lsowowieu5.tcp4.me/login.php
41.216.184.184200 OK 11 kB URL HTTP/1.1 lsowowieu5.tcp4.me/login.php
IP 41.216.184.184:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (603), with CRLF line terminators
Hash ab8710945936ca4de57409e68a7404d2
aa60bdb5283ea2f30142bbe91cb9d545216e64d8
255e69ca37d7b1c21f155b30e6816bda9e076114643a15875c088e226a132a2c
Analyzer Verdict Alert openphish RBC Royal Bank
GET /login.php HTTP/1.1
Host: lsowowieu5.tcp4.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 10567
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 19 Oct 2022 22:18:04 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 66155b620c27c14aced991b34be0d1a0
2d489f39edc932199e2d8e03b40c1a5c95b993d2
1a500079242f4472c1e8dafd352c6c6078a7228a1993208d2fe1e27dd00644ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A500079242F4472C1E8DAFD352C6C6078A7228A1993208D2FE1E27DD00644EA"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Wed, 19 Oct 2022 23:04:02 GMT
Date: Wed, 19 Oct 2022 22:18:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 19 Oct 2022 21:51:42 GMT
Expires: Wed, 19 Oct 2022 22:42:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nuIk67pfMPagBY0_Ni8z44f270awO1i6L_VjPxu26k6a6jGgs_WnDA==
Age: 1582
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9369
Expires: Thu, 20 Oct 2022 00:54:14 GMT
Date: Wed, 19 Oct 2022 22:18:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AzQD57qAIl+9RMuAuf0jVOsrO5zMfWlk53XMEI1AVlieYGISBC5EUL3dRwKBzJxLrqnKfH6VFLs=
x-amz-request-id: EC3ZFX0DBT5FBYVS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 19 Oct 2022 22:04:25 GMT
age: 820
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 19 Oct 2022 22:18:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 855d438c934fa16b91f6f3222bafead3
a88f3e3d9b3ceec76681fe1f5f6832d94833aba6
fc0eec130d9ea663a9f14d0619758353d5f7f08b32ca84dee19268c8c4299bca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123901
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 22:18:05 GMT
Etag: "634fb89a-1d7"
Expires: Fri, 21 Oct 2022 08:43:06 GMT
Last-Modified: Wed, 19 Oct 2022 08:43:06 GMT
Server: nginx
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 19 Oct 2022 21:43:40 GMT
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 22:17:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hwzZDDoETfSQS_kLsh38frfU7_BPQE0DumbWsCx6btTl7oNuiL2Rnw==
Age: 2065
d3tracking.rbc.com/fp/tags.js?org_id=4rvrfbxt&session_id=1F453E7636A50809A60B9875F51A94BF&page_id=1
91.235.133.77200 OK 12 kB URL HTTP/1.1 d3tracking.rbc.com/fp/tags.js?org_id=4rvrfbxt&session_id=1F453E7636A50809A60B9875F51A94BF&page_id=1
IP 91.235.133.77:0
File type ASCII text, with very long lines (15506)
Hash 196171947c4d00bc7bb4315182d48308
f2279a9b4759f9f48e9d0bd2320134ef38677377
76967290448da7e6ddc34401be07f35ffdb622eb17732711ead25be09778cc64
GET /fp/tags.js?org_id=4rvrfbxt&session_id=1F453E7636A50809A60B9875F51A94BF&page_id=1 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:05 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 62fc1aa250922e13956facbf8071aebb
111e2978b9e6931f7ba9ee3beac67d1af7bf8c92
1d0de3a88ad67da5ba748190f997994299058b77fff93caa24f4c611b3dec560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4741
Cache-Control: max-age=126463
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 22:18:05 GMT
Etag: "634fb017-1d7"
Expires: Fri, 21 Oct 2022 09:25:48 GMT
Last-Modified: Wed, 19 Oct 2022 08:06:47 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.40.161.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.161.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oHRChIHCBt3oqK2mgbtKkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UB2mUjnbRMZZuygu/ly2+B9dyPk=
www1.royalbank.com/uos/3m/images/logo_rbc-royalbank-white-en.svg
104.110.13.141200 OK 5.5 kB URL HTTP/2 www1.royalbank.com/uos/3m/images/logo_rbc-royalbank-white-en.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5474), with no line terminators
Hash 82addeb4458834be1050a3ae7f0d5be8
cbe76ad9cc0382fb195c639ea03a8be24e0223b7
4ad25cca003756c56d16dbc0b68bc7bf4449a33aeb046eb4d0552990a2cfdb9a
GET /uos/3m/images/logo_rbc-royalbank-white-en.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "8bdcb4d4-1562-57d4e4ac68ac0"
accept-ranges: bytes
content-length: 5474
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/search-signin.svg
104.110.13.141200 OK 318 B URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/search-signin.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (508), with no line terminators
Hash c16325fe395dfc2dae779223c365b34e
e441b2616829c42dc7f6de59f87540326d593a0f
f3445f3c8e3ceaad3c2cc88ce1ee8717b49ce8c23ad19be281b9739f2788bb51
GET /uos/3m/images/icons/search-signin.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "8bdcb4ce-1fc-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 318
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/to-top-white.svg
104.110.13.141200 OK 443 B URL HTTP/2 www1.royalbank.com/uos/3m/images/to-top-white.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (443), with no line terminators
Hash f08049412ff7fe70dd707cb5e6cac152
7fad21ac003263d473808b60091e745aaf1b9aee
a51aaa34a0ed0bbfa7cd4cbfb5060f0c0a277825702f9f87ec921bb1deb0022d
GET /uos/3m/images/to-top-white.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5bcb4d1-1bb-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
content-length: 443
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/flags/canada.svg
104.110.13.141200 OK 467 B URL HTTP/2 www1.royalbank.com/uos/3m/images/flags/canada.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (836), with no line terminators
Hash bdc9d7f7eea716f0bf5b2aeaf12ab409
c9dce8872b4ca99ca7cd9a475d76e271036a9594
6f0084d36d57d88105519089b5f068379860e561096125aec4a7928e39b8df70
GET /uos/3m/images/flags/canada.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "8bdcb4ca-344-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 467
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/fonts.Fira_Sans.css?12
104.110.13.141200 OK 365 B URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/fonts.Fira_Sans.css?12
IP 104.110.13.141:0
Hash df92b184efd66581644d129a1d40b8ce
150e4e6b9a0be59e80509ef24802e134cc87ff2c
279e41ffa8f4297cf3430886572e35461cc32c66a34866301bbb404acfbb22b0
GET /uos/3m/css/fonts/fonts.Fira_Sans.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5b886e6-6de-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 365
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/external/font-awesome/4.4.0/css/font-awesome.min.css?12
104.110.13.141200 OK 6.1 kB URL HTTP/2 www1.royalbank.com/uos/external/font-awesome/4.4.0/css/font-awesome.min.css?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (26548)
Hash 8674b5b6e95925b102197cadc9eae184
45df416387aff67e2004b707f4ecd679c04a8459
7e3895abcebc0073d76a2facb58d46609055b2723c34c9c8e35bcc0714f3d3be
GET /uos/external/font-awesome/4.4.0/css/font-awesome.min.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 05 Nov 2015 23:25:26 GMT
etag: "c5ba4552-6857-523d37117a580"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 6079
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/logo-rbc-shield.svg
104.110.13.141200 OK 5.2 kB URL HTTP/2 www1.royalbank.com/uos/3m/images/logo-rbc-shield.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5181), with no line terminators
Hash d9ef8075ce937b74b04b890b599ba4b6
229ef9925fe592fdf0e49d4f92a96f80f9efcf55
65810b2abb5357e9d521f65bc4270894f90cb4f531b9d48bd202e3562920bfde
GET /uos/3m/images/logo-rbc-shield.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5bcb4cf-143d-57d4e4ac68ac0"
accept-ranges: bytes
content-length: 5181
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/external/bootstrap/3.3.5/css/bootstrap.min.css?12
104.110.13.141200 OK 20 kB URL HTTP/2 www1.royalbank.com/uos/external/bootstrap/3.3.5/css/bootstrap.min.css?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (65371)
Hash be01da82451d7c79deb3491a5a671bcd
16aabcdf052f9dcf4d4e5edf4d9c45a28ab0dcf4
8a61780250d1bcb4a78c281a1c004e86e3875077703290b2192d6c1a17c71556
GET /uos/external/bootstrap/3.3.5/css/bootstrap.min.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 20 Oct 2015 10:46:55 GMT
etag: "c5be2d40-1deac-52286faf6e5c0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 19879
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/images/icons/tooltipPeak.png
104.110.13.141200 OK 259 B URL HTTP/2 www1.royalbank.com/uos/common/images/icons/tooltipPeak.png
IP 104.110.13.141:0
File type PNG image data, 10 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash dd0a08eddf25d2faca83dc3b1dbf2409
f9efa80754803207dd63d3742a110d7a964caf12
5ebd4e99e10ea98455582e5949a0d1bda24645b23971cd3e322eeea55f9b1c48
GET /uos/common/images/icons/tooltipPeak.png HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Nov 2015 23:23:06 GMT
etag: "8bdde41b-103-523d368bf6a80"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/png
content-length: 259
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/javascript/keypress.js?12
