Report - schwab.bynder.com/default/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5

Report Overview

Submitted URL
schwab.bynder.com/default/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5
IP
3.64.23.253
ASN
#16509 AMAZON-02
Submitted
2023-02-01 12:21:57
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	887 B	54.230.245.110
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
sentry10.bynder.cloud	212095	2021-01-13T12:35:12Z	2023-03-09T22:22:16Z	579 B	338 B	54.220.104.64
schwab.bynder.com	446196	2020-05-17T20:15:09Z	2023-03-10T06:36:57Z	6.2 kB	249 kB	3.126.72.90
d8ejoa1fys2rk.cloudfront.net	unknown	2015-02-07T02:01:40Z	2023-03-13T07:57:38Z	11 kB	1.0 MB	54.230.111.33
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
d1ra4hr810e003.cloudfront.net	unknown	2015-07-20T04:57:11Z	2023-03-09T22:15:36Z	985 B	3.1 MB	54.230.245.4
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.217.224.186
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	60 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	schwab.bynder.com/default/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab
2023-01-28	medium	schwab.bynder.com/	Charles Schwab

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	schwab.bynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js	23 kB	2023-03-07	2024-04-15
Pretty URL schwab.bynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2024-04-15 13:50:31 Times Seen450 Hash 85b23b30cba499edfb22ad402f3d5d2b c0c960fd1448096f978fbd4c17cb19633f2e9ee8 3eca2f7a428c7d60d1649538e4552740ce043df021e618b32943481689a8cfaa Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	979 B	2023-03-07	2024-01-20
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-01-20 13:31:34 Times Seen119 Hash 3a5e38ef77f262527640bc474ece458b 32401b7b8bce51d7963241abbf35a5ee39e66e63 5cb331bdc72250fb65b19d72fee8cd038391f11755ab848f4377af9b6880800d Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	162 B	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:10:19 Last Seen2023-03-13 14:10:19 Times Seen1 Hash b111a563132bf893aa07379ea9aea38c fa2a31899c1e089278fc5d51f9d5e3bd80e0ac06 53015fc2880fc0e3d16dbfa2322ddc672a84740a58e1b53e6b8bcb44f4273df0 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	1.8 kB	2023-03-07	2023-09-23
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-23 11:53:09 Times Seen103 Hash d2e95cc6038f14909cadaaa8dcf8bbae 552b4e1d3d797cf6655252a0b0f01694efaa8076 a01428a517de361d8029a0190cd7e5c8f9dce57abf3dd79ac6b5c161571813b2 Loading...

	d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js	23 kB	2023-03-07	2024-01-20
Pretty URL d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/js/vendor/raven.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-01-20 13:31:34 Times Seen119 Hash 31f5119987a4f726dfadef2b7582f453 b0cea9847c6f3f947dd0fdfda2939770cb62a963 c5dc2422f4c771af9c04b8551071b818fbe483f989f64ac64c5bab75e2eb9eb6 Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jed/jed.js	38 kB	2023-03-07	2024-04-01
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jed/jed.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-01 13:24:47 Times Seen162 Hash 82f2c0a78039d8744e5f77402dc2313c 814c07b88863458862d8271407c5f6745103aed7 95fc8c01bd0cdfe47385582bdaa421848416bdf8a4331e5c3e1eeced4fb08d76 Loading...

	schwab.bynder.com/v7/paramount/js/8446.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	14 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/8446.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:19 Times Seen1 Hash 22c55cc0a5ff27c99fef1a049380c318 6fc1827fc43eb7251c4eb1150852ec7763c02a9b a7773a64d32390e7efe52acbf05eeb30bd7313e92a1551a2cde77f1ae8520c3f Loading...

	d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.76/app.bundle.js	39 kB	2023-03-07	2023-06-09
Pretty URL d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.76/app.bundle.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:32 Last Seen2023-06-09 00:52:49 Times Seen67 Hash a7b130e96dd023c809de237e5d776425 086c76def8120c50a978a421890919072b7154bc 6900e7c947fdb24b37909815e0c20d54b3cb1a0df228dab1607b0129d0eeaca2 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	396 B	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:10:18 Last Seen2023-03-13 14:10:19 Times Seen1 Hash 040ec0377ce2dda33b9c0c0a9295b6e5 e621af14488932347bc794d24725ffd2dfbd3d27 e90ae7580c4fdc3eea854e0ed16516842423fc95ad28935a99850acc54ae1acd Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/modules/base/requireSettings.js	7.0 kB	2023-03-07	2023-05-24
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/modules/base/requireSettings.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-05-24 15:45:58 Times Seen65 Hash 4d6db042b7188ea978326dc05bddce92 b555c277aadc20159d950ae4644c788557bae003 47e76ae7fb18b667cd9fc0ccc85daaef8d425703b32901c19b8322ddf1ae5ee8 Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jquery/dist/jquery.js	288 kB	2023-03-07	2024-04-18
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jquery/dist/jquery.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-18 13:12:26 Times Seen3660 Hash 23c7c5d2d1317508e807a6c7f777d6ed ad16c4a132ad2a03b4951185fed46d55397b5e88 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37 Loading...

