxJ/drEK+tVqpR0PqYXvZt3iYMqmKK9zZk4i22ifUXlwo4wc4dGrvkEcZ539Joqlh27lpqiA8y84KjuSMUEpY+80JqmY9sPaJyZYF8yKdLBJyYRfrCHcdUPaJylg3Jxbm16MrdAQfcNTgBmbOlK0lLUnzAuvGLB+BsetbauDivJPXs28WirwOtSOZOMrbXklHHs8EhzUaG3LACSz+mk8WER/g/Pp1RrIRG92ttZqjlKAMM6Kg==; Domain=.navyfederal.org; Path=/; Expires=Tue, 29 Nov 2022 04:07:06 GMT; Max-Age=7199; HttpOnly
Strict-Transport-Security: max-age=31536000
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 60wCUJ2+VfiTXwiWs6UsNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z8R9SG3pH/fy9qWAh8bHjRXY9Eg=
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/bootstrap-select.js
172.67.222.251200 OK 25 B URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/bootstrap-select.js
IP 172.67.222.251:0
Hash 3f8372f15e761c5f9e4ed6515f744df3
81a6e71371d2a46f6116e045fce6feb258b2d9f3
61c08f21cca5983f6f115bd91b9cc97bd29ef835d1cabed197d79fa7e1e7bd76
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/bootstrap-select.js HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:05 GMT
Content-Type: application/x-javascript
Content-Length: 9053
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 16:35:45 GMT
etag: "7aba-638468ff-531b55f;gz"
last-modified: Mon, 28 Nov 2022 07:53:35 GMT
content-encoding: gzip
vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 34278
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD6SAz9aja5SJLXzVtXJBhAFV9ojEAK6b5uF2fesAlswvHOrsDXXGTNb0yC2g%2BqEZS3EpliDjj8hQMiKVvLrGQnywM2d4VDcVTnlZ57vpVF8X%2B3zeFmnChlkgqTuBvjTV5m22ng8az%2B763g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9addf3db521-OSL
alt-svc: h2=":443"; ma=60
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.woff
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.woff
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.woff HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhW5hf55XWCe%2FmJN6%2BKwIrhke8Foq9frdFXp05UhYzUPakBzbTekQRQ6UQ15P80vw1gARCL8nu3MWxkChh3V%2BpW3WPhOmbrBxfeD0QVQ7OphDqWIsxZp6h0UZYgQROImxM28Y9EEGmOUZDc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b46a28b521-OSL
alt-svc: h2=":443"; ma=60
www.navyfederal.org/images/spacer.gif
23.52.23.61301 Moved Permanently 0 B URL HTTP/2 www.navyfederal.org/images/spacer.gif
IP 23.52.23.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/spacer.gif HTTP/1.1
Host: www.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agileprofessional.com.br/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=80~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=f876820ea699c8e3b6d5486218117fd7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://web.navyfederal.org/images/spacer.gif
cache-control: max-age=86400
expires: Wed, 30 Nov 2022 02:07:07 GMT
date: Tue, 29 Nov 2022 02:07:07 GMT
permissions-policy: interest-cohort=()
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
web.navyfederal.org/images/spacer.gif
23.52.23.61200 OK 43 B URL HTTP/2 web.navyfederal.org/images/spacer.gif
IP 23.52.23.61:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /images/spacer.gif HTTP/1.1
Host: web.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agileprofessional.com.br/
Connection: keep-alive
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=80~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=f876820ea699c8e3b6d5486218117fd7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Sun, 02 Jun 2013 10:22:19 GMT
etag: "2b-4de29390cacc0"
accept-ranges: bytes
content-length: 43
cache-control: max-age=7776000
expires: Fri, 04 Mar 2022 14:24:11 GMT
content-type: image/gif
date: Tue, 29 Nov 2022 02:07:07 GMT
X-Firefox-Spdy: h2
agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.ttf
172.67.222.251500 Internal Server Error 2.6 kB URL HTTP/1.1 agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.ttf
IP 172.67.222.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3c32982e1f48797d87295a4237971f09
43f38c27234a49505e9bbbd73bd47c2ba47c0ec8
6790fb9a42b6e2ea88a55f1f86db97ce8bef7aeb16be9567831580aeeb1391e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/fonts/sourcesanspro-semibold-webfont.ttf HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agileprofessional.com.br/wp-content/auth/a2b30b3ceecf4682f6334cd0731514cb/index_files/responsivemain-599150400912c8247ee1872211972b2a.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 29 Nov 2022 02:07:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
vary: Accept-Encoding
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2WHDsTXyD%2BqrGy0A00%2B7hGCVRWUJuJyJbazTnbFIhmDIHe7X42eibCD8I9oCrQ8X8VJwF67TtoX9qmE6h3JB85n7EUlwQ1XTg4bWb3XA4BrME85MSlkE9PpTJI7%2FVF4qWOpjjhHa2NJqnI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7717c9b66af1b521-OSL