104.110.13.141200 OK 704 B URL HTTP/2 www1.royalbank.com/javascript/keypress.js?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash aad6ff5f5ed32af02737303daa022963
6a0a202fc9d8b8244e47bd40e853d370793ab70a
ae30bca576ea71969ba0412d414bbabb28705a9c60a694438caa988ad40bde93
GET /javascript/keypress.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 03 Apr 2002 13:06:54 GMT
etag: "c5b26f26-2c0-39db828c9f780"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
content-length: 704
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/servicenotice.js?12
104.110.13.98200 OK 5.0 kB URL HTTP/2 www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/servicenotice.js?12
IP 104.110.13.98:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 51635711a59cd45af5589dc5d2d8255c
774478882738f8e60799d49e7bc8db84a870e9d0
9a41bf2a4bdbe2fa90efe037b74eb01d8060fc5874b1e35282f33a6cc66b709b
GET /onlinebanking/sign-in/jsincludes/servicenotice.js?12 HTTP/1.1
Host: www.rbcroyalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 15:54:24 GMT
etag: "5eb00a3c9ec00"
accept-ranges: bytes
content-length: 4958
cache-control: max-age=0
expires: Sat, 15 Oct 2022 15:08:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/css/common.css?12
104.110.13.141200 OK 19 kB URL HTTP/2 www1.royalbank.com/uos/common/css/common.css?12
IP 104.110.13.141:0
Hash 36dda4ee010dc163a7da73389be8e257
acfab2279dd0b464623aa748c9f9b464e26584a8
622d7f928cddea65609864b7ec616b11df973e90eb25a9b08fe84f09753ce689
GET /uos/common/css/common.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Sun, 26 Apr 2020 20:36:53 GMT
etag: "c5bf7a9b-21187-5a4378f024340"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 18566
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/ie/event.js?12
104.110.13.141200 OK 341 B URL HTTP/2 www1.royalbank.com/uos/common/javascript/ie/event.js?12
IP 104.110.13.141:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash aa84f88d5410daed5617478ac2515957
fa574a25014dbcd42e0dc0f649af53c9b95d11ac
1765eea36536f4a073be63a15ad03020e00d8eac9be58412d83878d7012b931a
GET /uos/common/javascript/ie/event.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Mon, 21 Sep 2009 20:02:24 GMT
etag: "c5bba190-40f-4741bf5d29400"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 341
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/faqcontent.js?12
104.110.13.98200 OK 859 B URL HTTP/2 www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/faqcontent.js?12
IP 104.110.13.98:0
File type ASCII text, with CRLF line terminators
Hash 1d619357c4b2f07c807204779e17259a
c6172d5e2345510d14f03d82461cfe9bfe009633
9deb4487acbf244895070296de59765ed9067886e2cb7433ce2e15c764a67857
GET /onlinebanking/sign-in/jsincludes/faqcontent.js?12 HTTP/1.1
Host: www.rbcroyalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 27 Mar 2019 13:27:05 GMT
etag: "5851364c41c40"
accept-ranges: bytes
content-length: 859
cache-control: max-age=0
expires: Sat, 17 Sep 2022 14:54:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/marketing-new.js?12
104.110.13.98200 OK 2.9 kB URL HTTP/2 www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/marketing-new.js?12
IP 104.110.13.98:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e3474099df6f61d3e963f660eed82969
e4feacb55ed06846639277e994988da4b8ba6c29
6ba5721d9deb8004c3c3f4937ee6d4954b2ebb9589d25ac01d5d9c561264d595
GET /onlinebanking/sign-in/jsincludes/marketing-new.js?12 HTTP/1.1
Host: www.rbcroyalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 09 Nov 2021 19:23:24 GMT
etag: "5d0600b070300"
accept-ranges: bytes
content-length: 2875
cache-control: max-age=0
expires: Sat, 17 Sep 2022 14:54:44 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/pubnotice.js?12
104.110.13.98200 OK 1.2 kB URL HTTP/2 www.rbcroyalbank.com/onlinebanking/sign-in/jsincludes/pubnotice.js?12
IP 104.110.13.98:0
File type ASCII text, with CRLF line terminators
Hash 0fa6fdcaadce0863f3c05ba084bcb273
b80b5cd4e4611d299f59c22a276e5f2dff92bb7d
3367903b90c61222fe0c871cc87855b5c948ace33b6597c024fe5597f1f590a4
GET /onlinebanking/sign-in/jsincludes/pubnotice.js?12 HTTP/1.1
Host: www.rbcroyalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 19 Oct 2022 14:49:22 GMT
etag: "5eb64506b0080"
accept-ranges: bytes
content-length: 1217
cache-control: max-age=0
expires: Wed, 19 Oct 2022 16:15:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/javascript/signin.js?12
104.110.13.141200 OK 1.5 kB URL HTTP/2 www1.royalbank.com/uos/3m/javascript/signin.js?12
IP 104.110.13.141:0
Hash 8407422341888d531be8742bdd1a1612
0f3c9759fd9083c80709e480fa7aabf7e8268598
7436b06dff499d31abf7b62f5639787f34aa8afb177f2de1a77dfc8b058aadf2
GET /uos/3m/javascript/signin.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 09 Jan 2019 15:57:15 GMT
etag: "c5bee62d-1954-57f088405ecc0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1461
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/javascript/accessibility.js?12
104.110.13.141200 OK 460 B URL HTTP/2 www1.royalbank.com/uos/3m/javascript/accessibility.js?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash 8ac6e440d7e4634b4a630367c4de106e
cb0929b03448243e848a8b992cd254b175d6510b
0af71f54ca83fce2b6da1903ee4e527fa1dba2707a221b71f5ce52c1e94596cb
GET /uos/3m/javascript/accessibility.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Fri, 27 Jan 2017 20:21:01 GMT
etag: "c5bff797-80b-5471934508540"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 460
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/ibsignin.css?12
104.110.13.141200 OK 4.9 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/ibsignin.css?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash 0a7e2eee488f49c6fd817bf3928c6aed
61a13e7a259b81bbfd3d01e38acaeae27cdacb23
0c7ccebc9ac326afe0858bcffa6845c9c750d9987e57371faf7e88b72947f162
GET /uos/3m/css/ibsignin.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bb1929-6b61-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 4917
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/initelemstates.js?12
104.110.13.141200 OK 387 B URL HTTP/2 www1.royalbank.com/uos/common/javascript/initelemstates.js?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash 21778726a5f54c03dee8edea1630813d
2c3004ee19810b3438b0cab228b35f75d36d868d
009189cbe0f1386ea9e1d00fa6b42d9c260ac4e201e4c4ee1d8de60a05b167e4
GET /uos/common/javascript/initelemstates.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 05 Nov 2015 23:24:35 GMT
etag: "c5b2a0a6-183-523d36e0d72c0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
content-length: 387
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/browser.js?12
104.110.13.141200 OK 537 B URL HTTP/2 www1.royalbank.com/uos/common/javascript/browser.js?12
IP 104.110.13.141:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash b093468fd7720c05125f1d95e5f5b076
b1daa44f7e13d3921a889fbda77db2cc4a41aa6d
2dfe69010f145b3f4283531c15b5450f92e9660bc8a3a038a59441988432d7c0
GET /uos/common/javascript/browser.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Mon, 21 Sep 2009 20:02:17 GMT
etag: "c5bba19a-5a3-4741bf567c440"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 537
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/utilities.js?12
104.110.13.141200 OK 5.3 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/utilities.js?12
IP 104.110.13.141:0
File type ISO-8859 text, with CRLF line terminators
Hash 071d2994a2a81a16d78b2d2968b516c7
742dd1278058bb629fc24000c614156d6212c6cf
758c868bb1e3d6ccc8f32faf09fbe393afed81e27ce7e6b729756e47d2d6ae2f
GET /uos/common/javascript/utilities.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Fri, 27 Jan 2017 20:21:38 GMT
etag: "c5b9c3f0-6758-5471936851880"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 5257
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/cookie.js?12
104.110.13.141200 OK 1.4 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/cookie.js?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash 5a5cc7899f47190fe4d55215c9458ae7
ecaf249f66f151aee223fe9327ace8ca7e97cdf0
10e93920ac4ca1d5438f991c0fead147f3452d12854a681561e6d56e4f55cf7a
GET /uos/common/javascript/cookie.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Fri, 21 Aug 2020 16:39:09 GMT
etag: "c5b9c3de-1065-5ad65e03dc540"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1363
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/custom.js?12
104.110.13.141200 OK 1.4 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/custom.js?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash 814d395745417866ccc7d3893810fb88
2a2cf58ce8fb55c21f9dfcd4fb0cf4842276619a
7bfb4d19c0ec738af5211107e03d8d3b4a5d58a63d9e25adc043c8b2a7433e11
GET /uos/common/javascript/custom.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Mon, 08 Jul 2013 20:44:31 GMT
etag: "c5ba77c5-20bc-4e1061c7f49c0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1407
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/javascript/enhancedJuly.js?12
104.110.13.141200 OK 864 B URL HTTP/2 www1.royalbank.com/uos/3m/javascript/enhancedJuly.js?12