	schwab.bynder.com/v7/paramount/js/paramount.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	18 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/paramount.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:19 Times Seen1 Hash e98d40dcca1e77a87d0cf60f50332705 059e179785ca09b4504ad9d92e980d56a4232649 8cfac32d026916a82235253369eb8db3b2e2ccac99db8cb2c5fdbd0fa6230fca Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/templates/components.js	106 kB	2023-03-08	2023-03-26
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/templates/components.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:59 Last Seen2023-03-26 13:02:06 Times Seen61 Hash 3658cec2c1f9ccc46567f8982f0a14e5 a2c23d50359b1441e3ab9eb8f53903573396573f 2d62c551c3dcf5c4e10d71ef4b46e533d364a1a536e6219c61aa1b6cf072ef1f Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 07:55:17 Times Seen36954732 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	schwab.bynder.com/v7/paramount/js/app.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	10 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/app.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:19 Times Seen1 Hash 5e133f6521d56c07a170a75f79b95fcf 5d8b008c3d0c14173d5f755c0f315dfef36eea88 623575ba4c7c3636d2ac5ff167290d14d0b3ae36da6569f082ef59510557500d Loading...

	schwab.bynder.com/v7/paramount/js/df-26.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	9.0 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/df-26.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:19 Times Seen1 Hash ff12556a5471970efcd3685e9245f792 78b6043f8e88368c506c1e78cd4cddeff17c99f6 c00020847c1e35d0e365f259843acbd97509b3603d9db72d8247824dd4fdd99c Loading...

	schwab.bynder.com/v7/paramount/js/loginNotification.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	7.9 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/loginNotification.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:19 Times Seen1 Hash 29a93ed40b834548e627b11732698d6b ee99a4c7fc087bbab61c19c169de5095a0f0d8e3 3563005bc3fff563c064bb6687f80987e929f48e03a23a116995243e0755c923 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	166 B	2023-03-07	2024-01-20
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-01-20 13:31:34 Times Seen119 Hash 7d25fec4ea8eeaea280a54537bf392b9 4e12e79cd9293b57d30e18eee66d0c65bca25437 7e497438da5801afa791e080fc2342063808600441e592cecce276a75033b819 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	107 B	2023-03-08	2024-01-20
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:59 Last Seen2024-01-20 13:31:35 Times Seen119 Hash a9f67c745c0d6636877ada341a94d568 15e273c5144fee4e0f24342224367911d1caf197 702de59f2222f3e57bbe26dfcef7caef455171e3f786102774117640b1c4f63d Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jade/runtime.js	6.6 kB	2023-03-07	2024-01-20
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jade/runtime.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-01-20 13:31:34 Times Seen119 Hash 2a0eb3480991e8458fa6da469774bd78 12c019b57b19de3517169618a53847c500a0e7cb b7787572213937cd403fb20ee5e8059f92b3169faae669bfb1c56309f868586b Loading...

	d8ejoa1fys2rk.cloudfront.net/static/38F8161A6FFB4F97B436D8FAB632965C.cache.js.gz	29 kB	2023-03-13	2023-03-26
Pretty URL d8ejoa1fys2rk.cloudfront.net/static/38F8161A6FFB4F97B436D8FAB632965C.cache.js.gz IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:04:27 Last Seen2023-03-26 10:15:59 Times Seen35 Hash 38f8161a6ffb4f97b436d8fab632965c b2d47e0ad8e57acc352ed1089f0ef51bb573384a fb93efeb99b6802a5a33d2e8a8a7efeec22a167d0f5c7cc985b133f88c7fb0ca Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	37 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:17:58 Last Seen2023-03-13 17:36:34 Times Seen1 Hash ce553020bf80e9641f56a36d36f12b2d 686e7c3f6a8916f46a57f4fe14b78db22f31960a 6d2ab06eb0b17d6c5fa8c71e3e1915540d556b372210f0f9c44405d61be58e48 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	1.2 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:10:18 Last Seen2023-03-13 14:10:19 Times Seen1 Hash dd75bcdf9d6f76f5b59eb687353bad18 fea0f1bd882545353328e04517f259081dbe8ff4 42e0bb4768f33113960d57d4f2440949bb06c27efc11a87d175a9c5992432443 Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/DecentStringFormatter/src/dsf.js	4.5 kB	2023-03-07	2024-01-20
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/DecentStringFormatter/src/dsf.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-01-20 13:31:34 Times Seen119 Hash 7657e4cea36b3f539945dd6806a778ee 2f241824768aa6b2aac27a90934f710445b0dfd4 49bb03efbcb94520720a6136f6b71e4e37cf5b3650cfd1f4eea800d416ae7d71 Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/main.js	21 kB	2023-03-13	2023-03-14
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/main.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:13:52 Last Seen2023-03-14 09:43:38 Times Seen1 Hash f28e906b44842b08bc6e4ceccc486ff7 838b3844b43c0a401ad563b987f24a59c9ea734f 5d138e02c0708002141443cd6bf68f509a33186cde341719c35843d93d02d644 Loading...

	schwab.bynder.com/v7/paramount/js/9669.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	20 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/9669.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:19 Times Seen1 Hash 0b612bbb65995e24758dcaba6e438999 c697252688a2e9910188582526947cd4becde66a df19f1679a589b092c093db488d7f015e5d234434863468c625adc8af0abc979 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	1.9 kB	2023-03-09	2023-03-14
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:38:42 Last Seen2023-03-14 09:43:38 Times Seen1 Hash 77a84d2df0f5ed75dff1f32701589abf 116f67c138b1323d7964e6afb58136fd137b0c01 42fd4baff679539edefd03360a1b2d329186bcfd9b9427c9f43024623bfa47f2 Loading...