alt-svc: h2=":443"; ma=60
my.navyfederal.org/NFOAA_Auth/favicon.ico
104.88.20.141200 OK 351 B URL HTTP/1.1 my.navyfederal.org/NFOAA_Auth/favicon.ico
IP 104.88.20.141:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1ff701ad319400203220d48758838e99
e603d649127b743e4c32988dd40cde0c0924c11b
4bb25e1c20ad9bb64afc21206c14f5c25140a4056b8bddc06ac554559d59c71e
GET /NFOAA_Auth/favicon.ico HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=80~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=f876820ea699c8e3b6d5486218117fd7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: image/x-icon
Content-Language: en-US
Content-Length: 351
Cache-Control: max-age=900
Expires: Tue, 29 Nov 2022 02:22:07 GMT
Date: Tue, 29 Nov 2022 02:07:07 GMT
Connection: keep-alive
Set-Cookie: my_dc=w; path=/; domain=.navyfederal.org; secure
Strict-Transport-Security: max-age=31536000
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f700a34fbaa5509fc98fa3e192f57174
1c2a4dbc974d066d387f71087f112dabf702be66
2fa1bb4c30ef1a1b899997a8038f2a4a4320117ce3c42e81475d143d5f110250
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 02:07:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:43:25 GMT
Expires: Sat, 03 Dec 2022 15:43:24 GMT
Etag: "1c2a4dbc974d066d387f71087f112dabf702be66"
Cache-Control: max-age=393976,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7717c9b90cfab4f4-OSL
agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa
172.67.222.251500 Internal Server Error 3.1 kB URL HTTP/2 agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa
IP 172.67.222.251:0
Hash 300547621f82ca9be78c182ac396590a
f7570cdedaa76f2fadd3ed3279981386f7803ffe
17342b164ffd1460191eda41522243fa5f83d0eccf8a03d7f46915798b8610fd
Analyzer Verdict Alert fortinet Phishing
POST /static/f67c327263eti209967cda713cd843baa HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1018
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
date: Tue, 29 Nov 2022 02:07:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV0pgRIQR2xc%2FkdGATIrDcaV277%2FJCdTRBZ8krVpj2p2P8%2BbYgoMi5kncs0du7fZfY49zjVTzd4QcW4RigFxXzwVgGPTIsC7kuHR8MP9hEk948pSGXR6PPwGFTzxgT%2BvcZGcFkTvm2%2B%2BB7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7717c9b29cdfb500-OSL
X-Firefox-Spdy: h2
my.navyfederal.org/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png
104.88.20.141404 Not Found 1.9 kB URL HTTP/1.1 my.navyfederal.org/NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png
IP 104.88.20.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 726ecf2df6a19b5a3c655e4941eb5135
1fdf86a26d04338d4f5394cc852a5c8387d95048
d3ba0f9d4c73e11ca995ac01df41b72c0ba60290454319cac7232e90c535a98e
GET /NFOAA_Auth/resources/images/apple-touch-icon-72x72-precomposed-1d62888b4b662af9142e3c385f423f32.png HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=80~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=f876820ea699c8e3b6d5486218117fd7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP:
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Content-Length: 1941
Content-Type: text/html
Content-Language: en-US
Cache-Control: max-age=900
Expires: Tue, 29 Nov 2022 02:22:07 GMT
Date: Tue, 29 Nov 2022 02:07:07 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
ak_bmsc=B68D796396B3CC20034B7E5DC0041D76~000000000000000000000000000000~YAAQPDIQYBtvE3qEAQAAhFAjwRETnyaggffyLpHRGu/EPAWL7P8N8Gphy8Y7LOYT/Cxyl9K5TiKppTc2Wb6v1Txzz9HYYMHKCSsjaG0ORO5sbKTO/Kcl60HEVzB6kGs4RIYS6Mj1FGw7MSnjRMmHlyh9a3tLCTin6GVaPgC+gA3TN+njLQ03MnERU+NkDUxBzUd/U/NcH4aMkUQ8xciNoQYECQZR8sMCTceagnsk5V40JpuvaN2AdaiGeDO3M/N/aI+/4J67LBavl2nnWFYnmNhVfgXFjKElXhb8KGOoc0uk0+I/BwH8xpNnWAw936qF0IMy9EcgqvDYNM9Uz3Jxrs/wr6TVWG2DGuIbWQoT3DJr4UF2gkh3oYCqmA9N0qpKl5MigA==; Domain=.navyfederal.org; Path=/; Expires=Tue, 29 Nov 2022 04:07:07 GMT; Max-Age=7200; HttpOnly
Strict-Transport-Security: max-age=31536000
lptag.liveperson.net/tag/tag.js?site=11478817
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=11478817
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=11478817 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 02:07:07 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js
142.250.74.163404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 42ce5054207c737a4539726fff1cea32
338e12cc1019e8e080cdb985f9afc817b0eb76b8
54a34b914df3e1ca89045c816c2080c66586977a941d241209038047f1ffea5c
Analyzer Verdict Alert urlquery Phishing - Navy Federal Credit Union
GET /recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 02:07:08 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7518
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 02:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7518