IP 104.110.13.141:0
File type exported SGML document, ASCII text, with CRLF, CR line terminators
Hash ed2a9938df7e5ff96fd72791ebe2ab45
8a656361fd92789ea44a6616927f37c486a15fc5
0fee24de65a3a7cc30686ef16f2588dfc48bba9083167ebd5c407597e3e05ead
GET /uos/3m/javascript/enhancedJuly.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Mon, 21 Sep 2009 19:54:24 GMT
etag: "c5bc8bad-963-4741bd9365c00"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 864
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/hashtable.js?12
104.110.13.141200 OK 3.3 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/hashtable.js?12
IP 104.110.13.141:0
Hash 978ea86d36aec2d7ee52cc9eee5c7db4
f5a5001c9c7d7702d47a73879904a8574621c9b9
5b7a09b032d1b25969e13ecc815630734f744f4ae544189a80deaa0cd8ce1284
GET /uos/common/javascript/hashtable.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 31 Jan 2018 20:41:37 GMT
etag: "c5bd208b-3570-56418816dc240"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 3326
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/event.js?12
104.110.13.141200 OK 1.6 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/event.js?12
IP 104.110.13.141:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 91a9ce39057b1d759d53430d86752a5a
ff925b4554d5b94d3ecdb3a5c5cfa2fc9ee8122f
6ec5a2c8b305c4efafb32465b5ff6f598f42f8be4a4fb6042931d6fdbd36fbd4
GET /uos/common/javascript/event.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 27 Oct 2009 18:10:40 GMT
etag: "c5b9c3e5-272c-476ee98852800"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1629
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/external/modernizr/2.8.3/modernizr.min.js?12
104.110.13.141200 OK 8.6 kB URL HTTP/2 www1.royalbank.com/uos/external/modernizr/2.8.3/modernizr.min.js?12
IP 104.110.13.141:0
File type HTML document, ASCII text, with very long lines (21986)
Hash 58e124547f7c505f84c1f45a302d23c7
0d7726a04a859e37fa1b1d3a7652131a27370caa
fbc33b45e5085fa44ef7efeec0fb02bbff652a1a5a820e03873dadc592ebbeaf
GET /uos/external/modernizr/2.8.3/modernizr.min.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 05 Nov 2015 23:25:23 GMT
etag: "c5beb0d1-59f6-523d370e9dec0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 8625
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/showservicenoticenew.js?12
104.110.13.141200 OK 1.1 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/showservicenoticenew.js?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (423), with CRLF line terminators
Hash f537ac0e27a5dd2df2de33257d74d3ec
d25d85570dc4f55edc4f6bfc5c0d323f6b36ad37
48c465789c40a44b2ff91f257896b237312219c0a77f167c793ad6d9c271a670
GET /uos/common/javascript/showservicenoticenew.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bccc50-1564-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1108
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/newsandupdates.js?12
104.110.13.141200 OK 1.2 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/newsandupdates.js?12
IP 104.110.13.141:0
File type HTML document, ASCII text, with very long lines (433), with CRLF line terminators
Hash 2069b8d5ab5ede213a3a8d03c3806d73
5230fca6fd0801ffc0a677839e180076eaeb9359
51692792f70115aa376c0cb45f86dbb2512abefab1fd59dbc1e289d7bcfe9845
GET /uos/common/javascript/newsandupdates.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bccc4d-12e6-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1173
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/showfaqs.js?12
104.110.13.141200 OK 1.4 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/showfaqs.js?12
IP 104.110.13.141:0
File type HTML document, ASCII text, with very long lines (521), with CRLF line terminators
Hash 74ad5435498946bf49866fe0c29c1392
cd695da7f11c81e85f589450932c2775328012a1
c0a75ec50594cfb730552e014855bb27cb96795d36023f31d062fe075323afc1
GET /uos/common/javascript/showfaqs.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bccc4e-2c24-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1435
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/external/bootstrap/3.3.5/js/bootstrap.min.js?12
104.110.13.141200 OK 9.7 kB URL HTTP/2 www1.royalbank.com/uos/external/bootstrap/3.3.5/js/bootstrap.min.js?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (32034)
Hash 691548938c0b45b60f3f4e00cfe57f7a
6b0c7237b685791d0966cf0a27261ee69d159b6d
849c9327c674642a424671d09c671fe1877392d7593095324dc369b1fb461875
GET /uos/external/bootstrap/3.3.5/js/bootstrap.min.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 20 Oct 2015 10:46:57 GMT
etag: "c5bab632-8fd0-52286fb156a40"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 9743
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/external/jQuery-Autocomplete/1.2.24/js/jquery.autocomplete.js?12
104.110.13.141200 OK 6.9 kB URL HTTP/2 www1.royalbank.com/uos/external/jQuery-Autocomplete/1.2.24/js/jquery.autocomplete.js?12
IP 104.110.13.141:0
Hash f69d3537de7d01d16fdac588e57cc2e8
2c9eb85610e092ee10e1ad8735d4f8b02ce01345
a28d499236c253ce8e12570b12fc7895bb06904f2f2fcf5238dfc99efd1fb25c
GET /uos/external/jQuery-Autocomplete/1.2.24/js/jquery.autocomplete.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 05 Nov 2015 23:25:24 GMT
etag: "c5beb0d5-8049-523d370f92100"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 6895
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/javascript/custom.js?12
104.110.13.141200 OK 7.5 kB URL HTTP/2 www1.royalbank.com/uos/3m/javascript/custom.js?12
IP 104.110.13.141:0
File type ISO-8859 text, with CRLF line terminators
Hash 59e9c1d6d73cb86ddde297c1c8c19259
2f767d1075672144f872a6288717813eddac8060
520bbbd03788e9d10f4ac0299a052a7fe67c273d03155df0c8cc020f56b54248
GET /uos/3m/javascript/custom.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bff798-6d4b-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 7520
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/common.js?12
104.110.13.141200 OK 1.1 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/common.js?12
IP 104.110.13.141:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash ae8e0552a1f37ed55d2aa5ad9be1cd1a
77e35c5e1a4cfd7b199ba354bba69edce242d3ab
9e19afd174864f6a48b576d52f71907f37300a193659e5fd641b69f7ffd923ee
GET /uos/common/javascript/common.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Fri, 26 Feb 2016 17:06:57 GMT
etag: "c5bba19e-10af-52caf53992e40"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1088
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/showinfonoticenew.js?12
104.110.13.141200 OK 1.1 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/showinfonoticenew.js?12
IP 104.110.13.141:0
File type HTML document, ASCII text, with very long lines (425), with CRLF line terminators
Hash 64d251e9f64cebd8a95c7fb6e8ad1744
88618da7da2ab1943b3d2350b4dfb3943b9d536b
361df346a050eee0f9255dee6861041d0c3f91257665c9ed61e2653126333aad
GET /uos/common/javascript/showinfonoticenew.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bccc4f-14f4-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1080
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/kiosk.js?12
104.110.13.141200 OK 1.4 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/kiosk.js?12
IP 104.110.13.141:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 2d3ae865cd81c25a3605dc737da2bf5a
7fe7de5cb3f63657b17256f2ccf6652a51a19adf
bf01cfcfdcf0fc9cbbc456440e4e203afd3f6182919e92acdf6d318178072a06
GET /uos/common/javascript/kiosk.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "8bd9c3e7-228e-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 1361
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/master.css?12
104.110.13.141200 OK 5.0 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/master.css?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (376), with CRLF line terminators
Hash a5498700d9ebbebd08495165f4b03ab8
1088d5c5dbef95ee05849556fb68d71521d8ad17
4c47152091838fb3dca0c9e74ed36da9708a5df19290baed78bb6d7fdfb14a41
GET /uos/3m/css/master.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bb1920-5846-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 5003
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/header_dates.js?12
104.110.13.141200 OK 604 B URL HTTP/2 www1.royalbank.com/uos/common/javascript/header_dates.js?12
IP 104.110.13.141:0
Hash 563e211cbf8d209807cde3081e61c027
27afe688d419cf541e47385770dd27978fbe041b
52959d41a6aa710709b4c41ba59ef90d167a8f523585bb69ea07092288030d78
GET /uos/common/javascript/header_dates.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 27 Oct 2009 18:10:40 GMT
etag: "c5ba77c4-25c-476ee98852800"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
content-length: 604
date: Wed, 19 Oct 2022 22:18:06 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/rsa73.js?12
104.110.13.141200 OK 11 kB URL HTTP/2 www1.royalbank.com/uos/common/javascript/rsa73.js?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (2059), with CRLF line terminators
Hash 177d0b68207171fc32d6280c525b508d