	d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/requirejs/require.js	86 kB	2023-03-07	2024-03-27
Pretty URL d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/requirejs/require.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-03-27 22:07:43 Times Seen283 Hash 6da8be361b9ee26c5e721e76c6d4afce 6f53c895855c3743ac6fb7f99afc63ca5cdfd300 c6399de63c99f7311d2c2c603b19ad1d7f354119659bf362c1dbd4cd2eb6d019 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	949 B	2023-03-07	2023-09-23
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-09-23 11:53:08 Times Seen103 Hash 9d0e8cde7f6837d1c1720c4f707e5763 abe5b6151c70aa9befa53619bedc2af29dc3dd21 5bce870dd2d3aa3c96eb059cd26feae715f9544bc61d1f560c53dafc47381c4c Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	206 B	2023-03-07	2024-01-20
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-01-20 13:31:34 Times Seen119 Hash f5d896e5b06f3c58847b295d179c321a 237efc2fd08509ad0b9bd82d4b634eaa868fe160 fb3bf7851a97b8b734fec34a14e4d721a3c6bb3b9219bb6766b386641a92e868 Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	1.1 kB	2023-03-07	2023-09-23
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-23 11:53:09 Times Seen103 Hash 0c58a1443ebfc672a43fca19a38f5738 0b353067cdffb6910c30c9329233d53a23718915 659ec63a8f6bf14a5e819a1682178c9e65cc12f4b6cbf03a36bb03525227fbab Loading...

	schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/	436 B	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:10:20 Last Seen2023-03-13 14:10:20 Times Seen1 Hash 5a81281a07f03f18ec8a2c8683d45ba2 d4ddb4724ed2e659efadb7d2e821609d42fa0556 c16cb866224b7902672785c1f569d374b81abab1ba606270c9fe643673bf0869 Loading...

	schwab.bynder.com/v7/paramount/js/8383.c8fe83730db1fed668364dbf96904978f315961b.bundle.js	608 kB	2023-03-13	2023-03-13
Pretty URL schwab.bynder.com/v7/paramount/js/8383.c8fe83730db1fed668364dbf96904978f315961b.bundle.js IP 3.126.72.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:47:59 Last Seen2023-03-13 14:10:20 Times Seen1 Hash eef150a447f971f43af81acb388adb79 f8b33a41409bf6d87f362d877720811059cba85f d70a4fc0a3fba1235bb2d3e272f7e797a563d1537afb32c09bcf112036ee1635 Loading...

HTTP Transactions (50)

URL IP Response Size

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d465d2fe9bed3a99addf00353ea77620
cfd910940832fb251ae02f65cb47ad98611da41e
890a679fb11acefd878240fa22c89cfdf3721bf3da1262f7f717762902207fd0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 12:21:44 GMT
Etag: "63d936e8-1d7"
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7duFSSF8hp6Sb5Tqdx41qnK_1MpvKvBXgHqUXco1ncZt37D2b6jafA==

schwab.bynder.com/default/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5

3.126.72.90

302 Found

0 B

URL HTTP/2
schwab.bynder.com/default/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /default/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5 HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 01 Feb 2023 12:21:44 GMT
content-type: text/html;charset=UTF-8
content-length: 0
server: nginx
set-cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5;Path=/;Secure;HttpOnly
DEFAULTLOCALE=en_US;Path=/
location: /login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-api-correlation-id: 25edac30-8828-3d6c-d651-887a88a5ff28
permissions-policy: camera=(), geolocation=(), microphone=()
X-Firefox-Spdy: h2

schwab.bynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js

3.126.72.90

200 OK

6.8 kB

URL HTTP/2
schwab.bynder.com/includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (22928), with no line terminators
Size
6.8 kB (6764 bytes)
Hash
88f8187f733dfcf72b1cebb49c647fbf
1805b59809886da0d009b71ad8b3622f114a0ea0
4933ff7d9ab07218cb3040f9d4faa04e9acbdbaa5c446dac603f0b8cbb415627

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /includes/node_modules/historyjs/scripts/bundled/html4%2Bhtml5/jquery.history.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:45 GMT
content-type: application/javascript
content-length: 6764
server: nginx
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 10:41:17 GMT
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-api-correlation-id: 62835e13-5b26-e198-4fbb-430a69f716b9
permissions-policy: camera=(), geolocation=(), microphone=()
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz

54.230.111.33

200 OK

29 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (29248 bytes)
Hash
5b2b1a70f05bdc1020e6c98688e176b2
f228baecdccc7d894982daa91e9a14c4e4f31264
e3b9a74a2a000401ef377ca3f7edcb36d731760882237ba0ede05c4972e6381e

HTTP Headers

GET /static/2DBD3D4F5568D5611B91725F6DD849E4.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 29248
date: Tue, 31 Jan 2023 20:32:39 GMT
last-modified: Mon, 30 Jan 2023 15:57:22 GMT
etag: "5b2b1a70f05bdc1020e6c98688e176b2"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: idS42WJn-C69rJk5BfH3YSdbnY_OjcdrINzFmlLHbq08rCuBn2esCA==
age: 56947
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/38F8161A6FFB4F97B436D8FAB632965C.cache.js.gz

54.230.111.33

200 OK

9.4 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/38F8161A6FFB4F97B436D8FAB632965C.cache.js.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1896)
Size
9.4 kB (9388 bytes)
Hash
9fbe96775e1aa34ae5c8ece3f9855498
82c3523f6aec57ac372ebbd3635ad7beead5ad36
65b7e394fe4400925c852fc4904f98ab465e5f1628c34a0c0f2b16980d14fa49

HTTP Headers

GET /static/38F8161A6FFB4F97B436D8FAB632965C.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 9388
date: Wed, 01 Feb 2023 09:30:22 GMT
last-modified: Wed, 01 Feb 2023 09:28:18 GMT
etag: "9fbe96775e1aa34ae5c8ece3f9855498"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _xNWxLBx-MPHUI5G_be7OCWl-A2ymJ00xEbZLRcFO-eQ1z3YZrPmFg==
age: 10284
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/B2EC870FE40E6F1DDF269A641F27AEAF.cache.js.gz