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 02:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7518
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 02:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7518
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 02:07:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oW4xFfsPp-Jmf28Uc88iZ2jLgtMRjn2gW0orrJ4K201r6Y6OlHkacQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:51 GMT
age: 15617
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: 9f657586-a44e-46f0-8c38-f1bf26142486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVOlEE6ZoAMFUPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852aed-1da2400f4165dd553418f8b9;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:41:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mqdz1NhVCqmSrhYLIF0miDzrBiS82SUU6ZRFzDMllbCwS70hC0rMRQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 15613
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 66546
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:45:02 GMT
age: 76926
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 15613
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 80403
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 188ce7fb39c8ab0fa084c78a1be62d99
91f3e74cd3ce0023a33d6a477f6e336ad6f299cf
aa4850f46340fd9337bafcee10cfb26f7407fb10bb575aac6bbd4aff04e09db0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4308
Cache-Control: max-age=114448
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 02:07:08 GMT
Etag: "63847488-1d7"
Expires: Wed, 30 Nov 2022 09:54:36 GMT
Last-Modified: Mon, 28 Nov 2022 08:42:48 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 471
liveengage.navyfederal.org/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=http%3A%2F%2Fagileprofessional.com.br&site=11478817&env=prod
178.249.97.98200 OK 16 kB URL HTTP/2 liveengage.navyfederal.org/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=http%3A%2F%2Fagileprofessional.com.br&site=11478817&env=prod
IP 178.249.97.98:0
Hash 6f7db87ffd08de984e251029bbab055d
803b274fca71e0ebc5bb3fd61b122c147ae9e0d8
4b9223498a4e1982c22856517660d06b370edc7ec2010bf2b4fc2ceee6e94b10
GET /le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=http%3A%2F%2Fagileprofessional.com.br&site=11478817&env=prod HTTP/1.1
Host: liveengage.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Cookie: akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=80~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=f876820ea699c8e3b6d5486218117fd7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 02:07:08 GMT
content-type: text/html
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Wed, 29 Nov 2023 02:07:08 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
my.navyfederal.org/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg
104.88.20.141404 Not Found 1.0 kB URL HTTP/1.1 my.navyfederal.org/NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg
IP 104.88.20.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1536cc36842f2165300106001ee4b19a
d3bd2ed7be7778ebb3fef66672f216982e1d2e45
4ece4a1ee577bdbd46f9f55ee93ad77713bdd635c5a547e575f230fca329ae42
GET /NFOAA_Auth/resources/images/Group5166-1d62888b4b662af9142e3c385f423f32.svg HTTP/1.1
Host: my.navyfederal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
X-Powered-By: Servlet/3.0
X-Frame-Options: DENY
$WSEP:
Last-Modified: Wed, 07 Sep 2022 21:50:18 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Language: en-US
Content-Length: 1018
Date: Tue, 29 Nov 2022 02:07:09 GMT
Connection: keep-alive
Set-Cookie: navyfed-opentoken=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-extracted=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-deviceprint=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-useractive=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-pingolb=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
navyfed-obo=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
SMSESSION=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
acctsvcs_dc=; domain=.navyfederal.org; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
my_dc=w; path=/; domain=.navyfederal.org; secure
akaalb_my_navyfederal_ALB=~op=my_100_wch:my_prdw|~rv=39~m=my_prdw:0|~os=ddcfe9c18a053d3068d757a21af73146~id=723a3a3d71a3dea723c8994efe2fd4bc; path=/; Secure; SameSite=None; Domain=.navyfederal.org