4abd848a83449ae25cee42ac674169d382baa103
6023d36ad7b43611e8c8f64433b9f48cb7f493d892415ff3ed3dff40e0ff70e0
GET /uos/common/javascript/rsa73.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 31 Jan 2018 20:40:52 GMT
etag: "c5bd208a-959e-564187ebf1d00"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 11015
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/notices/css/notifications.css?12
104.110.13.141200 OK 2.4 kB URL HTTP/2 www1.royalbank.com/uos/common/notices/css/notifications.css?12
IP 104.110.13.141:0
Hash 9bcaa4655fcea8befc61d1871f23824c
e3f8661cdaf7ba7323c44538343b9b42a170a21d
c8fc838ea69414dfdeed428406c7e0d016ce5084f52b0b54236c8cb64c172a64
GET /uos/common/notices/css/notifications.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Fri, 13 Mar 2020 14:32:46 GMT
etag: "c5bb7f53-4299-5a0bd57ceff80"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 2379
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/external/jquery/1.11.3/jquery.min.js?12
104.110.13.141200 OK 33 kB URL HTTP/2 www1.royalbank.com/uos/external/jquery/1.11.3/jquery.min.js?12
IP 104.110.13.141:0
File type ASCII text, with very long lines (32038), with CRLF line terminators
Hash bf442e2bb332a94992527312083c8cbd
d82a1c10841fd9fd66fff53cca6d41dc2049b4b3
1d0bcceaaf6fb7635db0b82d8956b8045e60971d01a84928de294bc4b83b7133
GET /uos/external/jquery/1.11.3/jquery.min.js?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 05 Nov 2015 23:25:17 GMT
etag: "c5bc1d70-176da-523d3708e5140"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/x-javascript
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 33329
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/rbc-icons.css?12
104.110.13.141200 OK 952 B URL HTTP/2 www1.royalbank.com/uos/3m/css/rbc-icons.css?12
IP 104.110.13.141:0
Hash d921e815d1e07b0d7673c5df7618fcdb
8eb43f018831eb1010e631290ebfc6dde178fb40
3a74daf706de8f69733070915dd09acea731488cab2016fbd7c425d37ac27a6c
GET /uos/3m/css/rbc-icons.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 31 Oct 2018 14:48:48 GMT
etag: "c5bb1923-e54-579876655d400"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 952
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/fonts.Roboto.css?12
104.110.13.141200 OK 457 B URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/fonts.Roboto.css?12
IP 104.110.13.141:0
Hash 066e735d5fb849c39bb4120decbc8a45
0d32187efa8f9cf0874e8b6f55acbd0eb8843c64
1f9dc4cd5b9f15136a8675b2f0b125add1afedb9913c943fa657f11dc61e6cd1
GET /uos/3m/css/fonts/fonts.Roboto.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5b886e7-93b-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:06 GMT
content-length: 457
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Thu, 20 Oct 2022 00:51:33 GMT
Date: Wed, 19 Oct 2022 22:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Thu, 20 Oct 2022 00:51:33 GMT
Date: Wed, 19 Oct 2022 22:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Thu, 20 Oct 2022 00:51:33 GMT
Date: Wed, 19 Oct 2022 22:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Thu, 20 Oct 2022 00:51:33 GMT
Date: Wed, 19 Oct 2022 22:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9206
Expires: Thu, 20 Oct 2022 00:51:33 GMT
Date: Wed, 19 Oct 2022 22:18:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3081ebd-7d9d-4b43-a0ec-b96604601ee4.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3081ebd-7d9d-4b43-a0ec-b96604601ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06a31720e9a52fa82141a13eea54f52e
0fd3aa64f5a3486acb5cc14609bf158ab443b2b9
8b03d88e690474ffeed0154786afb99a61c93a44ad1d7b2c2848380d38fa113f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3081ebd-7d9d-4b43-a0ec-b96604601ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9643
x-amzn-requestid: 69d505e0-31f0-4f1b-acc4-1374cc9bce05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9oGERoAMFmtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d23-17fdfc2e745925587337abb7;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oA1tljIa_1HcWQnsUiukFz_B6a4jBRiRANm5USGt-7OFdHxMIEQ4pQ==
via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:43:49 GMT
age: 2058
etag: "0fd3aa64f5a3486acb5cc14609bf158ab443b2b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:27 GMT
age: 1900
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f4c469-7b52-4900-a2b2-b5c937961850.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f4c469-7b52-4900-a2b2-b5c937961850.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc696c41b037c43afe2039706b5bf4d4
82eddbb839a78c0584a67ed57523af489e57a290
4dbeff5715c19055cd43e3b9f70f5a8f12e24f134fe286cb494c873c339f7c5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8f4c469-7b52-4900-a2b2-b5c937961850.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7143
x-amzn-requestid: a6b294ee-febd-4346-8b94-943105d558a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9LHTvoAMFYrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d20-4107c22b75adea7139bde747;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VOU0lwkU5dgkiI_ubndzd_ZY1EUmKeW8nLkZI4nHDdjq6TjYQ8TuDA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:28 GMT
age: 1899
etag: "82eddbb839a78c0584a67ed57523af489e57a290"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdf241de-ee6c-4ca6-8781-97504d479b12.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdf241de-ee6c-4ca6-8781-97504d479b12.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f8dd343c60ffa1a721d08feec116dc9
282b05119556ca14b3f984c34292e61fb83878dc
c02dd62a5736c2c5f5a10d92f03659d82cd372fdf4796b710a2d0e206db4c27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdf241de-ee6c-4ca6-8781-97504d479b12.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10658
x-amzn-requestid: db104cf2-971b-4a40-b449-4a4298d7a5ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZKFFzSIAMFTVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506f0d-399ed33127f850847b269360;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:41:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q5y4a5E7Wa6yKKORJ-6HuvIyKaem83zCDbCaSbCvrw6vFk0_Wg-49g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:50:30 GMT
age: 1657
etag: "282b05119556ca14b3f984c34292e61fb83878dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2226e30d927e7b68afb0f0025a9e6533
88ef1b5e5c76c76281f94d5bb21d47876431a26f
dc48559888c87b6b7c13109a5f44333f9f4b2330939eb3c4c2d3203a47984af7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10453
x-amzn-requestid: f9476efc-26f7-4b71-acb9-d6a07e5857c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9XEProAMFS_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d22-5f3f86da2e32b84c3911a69a;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J3tOE-6TDdWgQvo4mUNrN0JJINKLZqy5lS__rR6tRyHr6uCJRyWp6g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:44:48 GMT
age: 1999
etag: "88ef1b5e5c76c76281f94d5bb21d47876431a26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: c8171eaf-67b4-4179-9e69-36fe00ef3bfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhQU8HmcIAMFw0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2db9-2985178a31d0e8c430323a26;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:09:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rpAXnpUfQgB-O_qw0uSi2pDYqD9o4kvScL2bSeY7b02Ukx5Mnw1PCQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 10:12:06 GMT
age: 43561
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/close-blue.svg
104.110.13.141200 OK 273 B URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/close-blue.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (440), with no line terminators
Hash e9764fe4f9821d32f95bed5e659e0d34
49bda1648c9c937e069b54599c437cbf7d3397fb
51691192602b4c13f6e932a0486b5c8c65a626571155cc8a6c188f30053d7471
GET /uos/3m/images/icons/close-blue.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5bcb4cc-1b8-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 273
date: Wed, 19 Oct 2022 22:18:07 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com//nexus.ensighten.com/rbc/olb/Bootstrap.js
104.110.13.141404 Not Found 196 B URL HTTP/2 www1.royalbank.com//nexus.ensighten.com/rbc/olb/Bootstrap.js
IP 104.110.13.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET //nexus.ensighten.com/rbc/olb/Bootstrap.js HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/html; charset=iso-8859-1
content-length: 196
date: Wed, 19 Oct 2022 22:18:07 GMT
x-edgeconnect-cache-status: 3
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/javascript/dtagent_ICA23STVbjqr_7000100161008.js
104.110.13.141404 Not Found 196 B URL HTTP/2 www1.royalbank.com/uos/common/javascript/dtagent_ICA23STVbjqr_7000100161008.js
IP 104.110.13.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /uos/common/javascript/dtagent_ICA23STVbjqr_7000100161008.js HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/html; charset=iso-8859-1
content-length: 196
date: Wed, 19 Oct 2022 22:18:07 GMT
x-edgeconnect-cache-status: 3
X-Firefox-Spdy: h2
www1.royalbank.com//nexus.ensighten.com/rbc/olb/Bootstrap.js