54.230.111.33

200 OK

391 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/B2EC870FE40E6F1DDF269A641F27AEAF.cache.js.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65447)
Size
391 kB (391313 bytes)
Hash
bc790e9d3b8e67fe4eec5dbdc38ac30d
8c12b3e48535b3072833cf002acb17fb3d93dc39
d5f67ad00de7ee05ab765f48b603ae38cb03c11a94da5d77e43549f3e25da00a

HTTP Headers

GET /static/B2EC870FE40E6F1DDF269A641F27AEAF.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 391313
last-modified: Mon, 30 Jan 2023 15:57:29 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 02:28:26 GMT
cache-control: public, max-age=86400
etag: "bc790e9d3b8e67fe4eec5dbdc38ac30d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: getpRSVi2zPdGx_ew-fh6UzPxwgLywyx11sGJjJTFcPWZl0783LUZQ==
age: 38031
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/973A3DC12670D1F015943789610FD0A5.cache.js.gz

54.230.111.33

200 OK

175 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/973A3DC12670D1F015943789610FD0A5.cache.js.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
175 kB (174603 bytes)
Hash
27f551eb34fe94b9f730ae57f80e302e
bfb04b224c7cabfe5bc29040f90ecf0ec15367c5
13404412d02c93780d739d7636d4b9b906ffa9c57eedab97b2fde695dc59a67f

HTTP Headers

GET /static/973A3DC12670D1F015943789610FD0A5.cache.js.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 174603
last-modified: Mon, 30 Jan 2023 13:35:44 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Tue, 31 Jan 2023 13:35:45 GMT
cache-control: public, max-age=86400
etag: "27f551eb34fe94b9f730ae57f80e302e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hBM_N3rRfI7fS50M-kzC1XLDGKy2-3M26veggr0R5Pf1rTusbuIuBw==
age: 81961
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz

54.230.111.33

200 OK

22 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (9647)
Size
22 kB (22054 bytes)
Hash
023306483fce322bc1e43c36808467db
e9318dd306557d0c26d0a75051007759beb6671e
f8f22c0f47b7eb4710ffc3b6682f1da59826729aba5816b7390f83593fd30bf6

HTTP Headers

GET /static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 22054
last-modified: Thu, 26 Jan 2023 15:26:55 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 06:04:52 GMT
cache-control: public, max-age=86400
etag: "023306483fce322bc1e43c36808467db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YfbQ5xUuiu2NPoXier8dLzewXnWMwkNDNcdklRHUVgKHbK4np5AJ4w==
age: 24834
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 11:43:25 GMT
content-type: application/json
age: 2300
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ppgNODBaYRhPbtGZtaAy0YqoPd0t8gqwEeLJALr2RCt4/Iv0wOIW6rnF/Gakd7uQufiIMUWzZLQ=
x-amz-request-id: ZV1K8C43J8MW7Z4X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 11:51:33 GMT
age: 1812
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/CDAE6C67B91FFEBAF6579C018AA4811E.cache.css.gz

54.230.111.33

200 OK

1.9 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/CDAE6C67B91FFEBAF6579C018AA4811E.cache.css.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4290)
Size
1.9 kB (1865 bytes)
Hash
9161c9a642ccb946c2be24af26f6a26e
846d5b409467ae62e1b2c2e099918a76df30e2c4
bffe3aac9a1aec8e9dc64ff826b5b7327309d6f7ceccc3356e19480e7a4e6144

HTTP Headers

GET /static/CDAE6C67B91FFEBAF6579C018AA4811E.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 1865
last-modified: Mon, 30 Jan 2023 15:57:26 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 03:47:53 GMT
cache-control: public, max-age=86400
etag: "9161c9a642ccb946c2be24af26f6a26e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PCzVI81ZpPX7YIVOMh1rKaoViXcsjC96bgnHakBx-IPQdfmZa7dhwA==
age: 31004
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/static/714918FC51762B562F864F3FD8D3F8E7.cache.css.gz

54.230.111.33

200 OK

18 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/static/714918FC51762B562F864F3FD8D3F8E7.cache.css.gz
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
18 kB (17455 bytes)
Hash
abd9dd437bb4d7ca87ae36a12ec08c1a
f65f47c82693003fceb9d16ddc405b32d966a4a7
5c74b2fbd3fd85f25b8936a1839ba8c0cff5c1981e38423ecdfe88c288271f65

HTTP Headers

GET /static/714918FC51762B562F864F3FD8D3F8E7.cache.css.gz HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 17455
last-modified: Thu, 26 Jan 2023 15:26:53 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 05:55:30 GMT
cache-control: public, max-age=86400
etag: "abd9dd437bb4d7ca87ae36a12ec08c1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qSdwR251QgaSofx8cwOFoxNiDH3Y8ZNiT_2bcGhOplsMabjLiltA4g==
age: 27584
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 12:21:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

schwab.bynder.com/v7/portal/theme/?format=css

3.126.72.90

200 OK

208 B

URL HTTP/2
schwab.bynder.com/v7/portal/theme/?format=css
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
208 B (208 bytes)
Hash
b24a65992c483ea908034ca36cb35823
4d3337e819865baef37b9dfcf2d57ce90c9d4bba
20de0f66e0bec494119f2b47dd0c3be21b3748b85e5e7b3477d25d9201078b39

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/portal/theme/?format=css HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:45 GMT
content-type: text/css; charset=utf-8
content-length: 208
server: nginx
x-api-correlation-id: 8aef1122-d757-56d0-bec2-ccd149fcec9c
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/CharlesModern/CharlesModern-Regular.woff2

54.230.111.33

200 OK

15 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/CharlesModern/CharlesModern-Regular.woff2
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 15188, version 1.6553\012- data
Size
15 kB (15188 bytes)
Hash
914ab6804618c2cd17d73fece6f496e1
b7bdd62d0c2eee9784f3a04a6dc805f088bc8cb5
fc82cd05b6904475067302ede198238fb6844179b8d37525cdffc618737d0688