ak_bmsc=318DFD680B5C65DCC88D91E64894D735~000000000000000000000000000000~YAAQPDIQYBxvE3qEAQAAzlcjwRHame30IgL9FSmxDxpRPfpZCqk3Xj8uDsr1BDFfSt5LPps+4T4yMRGMkt2FOsBZkgs0o+8W22Y7yoUnWXZPUn5K537MHxq2lZGOI50g3m+uipLFHZ05YFAQ66RUdKqPx6a6o0LuRw7badlaXL5kkiujuRhCAXifIYdAcQg0HKjKAYZZI9o8Hgf9ITQNkGmc6ZooDfK9tWawKKf51DnPurHwchuMJwA3wFmRZESFPicGo9cwwKwA5ZeS1tXJdzSHUvkLp4MvOkC/I7Kkpr0ORfs2z8koU1WIbUr21J/ct/mexw6QsqnyBSM7dbdTF+brC/HwVAsuzVjFDEdjQ4D7EGZOhnB/3CekUwn5712yJGBopA==; Domain=.navyfederal.org; Path=/; Expires=Tue, 29 Nov 2022 04:07:06 GMT; Max-Age=7197; HttpOnly
Strict-Transport-Security: max-age=31536000
accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/11478817/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 02:07:07 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:32|g:ecb1cde9-204d-4807-a2ba-5064de65def5; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
ADRUM_BTa=R:32|g:ecb1cde9-204d-4807-a2ba-5064de65def5|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/; Secure
ADRUM_BT1=R:32|i:2241585; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
ADRUM_BT1=R:32|i:2241585|e:9; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
vary: Accept
expires: Tue, 29 Nov 2022 02:08:07 GMT
x-envoy-upstream-service-time: 2
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/11478817?&cb=lpCb29276x66090&t=sp&ts=1669687628095&pid=4094868983&tid=1992623514&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2Fa2b30b3ceecf4682f6334cd0731514cb%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/11478817?&cb=lpCb29276x66090&t=sp&ts=1669687628095&pid=4094868983&tid=1992623514&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2Fa2b30b3ceecf4682f6334cd0731514cb%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/11478817?&cb=lpCb29276x66090&t=sp&ts=1669687628095&pid=4094868983&tid=1992623514&pt=Navy%20Federal%20Credit%20Union%20-%20Our%20Members%20are%20the%20Mission%EF%BF%BD&u=http%3A%2F%2Fagileprofessional.com.br%2Fwp-content%2Fauth%2Fa2b30b3ceecf4682f6334cd0731514cb%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 02:07:09 GMT
content-type: application/javascript
set-cookie: LPVisitorID=EwZjk0YWU3NGQxOTM2OTYz; Expires=Wed, 29-Nov-2023 02:07:09 GMT; Path=/; HttpOnly
LPSessionID=P5wmgr3_QHq7189rMWYCqw; Path=/api/js/11478817; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa
172.67.222.251500 Internal Server Error 0 B URL HTTP/2 agileprofessional.com.br/static/f67c327263eti209967cda713cd843baa
IP 172.67.222.251:0
Analyzer Verdict Alert fortinet Phishing
POST /static/f67c327263eti209967cda713cd843baa HTTP/1.1
Host: agileprofessional.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1281
Origin: http://agileprofessional.com.br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 500 Internal Server Error
date: Tue, 29 Nov 2022 02:07:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwRoFImD7JOxjuosvt4N21PeQDtDKVmSJxk6OY%2B0ZFiErQTM4Na0cgBNY7e0BzyqdARCr%2FzfyoeI7JItLTNntcXwQT5PxDRgP1qwaxb%2Bsd66U7SnMRavhIs%2BT5jtsxVV%2F%2BMLEztFTmMAB1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7717c9b46d8cb500-OSL
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb32210x5391
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/11478817/configuration/setting/accountproperties/?cb=lpCb32210x5391
IP 178.249.101.99:0
GET /api/account/11478817/configuration/setting/accountproperties/?cb=lpCb32210x5391 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 02:07:06 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:32|g:4a4a45e0-92a3-4ddd-8a26-16da5b3b2939; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:36 GMT; Path=/
ADRUM_BTa=R:32|g:4a4a45e0-92a3-4ddd-8a26-16da5b3b2939|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:36 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:36 GMT; Path=/; Secure
ADRUM_BT1=R:32|i:2241585; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:36 GMT; Path=/
ADRUM_BT1=R:32|i:2241585|e:9; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:36 GMT; Path=/
vary: Accept
expires: Tue, 29 Nov 2022 02:08:06 GMT
x-envoy-upstream-service-time: 2
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.101.23:0
GET /lptag/api/account/11478817/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agileprofessional.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 02:07:07 GMT
content-type: application/x-javascript
set-cookie: ADRUM_BTa=R:32|g:4155eb5e-a2b4-4167-947b-d3aee3271890; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
ADRUM_BTa=R:32|g:4155eb5e-a2b4-4167-947b-d3aee3271890|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/; Secure
ADRUM_BT1=R:32|i:1758155; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
ADRUM_BT1=R:32|i:1758155|e:2; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
ADRUM_BT1=R:32|i:1758155|e:2|d:2; Max-Age=30; Expires=Tue, 29-Nov-2022 02:07:37 GMT; Path=/
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2