104.110.13.141404 Not Found 196 B URL HTTP/2 www1.royalbank.com//nexus.ensighten.com/rbc/olb/Bootstrap.js
IP 104.110.13.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET //nexus.ensighten.com/rbc/olb/Bootstrap.js HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
strict-transport-security: max-age=63072000; includeSubdomains;
content-type: text/html; charset=iso-8859-1
content-length: 196
date: Wed, 19 Oct 2022 22:18:07 GMT
x-edgeconnect-cache-status: 0
X-Firefox-Spdy: h2
lsowowieu5.tcp4.me/uos/common/javascript/dom/event.js
41.216.184.184404 Not Found 708 B URL HTTP/1.1 lsowowieu5.tcp4.me/uos/common/javascript/dom/event.js
IP 41.216.184.184:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
GET /uos/common/javascript/dom/event.js HTTP/1.1
Host: lsowowieu5.tcp4.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/login.php
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 708
Date: Wed, 19 Oct 2022 22:18:07 GMT
www1.royalbank.com/uos/common/css/print.css?12
104.110.13.141200 OK 508 B URL HTTP/2 www1.royalbank.com/uos/common/css/print.css?12
IP 104.110.13.141:0
File type ASCII text, with CRLF line terminators
Hash bb095e248fcf9be6fc2f70b645697b6a
13921a70f634723a8a0fbec9bf932b62f98a6fd6
6d0287da40a6ae78a192b30e7a1c7bb9d28cabd446253072a00f2b9321b7f7f0
GET /uos/common/css/print.css?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 01 Dec 2009 18:54:57 GMT
etag: "c5bf7aa2-5d4-479af4b55e240"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/css
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:08 GMT
content-length: 508
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.woff2
104.110.13.141200 OK 22 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.woff2
IP 104.110.13.141:0
File type Web Open Font Format (Version 2), TrueType, length 21920, version 1.0\012- data
Hash e5d046dd2c38f8e9a1f2f1130e4ec9fc
ee3d9449d668da1bbeaf63f9c738d240b5340c29
f9bc132980c62433dfd76631f5a602fd1bf318141d67ebb6b70b4d3cc92555b0
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.woff2 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5b9e9a3-55a0-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/font-woff2
content-length: 21920
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/chevron-right-white.svg
104.110.13.141200 OK 277 B URL HTTP/2 www1.royalbank.com/uos/3m/images/chevron-right-white.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (427), with no line terminators
Hash 3e5b654e8049a098a47e047bbb50233c
2caf82f0a484a8190307d471e49c5249550ec801
8a9825644e5fd919846adcfcc0228bb20f2f3afcd03bb8e71f23196131126fd5
GET /uos/3m/images/chevron-right-white.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/ibsignin.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5bcb4c8-1ab-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 277
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/triangle-down-white.svg
104.110.13.141200 OK 254 B URL HTTP/2 www1.royalbank.com/uos/3m/images/triangle-down-white.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (398), with no line terminators
Hash e514341778182267d462e204af6a7ae0
94896c3c1b658bcaad48db232f5fa87d92dfc87a
63b523933073ec81ecfc5bd3d7deeb870b5003f38ad20dfb0b10dfd846de5a07
GET /uos/3m/images/triangle-down-white.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/ibsignin.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "8bdcb4d3-18e-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 254
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/common/images/dropdown/chevron.png
104.110.13.141200 OK 149 B URL HTTP/2 www1.royalbank.com/uos/common/images/dropdown/chevron.png
IP 104.110.13.141:0
File type PNG image data, 16 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash d7d592e60a7a4709c5e423be0d72d0bf
a62478f76b0e90b3d9d13436c53914a9d693109f
463c807898d95421f1d1b08aa1cf30873aa2cfeec128f65946107a2d27700f5b
GET /uos/common/images/dropdown/chevron.png HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/master.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Nov 2015 23:23:30 GMT
etag: "c5bc39a8-95-523d36a2da080"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/png
content-length: 149
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/angle-right-small.svg
104.110.13.141200 OK 2.2 kB URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/angle-right-small.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (688), with CRLF line terminators
Hash a9945a7116003939220b44909e8cd17f
46f64abbb7090eee378a2220430402829cc123ae
169b2c80c3cf9bba841ccd21f0a32cd56cf82b55917b228f0d9354fa5e312479
GET /uos/3m/images/icons/angle-right-small.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/ibsignin.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "8bdd87fb-89e-583ff2d368480"
accept-ranges: bytes
content-length: 2206
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/lock-small.svg
104.110.13.141200 OK 760 B URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/lock-small.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (373), with CRLF line terminators
Hash 32c84bb7990b793e88417cf67f1d803d
a120628924b04d39bd367a1072a01427ca7cf426
d476c0650cc667cf53e718bf07aebbead7b0ccdd34cb814e5dc1a079b3fd38ed
GET /uos/3m/images/icons/lock-small.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/ibsignin.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "8bdd87ff-752-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 760
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/warning-32.svg
104.110.13.141200 OK 1.6 kB URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/warning-32.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385), with CRLF line terminators
Hash 940916f48f8dd564e66ae263bd0ac793
d3e4afd46f2a60ce2dd0ff7323d395429d541a29
997bad61367838159b58ee753c72bd96c10f44d4d8a959cf2dc6d43ccc1aa6d1
GET /uos/3m/images/icons/warning-32.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/master.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bd8800-637-583ff2d368480"
accept-ranges: bytes
content-length: 1591
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/external-link-small.svg
104.110.13.141200 OK 922 B URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/external-link-small.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (680), with CRLF line terminators
Hash 35e5454fa89f66c5a0c63d28f0b7e250
304819c9f403bc84196850dcfbb12ae82f8375ba
c325e94fe424adb149b2e87d051bb5e3838ce05a44f90ab7d40104d3e5927826
GET /uos/3m/images/icons/external-link-small.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/master.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "8bdd87fd-9b1-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 922
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/images/icons/external-link-small-blue.svg
104.110.13.141200 OK 931 B URL HTTP/2 www1.royalbank.com/uos/3m/images/icons/external-link-small-blue.svg
IP 104.110.13.141:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (680), with CRLF line terminators
Hash ba0af84f073089b0763521d8e1ff2f69
2fbd10db7ea1744d07ee49c5ea0fc540e9cbef34
dd3fc990fe828ea6c6ff7161788ceeaae91bc0ea361e4e8341e0f2e78fe4bee9
GET /uos/3m/images/icons/external-link-small-blue.svg HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.royalbank.com/uos/3m/css/master.css?12
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bd87fc-98e-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/svg+xml
vary: Accept-Encoding
content-encoding: gzip
content-length: 931
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/vl/rbc-icons.woff2
104.110.13.141200 OK 14 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/vl/rbc-icons.woff2
IP 104.110.13.141:0
File type Web Open Font Format (Version 2), TrueType, length 14244, version 1.0\012- data
Hash 9d4b12ef74f70f8a7e978df1b0bc5d26
31a1d716c1322780ee367114023417741fede63f
d96aa24745416f71ce3f0dffea32971e52793c1fc2059005b1ab90819fa72e15
GET /uos/3m/css/fonts/vl/rbc-icons.woff2 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Oct 2018 14:46:00 GMT
etag: "8bdbe92c-37a4-579875c525a00"
accept-ranges: bytes
content-length: 14244
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/font-woff2
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.woff2
104.110.13.141200 OK 22 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.woff2
IP 104.110.13.141:0
File type Web Open Font Format (Version 2), TrueType, length 21940, version 1.0\012- data
Hash 3cb9e8d5c02f6f269785d5722d57e0d5
005c6ab45ccca08d2a14f909e255d031093e79e2
2b56e3544de25a2bc015f2df367a527d3e1f5691510605d7cb5d06d8c2e7fd6d
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.woff2 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "8bd9e99e-55b4-57d4e4ac68ac0"
accept-ranges: bytes
content-length: 21940
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/font-woff2
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/rbc-icons.ttf?9w1q4o
104.110.13.141200 OK 5.7 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/rbc-icons.ttf?9w1q4o