HTTP Headers

GET /5.0.5/includes/fonts/CharlesModern/CharlesModern-Regular.woff2 HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://schwab.bynder.com
Connection: keep-alive
Referer: https://d8ejoa1fys2rk.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 15188
date: Wed, 01 Feb 2023 09:34:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 3000
last-modified: Wed, 01 Feb 2023 08:30:10 GMT
etag: "914ab6804618c2cd17d73fece6f496e1"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fh-9aGRbbnkvg6A4il-JnUa5-TPlOGzcOY6VMYpLrHW7kcyoQNlw3g==
age: 10036
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0

54.230.111.33

200 OK

77 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /5.0.5/includes/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://schwab.bynder.com
Connection: keep-alive
Referer: https://d8ejoa1fys2rk.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 77160
date: Wed, 01 Feb 2023 09:34:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 3000
last-modified: Wed, 01 Feb 2023 08:30:51 GMT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MfmViRubwLNRNJTUSUB40a12YbSmipALDR9a_4coV_ntvE9Qb0rLWA==
age: 10036
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 11:41:42 GMT
age: 2404
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/includes/img/account/bynder/bg-login.jpg

54.230.111.33

200 OK

58 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/includes/img/account/bynder/bg-login.jpg
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x960, components 3\012- data
Size
58 kB (57673 bytes)
Hash
98daf7652e97134bf46c704a7de07519
8620162d02b2e6d1528414abc2fe5a5693a1f00a
aceef20a27161f6c8c62d33316d7fb188e7e5eb12a167073205e63d91d1faed8

HTTP Headers

GET /includes/img/account/bynder/bg-login.jpg HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d8ejoa1fys2rk.cloudfront.net/static/3FD7F4BB1A784E1049B56EF617899226.cache.css.gz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 57673
last-modified: Tue, 26 Aug 2014 07:19:53 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 06:07:51 GMT
etag: "98daf7652e97134bf46c704a7de07519"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fbPPybVJrhgw6hs16o2r0ycG_Y6RYy6odb1eB4V4ZHfigtufCNaVfg==
age: 27624
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/icons/charlesschwab.ico

54.230.111.33

200 OK

374 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/img/icons/charlesschwab.ico
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
374 B (374 bytes)
Hash
e7f8ed3df589651e0bb724ebd8284e15
f390dce1c7449022cd12b5e8326ae63e2ce2563e
3973303d473167a644f01c43b44ef6563301a43798cddb8eb0b7e608433e2027

HTTP Headers

GET /5.0.5/includes/img/icons/charlesschwab.ico HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 374
date: Wed, 01 Feb 2023 09:34:30 GMT
last-modified: Wed, 01 Feb 2023 08:31:09 GMT
etag: "e7f8ed3df589651e0bb724ebd8284e15"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cwraMX6PsfqANQZOTMWVW-fiKj_kFDtq3HPGeoRH-KDjhw-Nn3lJRA==
age: 10037
X-Firefox-Spdy: h2

d1ra4hr810e003.cloudfront.net/visual/accountlogo/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/medium-1C12E137-21CE-41CA-86ABD7FBB1D6B44F.png

54.230.245.4

200 OK

22 kB

URL HTTP/2
d1ra4hr810e003.cloudfront.net/visual/accountlogo/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/medium-1C12E137-21CE-41CA-86ABD7FBB1D6B44F.png
IP
54.230.245.4:0
ASN
#16509 AMAZON-02

File type
PNG image data, 200 x 199, 8-bit/color RGB, non-interlaced\012- data
Size
22 kB (21798 bytes)
Hash
ce1639d7d32978c7ac905b2c7fb1ff25
48b23c66caabfddb59e3c0e1f3e1032d108206d8
56ab180e805d3b797b17660dc539195acf8a4be5fe39cb3aca4574b3c59b405a

HTTP Headers

GET /visual/accountlogo/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/medium-1C12E137-21CE-41CA-86ABD7FBB1D6B44F.png HTTP/1.1
Host: d1ra4hr810e003.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 21798
date: Wed, 11 Jan 2023 05:02:40 GMT
last-modified: Wed, 05 Jul 2017 14:40:40 GMT
etag: "ce1639d7d32978c7ac905b2c7fb1ff25"
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YCrn2R1s9JY0HzAlWVmfzNKsk4HEsFbBumI9AKWeKNeDGRw2itboQQ==
age: 1840747
X-Firefox-Spdy: h2

d1ra4hr810e003.cloudfront.net/visual/accountbackground/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/xmedium-E72681B8-A630-4B5F-81E6C6B13F6157CF.png

54.230.245.4

200 OK

3.1 MB

URL HTTP/2
d1ra4hr810e003.cloudfront.net/visual/accountbackground/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/xmedium-E72681B8-A630-4B5F-81E6C6B13F6157CF.png
IP
54.230.245.4:0
ASN
#16509 AMAZON-02

File type
PNG image data, 2000 x 1134, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 MB (3057192 bytes)
Hash
7a5c56383e368061e25f6669cfa9c6a2
ce371c3ce3c44fdac5fdba8b2dd1cb7da864e0c8
893e5dd27870a1b39ad06eacbf4b449342e0138148920a4334778fd63d1db6cc

HTTP Headers

GET /visual/accountbackground/30C7FB3F-9C50-4EE9-8EB2FAF8385C1DD0/xmedium-E72681B8-A630-4B5F-81E6C6B13F6157CF.png HTTP/1.1
Host: d1ra4hr810e003.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 3057192
date: Sun, 22 Jan 2023 19:47:04 GMT
last-modified: Sat, 12 Feb 2022 00:03:53 GMT
etag: "7a5c56383e368061e25f6669cfa9c6a2"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-disposition: attachment
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1Wsa2FZjv8ipq6dhLkOtg9IWL7qlVbONlvJ0Tg5_30KYeyzGNlMgVw==
age: 837283
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/templates/components.js

54.230.111.33

304 Not Modified

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/templates/components.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /frontend/0.1.288/scripts/templates/components.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 01 Feb 2023 09:25:39 GMT
If-None-Match: W/"3658cec2c1f9ccc46567f8982f0a14e5"
TE: trailers

HTTP/2 304 Not Modified
date: Wed, 01 Feb 2023 12:21:46 GMT
etag: W/"3658cec2c1f9ccc46567f8982f0a14e5"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 53fUt5Ff6xhThpqdP1_RCHujnOQGJPrfds63UTzZyX1PbhWOG9sIDw==
age: 10060
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.217.224.186

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.217.224.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W21VPLehNnpess45hQ5sAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3lXzazAsBKE2aN+Lbnk9/tQNNqA=

schwab.bynder.com/v7/paramount/js/manifest.json

3.126.72.90

200 OK

13 kB

URL HTTP/2
schwab.bynder.com/v7/paramount/js/manifest.json
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type
data
Size
13 kB (13434 bytes)
Hash
927d00f682c20e67c2c04b47b9ee5652
b9dc3d49ec3a6f42030209c3668a4207b5cbbe91
c6341b713f7b21479be69679002a6b055a61b99d28391d87042d28e5d267de08

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/manifest.json HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:46 GMT
content-type: application/json
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
vary: Accept-Encoding
etag: W/"63d93c66-8c46"
cache-control: no-cache, public, must-revalidate, proxy-revalidate
content-encoding: gzip
x-api-correlation-id: cacd8dca-85bd-42b1-a290-82cb3d35ea6d
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/main.js

54.230.111.33

200 OK

106 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/main.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
data
Size
106 kB (105696 bytes)
Hash
a725daaed1e79352cf634299e6cad18c
1bd5d853194e640416c04e08b869ba39968d41ef
98005495bd55bc6e47fbc6a923c5181321a17db9d6d77a1de4faf64a26b6ff9c

HTTP Headers

GET /frontend/0.1.288/scripts/main.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:08 GMT
last-modified: Wed, 01 Feb 2023 09:25:38 GMT
etag: W/"f28e906b44842b08bc6e4ceccc486ff7"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7xUPdYCGIkRKmgpb-D1OzzvU5JrL5_IFkw0FzsnlC6HeoftKevK4tQ==
age: 10059
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jquery/dist/jquery.js

54.230.111.33

200 OK

93 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jquery/dist/jquery.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
data
Size
93 kB (93309 bytes)
Hash
049505c96109bc5f73f9e0b7a1ded0ba
ecc418bd76f1f06276f5d1ab1bf8108cf25cf86b
2918388616cfd51a2538facc3c42fc1d5a882c7702dea012806651015b8c7b9f

HTTP Headers

GET /frontend/0.1.288/deps/jquery/dist/jquery.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:07 GMT
last-modified: Wed, 01 Feb 2023 09:25:37 GMT
etag: W/"23c7c5d2d1317508e807a6c7f777d6ed"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kZCqjgPdB6Bw7yrpp9z_T9MrlrAFdIP-oMWN9yMuyJpiFrdS11C6OQ==
age: 10060
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 51484
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 16117
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7876 bytes)
Hash
2caf8f791d29d1c03e383b08fe71b042
91254d0b2c68291701ba967f71e5319c8edd1d0a
354892b28eda2bcf225909a8f92b6ddb5be5d47c43445ae4243a59c80e10ef9e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff881dee4-27ea-4970-91da-e85794176516.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 6c502e4a-ac64-48cc-8210-59225f5e9947
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foetOH7PoAMFynA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ab21-539f36af56fde05121a0179a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:58:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3Q59EJIRAEqMqARj6SYi3il0p9HpdPNnizvy0HOxQffZnR1Sgp-nnA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:18:08 GMT
age: 43419
etag: "91254d0b2c68291701ba967f71e5319c8edd1d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6660 bytes)
Hash
932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: 367e8f19-3ba1-479c-8bd9-0b0f5dad8985
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fm2RaEi2oAMFY1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d90408-2315e5c6071026536c5a550f;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 12:05:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XS-n4KCv4pBtlwJ8oaynpHrzVH0u4NH_aFCp6pX8Pv0QIwZei0aY2Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:44:25 GMT
age: 27442
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14041 bytes)
Hash
78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MeSOuCSjsjhK6FOS67rw6oF4rS08twjOACGbXJrNPH6vwZb8lZh9lw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
age: 52229
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/styles/css/notifications.css

54.230.111.33

200 OK

2.1 kB

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/styles/css/notifications.css
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
data
Size
2.1 kB (2120 bytes)
Hash
f728b6e736012e18768ccd87e9c51da9
50aa7d8b6666b07c33c44bc9f1d61c915d0b8ce7
139f1a0e86cc209f21d663382aaa61e4fa9c6b7d3ec75034ef62ab2199f7e9c0

HTTP Headers

GET /frontend/0.1.288/styles/css/notifications.css HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Wed, 01 Feb 2023 09:34:05 GMT
last-modified: Wed, 01 Feb 2023 09:25:40 GMT
etag: W/"d3e516ab066a3ba28c390ec01e539df1"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QwvNS4E9gugeXwT4h2gB0Y00p2mttAyJKPm1W6JsGN41vYbfoKUwTA==
age: 10061
X-Firefox-Spdy: h2

schwab.bynder.com/v7/paramount/js/8383.c8fe83730db1fed668364dbf96904978f315961b.bundle.js