IP 104.110.13.141:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, rbc-icons \012- data
Hash 8491c41acf295f8e2c8fd9991eeb3b84
d1995a9638ade9ebbcd6ac044359a0059442abd3
a9c993748b5a28306179270666a3cd8cffc62fd229c78f278b502c8a39f2808c
GET /uos/3m/css/fonts/rbc-icons.ttf?9w1q4o HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 07 Jul 2017 19:25:56 GMT
etag: "8bdb1927-1fa4-553bf33c59900"
accept-ranges: bytes
content-length: 5744
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.woff2
104.110.13.141200 OK 22 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.woff2
IP 104.110.13.141:0
File type Web Open Font Format (Version 2), TrueType, length 22096, version 1.0\012- data
Hash 89044585f8804da1ed89551178cc7c8f
05b9c54cd203be2aed112490e95a3c7ab8bcab01
d0759263025ff6b8f33da27562e5f1fa2194294bd70a26240fa13fe3b97ccf4d
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.woff2 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "8bdab747-5650-583ff2d368480"
accept-ranges: bytes
content-length: 22096
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/font-woff2
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.woff2
104.110.13.141200 OK 43 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.woff2
IP 104.110.13.141:0
File type Web Open Font Format (Version 2), TrueType, length 42728, version 1.0\012- data
Hash 5b9e06123d343a97609dcda40b09e6f0
0239515686aab1e83996201c8a6d2996528f87b0
128376a684bdd753a94481e70b3f65ab665afb60d56eca7263d9c5ad87e5e3dd
GET /uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.woff2 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5ba6518-a6e8-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: application/font-woff2
content-length: 42728
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
lsowowieu5.tcp4.me/uos/3m/images/icons/warning-32.svg
41.216.184.184404 Not Found 708 B URL HTTP/1.1 lsowowieu5.tcp4.me/uos/3m/images/icons/warning-32.svg
IP 41.216.184.184:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
GET /uos/3m/images/icons/warning-32.svg HTTP/1.1
Host: lsowowieu5.tcp4.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/login.php
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 708
Date: Wed, 19 Oct 2022 22:18:08 GMT
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.woff
104.110.13.141200 OK 28 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.woff
IP 104.110.13.141:0
File type Web Open Font Format, TrueType, length 28236, version 1.1\012- data
Hash 1fb51f52c5d3adf198aa44e80478426e
809273d0061adca6c2dc07a9fafe9aa1fd9e4c7a
7b6b8e7317cab19dee07b5b71622bbd17921fd4aded4768810ff8473d7d93671
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.woff HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "8bd9e9a2-6e4c-57d4e4ac68ac0"
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
date: Wed, 19 Oct 2022 22:18:08 GMT
content-length: 28236
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.woff
104.110.13.141200 OK 28 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.woff
IP 104.110.13.141:0
File type Web Open Font Format, TrueType, length 28316, version 1.1\012- data
Hash d687dd2312d54804a7d134abbfdfca35
a92d4e2d2df19f4b954ee9d66e413fc3184ce856
0ef2e50df6bfbe5633c9211a8f50d224a3286133f6a48a7eb1bc987857ae9c86
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.woff HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5b9e99d-6e9c-57d4e4ac68ac0"
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
date: Wed, 19 Oct 2022 22:18:08 GMT
content-length: 28316
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/vl/rbc-icons.woff
104.110.13.141200 OK 18 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/vl/rbc-icons.woff
IP 104.110.13.141:0
File type Web Open Font Format, TrueType, length 17592, version 1.0\012- data
Hash ec46dcfed1dbe6e7fecc5fcdc05e74ea
da405dc93e4410636973aff63136cb338fc1f6ec
f2cce4ff7e8ebb8c1f11507496360275b8fa81877209e344db62daf65ddd749d
GET /uos/3m/css/fonts/vl/rbc-icons.woff HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Oct 2018 14:45:52 GMT
etag: "8bdbe92b-44b8-579875bd84800"
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
date: Wed, 19 Oct 2022 22:18:08 GMT
content-length: 17592
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/rbc-icons.woff?9w1q4o
104.110.13.141200 OK 8.2 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/rbc-icons.woff?9w1q4o
IP 104.110.13.141:0
File type Web Open Font Format, TrueType, length 8176, version 3.0\012- data
Hash d14d65bb26ae7ee9286c3dc6624ffd3c
a92941a846f482fcdbd8b31a7c37c87c025b66e3
89975a8d2b12c99b630a8a3fe1706c153c6be0a7774a7903b74e1ae00802e6b1
GET /uos/3m/css/fonts/rbc-icons.woff?9w1q4o HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 07 Jul 2017 19:26:37 GMT
etag: "8bdb1925-1ff0-553bf36373540"
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
date: Wed, 19 Oct 2022 22:18:08 GMT
content-length: 8176
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.woff
104.110.13.141200 OK 28 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.woff
IP 104.110.13.141:0
File type Web Open Font Format, TrueType, length 28272, version 1.1\012- data
Hash cc04fb84dbdbd997be1b8b7ae687fb3c
d8fcfcc50efe40017a82c4f1a04b04b14ed5b8b8
7f4d18392bb9ce81f4f568c184c8191987203acf66d9e293f383b07b01f2de8e
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.woff HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "8bdab746-6e70-583ff2d368480"
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
date: Wed, 19 Oct 2022 22:18:08 GMT
content-length: 28272
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.ttf
104.110.13.141200 OK 34 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.ttf
IP 104.110.13.141:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data
Hash 9d2b660a18c258f28604b372f6e2ce46
63d1725679dfef5f9f20d948f9748b67cc3d08cf
d1ced704fa40ee479d51862993492a57edc29a3dd263df952d424375c26619ae
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-regular.ttf HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5b9e9a1-d324-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
content-encoding: gzip
content-length: 34546
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/vl/rbc-icons.ttf
104.110.13.141200 OK 39 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/vl/rbc-icons.ttf
IP 104.110.13.141:0
File type TrueType Font data, 11 tables, 1st "GSUB", 16 names, Macintosh, type 1 string, rbc-iconsRegularrbc-iconsrbc-iconsVersion 1.0rbc-iconsGenerated by svg2ttf from Fontello project\012- data
Hash 1d51ee0c35e7ae8d11b009538b040c17
ec767a273f81e1ee3f83005355bc083693aaf013
843a55f973f0aadbd39b3f92457130d8ccc8e979260eea5310b1a6d4b14c1c49
GET /uos/3m/css/fonts/vl/rbc-icons.ttf HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Oct 2018 14:45:45 GMT
etag: "c5bbe92a-9798-579875b6d7840"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
content-length: 38808
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.ttf
104.110.13.141200 OK 35 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.ttf
IP 104.110.13.141:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.137; 2017Roboto-Ligh\012- data
Hash 1c10b18b97c8d6d11f783acf228f91c9
b59a99f08073415cc2711512f7de3089da1e3901
caf94e5fe6ea5ba577ba7005dbd51c5ac4e3db3841fd16f32eaea9c57fab0e83
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin_latin-ext-300.ttf HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5b9e99c-d22c-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
content-encoding: gzip
content-length: 34750
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.ttf
104.110.13.141200 OK 69 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.ttf
IP 104.110.13.141:0
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright 2012-2016, The Mozilla Foundation and Telefonica S.A.Fira SansRegular4.\012- data
Hash b40403aed3c2f3c450abb9ca77e8e29c
3c4e97f600108110741d94a35f055ee32f6aac84
43a24515db0cb726949330bb260eefe058a03a37b54482fe9ac71e77d296d30a
GET /uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.ttf HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5ba6516-1c464-57d4e4ac68ac0"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
content-encoding: gzip
content-length: 68741
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.ttf
104.110.13.141200 OK 35 kB URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.ttf
IP 104.110.13.141:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med\012- data
Hash 04402b7e6e2d031d8f715141347d2144
834b1391415821945c6d2b17e413e622a5d20ac9
6279944b0a71cf089f7121031144681789ac078ed37e97cc28275bbe09ed9f2b
GET /uos/3m/css/fonts/Roboto/roboto-v18-latin-ext-500.ttf HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Mar 2019 19:54:42 GMT
etag: "c5bab745-d298-583ff2d368480"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
content-encoding: gzip
content-length: 34740
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ck=0&m=2
91.235.133.77200 OK 81 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ck=0&m=2
IP 91.235.133.77:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ck=0&m=2 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ck=0&m=1
91.235.133.77200 OK 81 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ck=0&m=1
IP 91.235.133.77:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ck=0&m=1 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
www1.royalbank.com/uos/common/images/icons/favicon.ico?12
104.110.13.141200 OK 894 B URL HTTP/2 www1.royalbank.com/uos/common/images/icons/favicon.ico?12
IP 104.110.13.141:0
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 318790dab1f2fc38b31d1e9d2f61938b
20149f8c9f8bd610ac75da7f9b34c60f1d1f38b5
d2cb7cc01a7895378cb9c907c3f912085f2ea7f2fa14aabb5f7638b631c6ec0b
GET /uos/common/images/icons/favicon.ico?12 HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Nov 2015 23:23:06 GMT
etag: "c5bde41a-37e-523d368bf6a80"
accept-ranges: bytes
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: image/x-icon
content-length: 894
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2
d3tracking.rbc.com/fp/check.js;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jb=3533262668736d773f4e696e75702662736d3d4e61667778246a73627d3d446b7267666f7a266871603f4669726d666778273232313e
91.235.133.77200 OK 102 kB URL HTTP/1.1 d3tracking.rbc.com/fp/check.js;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jb=3533262668736d773f4e696e75702662736d3d4e61667778246a73627d3d446b7267666f7a266871603f4669726d666778273232313e
IP 91.235.133.77:0
File type ASCII text, with very long lines (5470)
Size 102 kB (102390 bytes)
Hash 13692abbfad9f730decc01a6ed2773f9
ddaa9fa626f4415d0bc2dc96b183a28a6d87cd81
27b4ddb2fe1ae79fca7dc636bc0ea7a2f833a4d012345c845a5402656da403cd
GET /fp/check.js;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jb=3533262668736d773f4e696e75702662736d3d4e61667778246a73627d3d446b7267666f7a266871603f4669726d666778273232313e HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:08 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 34f8e9fee58060a6
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
d3tracking.rbc.com/fp/HP?session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
91.235.133.77200 OK 5.8 kB URL HTTP/1.1 d3tracking.rbc.com/fp/HP?session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
IP 91.235.133.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash c5fc1eebfce1305f822610153d6a9c9e
4c3be5b7723e1d9f5f54e7e14fb377091b1366aa
4aa0c12ef926a56314442de3b57fdc8a8028d9de49eecc377ccf319c707df01a
GET /fp/HP?session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5792
Keep-Alive: timeout=2, max=99
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jb=3334266c71613f3a63643061666d646b373164363d3b3262363439616e34323732313062356461
91.235.133.77204 No Content 0 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jb=3334266c71613f3a63643061666d646b373164363d3b3262363439616e34323732313062356461
IP 91.235.133.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jb=3334266c71613f3a63643061666d646b373164363d3b3262363439616e34323732313062356461 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
d3tracking.rbc.com/fp/ls_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
91.235.133.77200 OK 14 kB URL HTTP/1.1 d3tracking.rbc.com/fp/ls_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
IP 91.235.133.77:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 563713aac1f5054bf735308f36220352
24f7652bfeee43b9a81669d4a563cf98c2099dbd
e8c769bfb1fa42f12e61aa8fce470b3f7d41a4bec639fd755ccceb3d66a7a15c
GET /fp/ls_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
d3tracking.rbc.com/fp/top_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
91.235.133.77200 OK 14 kB URL HTTP/1.1 d3tracking.rbc.com/fp/top_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
IP 91.235.133.77:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash fbefa19b7e6fe16f463c06b6b9e8c532
ad1c8bc87856902c07fb7c326274962d16af314b
f57cf285b1639a369cfa5f7980bcbed61caa86d9d220824d2e397580af2d6dc3
GET /fp/top_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ja=353b312624633f3224783d30266e3d39323a307a393830342461663d39323a32783330303026717a7b3f3078302e6478723f312e393a3a302e3130323c2c333038322c313230302e333038302c3133312c33323a3824333030342c302430247163663d3236266e6a3f6a7474702d3349253046273a4e6e736d776f77616577372e766370362e6f672730466c6f6f69662e7268722e6c703d2468683d30303435656738666037376033603130366a386c623464633b313234336636352e6a716d3d4e696e7778246871603d46697a656e6f7a25303831342668736f75354c6b6c757a266a7162773f446b72656667782e6e6a633f393e247478643d555c43246f617668723f323a3b346038386338376d626334666e693a626338613631313b66366163613030336137346531383a6138613b643b3c696334363064333c343460356434393226723f726e756769665f6e6c63736a2d3d4766636c736529706e77676b6e5f75696c666d75735f6d6d6461615d706e6971677227354566696c716721726c7565696c5d63666f626557616b726d62637c2d374564616c736d21726e7565696e5d71776b616974696d6d253d4564616e7b6d23706e756769665f716a6f616b7763766727374766616c7b6529706e756561665d7267616c7064617b677227354564616e716723706c756f69665f746c6157786e617b6572253d4564636c716521726c77656b6c5f64657e6164767025374d6e636c716521706475656b6e5d7376655f746b67756572253d456e616e736729786e7565696e5f6261746325374566636c7167246163643d39353c373332&jb=3937266c733d4f6d786b6c6c612d324e352c30273a382a58333125334a2530324c6b6e757a2530327a3a365f363c253b422732327a7e27334339362e3829273030456563696f27304430303130383138312732324e617065646f78253a463b342e32
91.235.133.77204 204 0 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ja=353b312624633f3224783d30266e3d39323a307a393830342461663d39323a32783330303026717a7b3f3078302e6478723f312e393a3a302e3130323c2c333038322c313230302e333038302c3133312c33323a3824333030342c302430247163663d3236266e6a3f6a7474702d3349253046273a4e6e736d776f77616577372e766370362e6f672730466c6f6f69662e7268722e6c703d2468683d30303435656738666037376033603130366a386c623464633b313234336636352e6a716d3d4e696e7778246871603d46697a656e6f7a25303831342668736f75354c6b6c757a266a7162773f446b72656667782e6e6a633f393e247478643d555c43246f617668723f323a3b346038386338376d626334666e693a626338613631313b66366163613030336137346531383a6138613b643b3c696334363064333c343460356434393226723f726e756769665f6e6c63736a2d3d4766636c736529706e77676b6e5f75696c666d75735f6d6d6461615d706e6971677227354566696c716721726c7565696c5d63666f626557616b726d62637c2d374564616c736d21726e7565696e5d71776b616974696d6d253d4564616e7b6d23706e756769665f716a6f616b7763766727374766616c7b6529706e756561665d7267616c7064617b677227354564616e716723706c756f69665f746c6157786e617b6572253d4564636c716521726c77656b6c5f64657e6164767025374d6e636c716521706475656b6e5d7376655f746b67756572253d456e616e736729786e7565696e5f6261746325374566636c7167246163643d39353c373332&jb=3937266c733d4f6d786b6c6c612d324e352c30273a382a58333125334a2530324c6b6e757a2530327a3a365f363c253b422732327a7e27334339362e3829273030456563696f27304430303130383138312732324e617065646f78253a463b342e32
IP 91.235.133.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&ja=353b312624633f3224783d30266e3d39323a307a393830342461663d39323a32783330303026717a7b3f3078302e6478723f312e393a3a302e3130323c2c333038322c313230302e333038302c3133312c33323a3824333030342c302430247163663d3236266e6a3f6a7474702d3349253046273a4e6e736d776f77616577372e766370362e6f672730466c6f6f69662e7268722e6c703d2468683d30303435656738666037376033603130366a386c623464633b313234336636352e6a716d3d4e696e7778246871603d46697a656e6f7a25303831342668736f75354c6b6c757a266a7162773f446b72656667782e6e6a633f393e247478643d555c43246f617668723f323a3b346038386338376d626334666e693a626338613631313b66366163613030336137346531383a6138613b643b3c696334363064333c343460356434393226723f726e756769665f6e6c63736a2d3d4766636c736529706e77676b6e5f75696c666d75735f6d6d6461615d706e6971677227354566696c716721726c7565696c5d63666f626557616b726d62637c2d374564616c736d21726e7565696e5d71776b616974696d6d253d4564616e7b6d23706e756769665f716a6f616b7763766727374766616c7b6529706e756561665d7267616c7064617b677227354564616e716723706c756f69665f746c6157786e617b6572253d4564636c716521726c77656b6c5f64657e6164767025374d6e636c716521706475656b6e5d7376655f746b67756572253d456e616e736729786e7565696e5f6261746325374566636c7167246163643d39353c373332&jb=3937266c733d4f6d786b6c6c612d324e352c30273a382a58333125334a2530324c6b6e757a2530327a3a365f363c253b422732327a7e27334339362e3829273030456563696f27304430303130383138312732324e617065646f78253a463b342e32 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
d3tracking.rbc.com/fp/clear.png
91.235.133.77200 OK 81 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png
IP 91.235.133.77:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 4rvrfbxt/34f8e9fee58060a61f453e7636a50809a60b9875f51a94bf
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 19 Oct 2022 22:18:09 GMT
Expires: Mon, 18 Oct 2027 22:18:09 GMT
Etag: 582ac206ac5048f99a5e3151d4e3299a
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: http://lsowowieu5.tcp4.me
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.securetrust.com/
23.36.79.25200 OK 638 B IP 23.36.79.25:0
ASN #20940 Akamai International B.V.