3.126.72.90

200 OK

207 kB

URL HTTP/2
schwab.bynder.com/v7/paramount/js/8383.c8fe83730db1fed668364dbf96904978f315961b.bundle.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type
data
Size
207 kB (207120 bytes)
Hash
f4f45624573e3bb191ed55ec499b8a96
39c7fc8640ef7dca623c268f09d3285ef0184d00
93b4c513ff44b6ec723f50d152dc056d83c1db04a69b77a8a77cc18936d93a9a

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/8383.c8fe83730db1fed668364dbf96904978f315961b.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:47 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
vary: Accept-Encoding
etag: W/"63d93c66-9463d"
expires: Thu, 02 Feb 2023 12:21:47 GMT
cache-control: max-age=86400
content-encoding: gzip
x-api-correlation-id: 498f0eb8-25b5-4779-2de1-59942d043957
X-Firefox-Spdy: h2

schwab.bynder.com/v7/paramount/js/df-26.c8fe83730db1fed668364dbf96904978f315961b.bundle.js

3.126.72.90

200 OK

9.0 kB

URL HTTP/2
schwab.bynder.com/v7/paramount/js/df-26.c8fe83730db1fed668364dbf96904978f315961b.bundle.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (8893)
Size
9.0 kB (8975 bytes)
Hash
ff12556a5471970efcd3685e9245f792
78b6043f8e88368c506c1e78cd4cddeff17c99f6
c00020847c1e35d0e365f259843acbd97509b3603d9db72d8247824dd4fdd99c

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/df-26.c8fe83730db1fed668364dbf96904978f315961b.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:48 GMT
content-type: application/javascript; charset=UTF-8
content-length: 8975
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
etag: "63d93c66-230f"
expires: Thu, 02 Feb 2023 12:21:48 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-api-correlation-id: 6993aea2-1875-79af-2d71-e6ffe9b854ed
X-Firefox-Spdy: h2

schwab.bynder.com/v7/paramount/js/loginNotification.c8fe83730db1fed668364dbf96904978f315961b.bundle.js

3.126.72.90

200 OK

7.9 kB

URL HTTP/2
schwab.bynder.com/v7/paramount/js/loginNotification.c8fe83730db1fed668364dbf96904978f315961b.bundle.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (7846)
Size
7.9 kB (7940 bytes)
Hash
29a93ed40b834548e627b11732698d6b
ee99a4c7fc087bbab61c19c169de5095a0f0d8e3
3563005bc3fff563c064bb6687f80987e929f48e03a23a116995243e0755c923

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/loginNotification.c8fe83730db1fed668364dbf96904978f315961b.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:48 GMT
content-type: application/javascript; charset=UTF-8
content-length: 7940
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
etag: "63d93c66-1f04"
expires: Thu, 02 Feb 2023 12:21:48 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-api-correlation-id: 07b834df-6ffd-38a8-223c-021f002bc146
X-Firefox-Spdy: h2

sentry10.bynder.cloud/api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.24.2

54.220.104.64

200 OK

41 B

URL HTTP/1.1
sentry10.bynder.cloud/api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.24.2
IP
54.220.104.64:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
41 B (41 bytes)
Hash
eddd5224b567e368a5d3271869689dd6
cd36b50c7afa169693e9923b91d72870a41ce184
04953caa469ae9a1e4aecda4ce894d363d8f35e0505f29d06d3c91b0ec10553d

HTTP Headers

POST /api/629/envelope/?sentry_key=f143db6257524be5b9661846c14c6054&sentry_version=7&sentry_client=sentry.javascript.react%2F7.24.2 HTTP/1.1
Host: sentry10.bynder.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://schwab.bynder.com
Content-Length: 18131
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
access-control-allow-origin: https://schwab.bynder.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
Content-Type: application/json
Date: Wed, 01 Feb 2023 12:21:48 GMT
Server: nginx
vary: Origin
Content-Length: 41
Connection: keep-alive

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6819 bytes)
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 52228
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/modules/base/requireSettings.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/modules/base/requireSettings.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/0.1.288/scripts/modules/base/requireSettings.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:07 GMT
last-modified: Wed, 01 Feb 2023 09:25:38 GMT
etag: W/"4d6db042b7188ea978326dc05bddce92"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lGBJD7P7v_LfSZAPw824MuU3HscvxskqH7ajBLyH2eJg0Ue5buANkg==
age: 10060
X-Firefox-Spdy: h2

schwab.bynder.com/v7/paramount/js/9669.c8fe83730db1fed668364dbf96904978f315961b.bundle.js

3.126.72.90

200 OK

0 B

URL HTTP/2
schwab.bynder.com/v7/paramount/js/9669.c8fe83730db1fed668364dbf96904978f315961b.bundle.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/9669.c8fe83730db1fed668364dbf96904978f315961b.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:48 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
vary: Accept-Encoding
etag: W/"63d93c66-4e15"
expires: Thu, 02 Feb 2023 12:21:48 GMT
cache-control: max-age=86400
content-encoding: gzip
x-api-correlation-id: 98c151f3-56c1-cb49-4a5d-9e7fae69d43d
X-Firefox-Spdy: h2

schwab.bynder.com/v7/paramount/js/8446.c8fe83730db1fed668364dbf96904978f315961b.bundle.js