Hash f2a5d9b6491a781eee22a1aa9474754f
2d579023c9e51d9af92491ce61c50644fdba90b2
2de113effde94c1df4643be6fa819bc5ee622d7991cebdd6c860ab9db7f33117
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Wed, 19 Oct 2022 22:18:09 GMT
Connection: keep-alive
d3tracking.rbc.com/fp/check.js?&pageid=99998&session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6
91.235.133.77200 OK 29 kB URL HTTP/1.1 d3tracking.rbc.com/fp/check.js?&pageid=99998&session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6
IP 91.235.133.77:0
File type ASCII text, with very long lines (15506)
Hash 938a5c74384025462a6a4eb917e145c7
7dc8e875a8824b8fc459c82174970d68eecaf84d
9c18ef1f4d09d8e76eadd7148d6802c8d83b706db508c21ab3c56f45571e4d28
GET /fp/check.js?&pageid=99998&session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3tracking.rbc.com/fp/HP?session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 34f8e9fee58060a6
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
4rvrfbxtkz2mmsvmrdl4w3bnenlwigonvefq373r34f8e9fee58060a6am1.e.aa.online-metrix.net/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 4rvrfbxtkz2mmsvmrdl4w3bnenlwigonvefq373r34f8e9fee58060a6am1.e.aa.online-metrix.net/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&di=yes HTTP/1.1
Host: 4rvrfbxtkz2mmsvmrdl4w3bnenlwigonvefq373r34f8e9fee58060a6am1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jf=3334266c71623f343a673833613a383d346436366e3c6739373035653a3231616560383732343b
91.235.133.77204 No Content 0 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jf=3334266c71623f343a673833613a383d346436366e3c6739373035653a3231616560383732343b
IP 91.235.133.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jf=3334266c71623f343a673833613a383d346436366e3c6739373035653a3231616560383732343b HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3tracking.rbc.com/fp/ls_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
d3tracking.rbc.com/fp/ARF;CIS3SID=F69DDA1C763B8B84C18FD8943BA93DF6?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&pageid=99998&sera_parametere=VURbD1EAAl0GUQgGBlFVBAcBVQ5cDV9XB1YMCA9RAFBQDVZZUAgFXFABCxZFQ1xfXUQTTBYcVSFAAnoVAXREBANeFV0JXAsAC0FLFQV0RAFxBEMPIRxUVQ1aS0RFFVJyFgMkHVJ9QAEMCFtWAQlQBFIMBwxUXARQVAYOAgMJVgcHAAIMBg8DV1FTDAJVUlJVBFBAVgpXBQBYBgxWDlVYUFZRUwBVD1YEUxNSQwsAGVRWBANaVgwCUFYDWggECFQDBgJRAAANVFFcDF4HUAYHDlAFUQpQWlNDBFwFAg4IURBaXVsVVB8WDFgMAQkPCEdeWAlAWlh%2FDxcAU1dIEFIXCwoCQFoKSlspDFtNSBBTAwtHUBxnBlgKCQdUW1sQVRULAgdW&count=0&max=0
91.235.133.77200 OK 61 B URL HTTP/1.1 d3tracking.rbc.com/fp/ARF;CIS3SID=F69DDA1C763B8B84C18FD8943BA93DF6?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&pageid=99998&sera_parametere=VURbD1EAAl0GUQgGBlFVBAcBVQ5cDV9XB1YMCA9RAFBQDVZZUAgFXFABCxZFQ1xfXUQTTBYcVSFAAnoVAXREBANeFV0JXAsAC0FLFQV0RAFxBEMPIRxUVQ1aS0RFFVJyFgMkHVJ9QAEMCFtWAQlQBFIMBwxUXARQVAYOAgMJVgcHAAIMBg8DV1FTDAJVUlJVBFBAVgpXBQBYBgxWDlVYUFZRUwBVD1YEUxNSQwsAGVRWBANaVgwCUFYDWggECFQDBgJRAAANVFFcDF4HUAYHDlAFUQpQWlNDBFwFAg4IURBaXVsVVB8WDFgMAQkPCEdeWAlAWlh%2FDxcAU1dIEFIXCwoCQFoKSlspDFtNSBBTAwtHUBxnBlgKCQdUW1sQVRULAgdW&count=0&max=0
IP 91.235.133.77:0
File type ASCII text, with no line terminators
Hash 0031f4acfaf05da62509531b32db0187
ae091ea556178ec98f46eaa04594c15b1eac3cd8
70ae6836733744ef8d2aba610cc2574077d0d46ce1ed34e3bddfa89d9e05c052
GET /fp/ARF;CIS3SID=F69DDA1C763B8B84C18FD8943BA93DF6?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&pageid=99998&sera_parametere=VURbD1EAAl0GUQgGBlFVBAcBVQ5cDV9XB1YMCA9RAFBQDVZZUAgFXFABCxZFQ1xfXUQTTBYcVSFAAnoVAXREBANeFV0JXAsAC0FLFQV0RAFxBEMPIRxUVQ1aS0RFFVJyFgMkHVJ9QAEMCFtWAQlQBFIMBwxUXARQVAYOAgMJVgcHAAIMBg8DV1FTDAJVUlJVBFBAVgpXBQBYBgxWDlVYUFZRUwBVD1YEUxNSQwsAGVRWBANaVgwCUFYDWggECFQDBgJRAAANVFFcDF4HUAYHDlAFUQpQWlNDBFwFAg4IURBaXVsVVB8WDFgMAQkPCEdeWAlAWlh%2FDxcAU1dIEFIXCwoCQFoKSlspDFtNSBBTAwtHUBxnBlgKCQdUW1sQVRULAgdW&count=0&max=0 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d3tracking.rbc.com/fp/HP?session_id=1f453e7636a50809a60b9875f51a94bf&org_id=4rvrfbxt&nonce=34f8e9fee58060a6&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jac=1&je=3130312624706f3f6c6d2661756c6835646435366a3d36303a3035356b643767623430396163676661633536373a366d633731323e6b3438373632386b653b66303b37393436313336323233316c643a26677831356c64363a6566376a30353a3863663460373b64603a6662656a656d33643563696b61643139363438
91.235.133.77204 No Content 0 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jac=1&je=3130312624706f3f6c6d2661756c6835646435366a3d36303a3035356b643767623430396163676661633536373a366d633731323e6b3438373632386b653b66303b37393436313336323233316c643a26677831356c64363a6566376a30353a3863663460373b64603a6662656a656d33643563696b61643139363438
IP 91.235.133.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jac=1&je=3130312624706f3f6c6d2661756c6835646435366a3d36303a3035356b643767623430396163676661633536373a366d633731323e6b3438373632386b653b66303b37393436313336323233316c643a26677831356c64363a6566376a30353a3863663460373b64603a6662656a656d33643563696b61643139363438 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 19 Oct 2022 22:18:09 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/javascript
d3tracking.rbc.com/fp/clear3.png;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jac=1&je=32323726247065673f273742253a327e657025303a2d3141312532432d323050455355455154273030273341253d426e616e73672d3a4125303268696c64676c253032253043362737462532432d323a463525303a2d314127354266696c71672530432530326a6b6666656e253a322d324134273d4c2732412532324e323327323025334325374064636c73652d324b2530326a616c66656c2532322d324136253744253043273030443232253a322d334325374a6e636c716525324b253030686b6464676e273030273243342d354c253544
91.235.133.77204 204 0 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear3.png;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jac=1&je=32323726247065673f273742253a327e657025303a2d3141312532432d323050455355455154273030273341253d426e616e73672d3a4125303268696c64676c253032253043362737462532432d323a463525303a2d314127354266696c71672530432530326a6b6666656e253a322d324134273d4c2732412532324e323327323025334325374064636c73652d324b2530326a616c66656c2532322d324136253744253043273030443232253a322d334325374a6e636c716525324b253030686b6464676e273030273243342d354c253544
IP 91.235.133.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear3.png;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6&jac=1&je=32323726247065673f273742253a327e657025303a2d3141312532432d323050455355455154273030273341253d426e616e73672d3a4125303268696c64676c253032253043362737462532432d323a463525303a2d314127354266696c71672530432530326a6b6666656e253a322d324134273d4c2732412532324e323327323025334325374064636c73652d324b2530326a616c66656c2532322d324136253744253043273030443232253a322d334325374a6e636c716525324b253030686b6464676e273030273243342d354c253544 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lsowowieu5.tcp4.me/
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Wed, 19 Oct 2022 22:18:13 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
91.235.133.77204 No Content 0 B URL HTTP/1.1 d3tracking.rbc.com/fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
IP 91.235.133.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6 HTTP/1.1
Host: d3tracking.rbc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://d3tracking.rbc.com
Connection: keep-alive
Referer: https://d3tracking.rbc.com/fp/top_fp.html;CIS3SID=5497EFBC376EC7626362C54E7D1CE009?org_id=4rvrfbxt&session_id=1f453e7636a50809a60b9875f51a94bf&nonce=34f8e9fee58060a6
Cookie: thx_guid=be1dadb36771cc62a54feeec7f38a174
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Wed, 19 Oct 2022 22:18:13 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://d3tracking.rbc.com
Content-Type: text/javascript
www1.royalbank.com/uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.woff
104.110.13.141200 OK 0 B URL HTTP/2 www1.royalbank.com/uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.woff
IP 104.110.13.141:0
GET /uos/3m/css/fonts/fira-sans/fira-sans-v8-latin_latin-ext-regular.woff HTTP/1.1
Host: www1.royalbank.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lsowowieu5.tcp4.me
Connection: keep-alive
Referer: https://www1.royalbank.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 16:21:39 GMT
etag: "c5ba6517-d304-57d4e4ac68ac0"
p3p: policyref="https://www1.royalbank.com/w3c/p3p.xml",CP="CAO DSP COR LAW COM NAV INT STA CNT PHY ONL UNI PUR FIN DEM PRE GOV HEA CUR ADM DEV PSA LEG OUR SAMi CONi TELi"
content-type: text/plain
vary: Accept-Encoding
date: Wed, 19 Oct 2022 22:18:08 GMT
x-edgeconnect-cache-status: 1
X-Firefox-Spdy: h2