3.126.72.90

200 OK

0 B

URL HTTP/2
schwab.bynder.com/v7/paramount/js/8446.c8fe83730db1fed668364dbf96904978f315961b.bundle.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/8446.c8fe83730db1fed668364dbf96904978f315961b.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:48 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
vary: Accept-Encoding
etag: W/"63d93c66-38b8"
expires: Thu, 02 Feb 2023 12:21:48 GMT
cache-control: max-age=86400
content-encoding: gzip
x-api-correlation-id: 431ff44f-fa2c-9d21-cc37-974db1062d69
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/css/vendor/font-awesome.min.css
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5.0.5/includes/css/vendor/font-awesome.min.css HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Wed, 01 Feb 2023 08:33:24 GMT
last-modified: Wed, 01 Feb 2023 08:32:18 GMT
etag: W/"11561142ddf4044e4897a29bd23df349"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6BA3uT08_k5P97pEjCaQ69GqH47u1FiqY-6RTUInvQmfWZOc86-1Zw==
age: 13702
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.76/app.bundle.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/pynder/microfrontends/0.1.76/app.bundle.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pynder/microfrontends/0.1.76/app.bundle.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 06 Oct 2021 08:31:53 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 05:03:09 GMT
etag: W/"a7b130e96dd023c809de237e5d776425"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: puQLdeyA5GL2V0ZmT16r_CO1ZYRNO2JRjEk59nNw1SveumcJ4lKpWA==
age: 26317
X-Firefox-Spdy: h2

schwab.bynder.com/v7/paramount/js/paramount.c8fe83730db1fed668364dbf96904978f315961b.bundle.js

3.126.72.90

200 OK

0 B

URL HTTP/2
schwab.bynder.com/v7/paramount/js/paramount.c8fe83730db1fed668364dbf96904978f315961b.bundle.js
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /v7/paramount/js/paramount.c8fe83730db1fed668364dbf96904978f315961b.bundle.js HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:47 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
last-modified: Tue, 31 Jan 2023 16:05:58 GMT
vary: Accept-Encoding
etag: W/"63d93c66-4569"
expires: Thu, 02 Feb 2023 12:21:47 GMT
cache-control: max-age=86400
content-encoding: gzip
x-api-correlation-id: 4bd51331-413a-838d-6657-ca65bd2cbd48
X-Firefox-Spdy: h2

schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/

3.126.72.90

200 OK

0 B

URL HTTP/2
schwab.bynder.com/login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/
IP
3.126.72.90:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Charles Schwab

HTTP Headers

GET /login/redirectToken/D4DFB53F-EB37-41EF-8349BFA15D7B90A5/ HTTP/1.1
Host: schwab.bynder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bynder=0562EE5E-ADD4-436A-9E60C023C2916BB5; DEFAULTLOCALE=en_US
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 12:21:45 GMT
content-type: text/html;charset=UTF-8
server: nginx
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-api-correlation-id: 27b9bc94-d5cc-e221-295f-5e665bd4d8d4
permissions-policy: camera=(), geolocation=(), microphone=()
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-charlesschwab.css

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/5.0.5/includes/themes/custom-charlesschwab.css
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5.0.5/includes/themes/custom-charlesschwab.css HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Wed, 01 Feb 2023 09:34:29 GMT
last-modified: Wed, 01 Feb 2023 08:32:38 GMT
etag: W/"8b513f55ad39c7969666a47b8c35e232"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aWybPG5XnfKpHXYTmWfekOKQ0CGqE5CsoCFlkcqmaUh0bnQjDR7rWw==
age: 10037
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/templates/components.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/scripts/templates/components.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/0.1.288/scripts/templates/components.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:07 GMT
last-modified: Wed, 01 Feb 2023 09:25:39 GMT
etag: W/"3658cec2c1f9ccc46567f8982f0a14e5"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pbOoyAe15DLEkVHWa7Rjd-oV3fnH8bT6baABML3BOLBioA8xJ0OvTg==
age: 10059
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/DecentStringFormatter/src/dsf.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/DecentStringFormatter/src/dsf.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/0.1.288/deps/DecentStringFormatter/src/dsf.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:07 GMT
last-modified: Wed, 01 Feb 2023 09:25:34 GMT
etag: W/"7657e4cea36b3f539945dd6806a778ee"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z5z4K341KUEuhXVOVNKCkhqvvob1MKAQdZnvgHnL9OdWJRZKVo0-wA==
age: 10060
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jade/runtime.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jade/runtime.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/0.1.288/deps/jade/runtime.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:05 GMT
last-modified: Wed, 01 Feb 2023 09:25:37 GMT
etag: W/"2a0eb3480991e8458fa6da469774bd78"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZZU39jWZDwQPirTBFtWaPMknlfStnyX44_oziBmRY4JZ6xI4DKSWBw==
age: 10062
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/requirejs/require.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/requirejs/require.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/0.1.288/deps/requirejs/require.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:05 GMT
last-modified: Wed, 01 Feb 2023 09:25:37 GMT
etag: W/"6da8be361b9ee26c5e721e76c6d4afce"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uz3XcUMYgz_MqmP5Nm9ZKUavxYQp4HVm7XFGTMo08R4LGDpl0BJeKA==
age: 10061
X-Firefox-Spdy: h2

d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jed/jed.js

54.230.111.33

200 OK

0 B

URL HTTP/2
d8ejoa1fys2rk.cloudfront.net/frontend/0.1.288/deps/jed/jed.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend/0.1.288/deps/jed/jed.js HTTP/1.1
Host: d8ejoa1fys2rk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://schwab.bynder.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 01 Feb 2023 09:34:07 GMT
last-modified: Wed, 01 Feb 2023 09:25:37 GMT
etag: W/"82f2c0a78039d8744e5f77402dc2313c"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UXx4_HjcaiiDaPi6JgflF7PLBrdp8NpaOlwyV-dgNl442JrR31y5-w==
age: 10060
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML