r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3874
Expires: Mon, 30 Jan 2023 01:59:05 GMT
Date: Mon, 30 Jan 2023 00:54:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3645
Expires: Mon, 30 Jan 2023 01:55:16 GMT
Date: Mon, 30 Jan 2023 00:54:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2499
Expires: Mon, 30 Jan 2023 01:36:10 GMT
Date: Mon, 30 Jan 2023 00:54:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 00:35:38 GMT
content-type: application/json
age: 1133
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: K6vMrCzDf2bLiU/yaQv87X3buT5ZrgO3BYGpVdJ+PysonQhJN8X0mytJjdBLV+HhNLLoVl3S9sIQD908VEEogA==
x-amz-request-id: NZ371CMFB77FBMCV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 00:50:32 GMT
age: 239
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:54:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ccrsolar.com.br/wp-content/SUPPORT/css/33986123.css
188.114.97.1200 OK 55 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/css/33986123.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (62121), with CR, LF line terminators
Hash 9b647eaca582708cc38f47fcbc69242f
b74cc5ba73c10f30eb0c3fa9e195093c16139f76
0680e2ccd7f421c70b1b77c99320a983931ec3f97d01a3f85349db860afe1eb1
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
quad9 Sinkholed
GET /wp-content/SUPPORT/css/33986123.css HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:14:58 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 12
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caUdwmPDPYzPGMbtvnKl7d5xjomT8CU3Cz5GBnaJfpxhtAnKVbjXoUQhDY76X%2FnmZhWyJHhL60l6cD%2B1pKWVBYuf%2Fb%2F6voGny1utS%2BFfyX39qIXk0VfpTWeeUjw%2BOVQ2buU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca1e9beb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg
188.114.97.1200 OK 326 B URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (587), with no line terminators
Hash 1f8dbae85d1e9cf1bde39d6d577ad19b
7ee48d53128e1e1f0782d1268625c93148dc0570
46b2e2943addac2cc6d146e55fd68f12320b78046c370ddd5e79523871e40a07
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-homepage-icons-get_app_interstitial_lock-CSX6d401b45.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 12
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjOoXWTdZdRH7BcXWoOdad72kguDdWWDDDGQOnUOqEcM%2BPDbrVWDWSE4gilMVDR5NWeb8oxVy1ABtsjyDPuWXyrWJaAgrcOh2%2BOek1prACOuRFA9dtLOmDjKjjZ9U1QrpuM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca219d7b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
188.114.97.1200 OK 1.6 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 957e65c1cb1404b6626b248c250c2dcf
b9cca4ff830bced147b46d4a00be8b313ce8ebfc
ff7558a49769db1e02804c53c8bb12cadb86ad404ac851f2e371acd491bb2d1c
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-global-logos-bac-logo-v2-CSX3648cbbb.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 12
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WrqnCtq7gFboDMxXNfNXr4cdC1oj%2FsDESsZHAjzqh6W%2B4qPDCesxXo09khke1%2F7JmyorVfB4Up6PBk4ZiP2e795n238SnbEpkJvOZW8HdsYkHkbVqvqwHouawgoHl9iAuE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca21b59b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg
188.114.97.1200 OK 14 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash cb01b9971078a94c001a5e8d8efd0663
3719795367f485a55df99cfd8120f61d2fe2b2f1
cf3476b27209533771c12174c74cec55dfaff56df302afb681553c1a4aebeb4b
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-homepage-icons-get_app_interstitial_icon-CSXbef49635.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 12
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIkE0KDg9ysrgG9f7E1SWB8fVcXfDo9f6Xb4Vvtp8mLbVUNPfAV4BRbiaN6lWimMTp4S2bN7We81qrcQYMQmquhsMafNDDO%2BZj2jJNIF4JwR8u%2BfTtOyzuBFlbhLmVNVJeI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca21c990afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg
188.114.97.1200 OK 2.9 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7318), with no line terminators
Hash 78c040fb1acb8a6a6a8e13251ec756b7
6f29f7bcc9e41824057afb2c0cd700008dee69b5
256940f26abbdbbb5f77a557f6c8ff978be8ef2dcbf081d2534462c8d4358ce4
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-global-get-app-modal-Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917-CSXd8fd3663.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 10
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9nR2W3N%2F0xagu8zjR%2FA1YyukT%2BzynVMV5C60kgGmpNyuPemJRXymp4xZPYevr7EmXTgQCe%2FqiSs8%2FL4fzIViGcHPqpdDR5d0VPBTMUUK7d4L1nuNexF9JFFsH6TB1k5ZN8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca29a20b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg
188.114.97.1200 OK 1.8 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4993), with no line terminators
Hash 270d5cdc4e024caf808d623896f7f309
bceec16ecd0ea74d04d5c3c7792c54a5bd9f18da
4f3644555d5f7171a16de260986da3253db12b28823fa782190f76b0227b547f
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-global-get-app-modal-google-play-badge-CSX89f9024.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 11
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X91hKngoJ%2BfmVxZn8QrNT0yHUBUHxL4Me7kndmnU16jjn76FJwynWWkjVwqgKVjNGgSuj38tBCALK4GZh4auQ6vGNtv4pIGq41kjKIPxcWHSF8RPTQh6gwv9LTqVuFxU1y4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca29ccb0afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 76e9128d82e006b6a3d50252e825ecd9
71ddeaf1807213437596a0d5e34fecc2d9b0c0ed
43754aa3349cbe5294600266c40c3cf1e2faf05db2762f394e99d8423475612c
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "43754AA3349CBE5294600266C40C3CF1E2FAF05DB2762F394E99D8423475612C"
Last-Modified: Sun, 29 Jan 2023 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Mon, 30 Jan 2023 01:54:28 GMT
Date: Mon, 30 Jan 2023 00:54:32 GMT
Connection: keep-alive
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg
188.114.97.1200 OK 581 B URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1191), with no line terminators
Hash a43589c7d1164b1cf7591dd5a01102b7
a41f65df9d9100b12b72e6ea226846d4fc44e417
148c8303d820c5766bf2f00feac56773b394a9b8cb9ee2ac1344bbce65f0e2e6
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-homepage-icons-calendar-CSXef62d939.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:22 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 12
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhL5CXWNAbQP%2BYTCiIN6G8ktJk2jz2mdatS32F2UnpzVrWf5mf%2B9z9UEjQeUsBvUnur0tx3qvwP%2FyhkK15I7lBj9ogQIg8U7R6yYGBB52GdKA3l%2F%2FC8K0GewQ69gxnmBDCI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca3aac6b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg
188.114.97.1200 OK 2.2 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2727)
Hash 8c1dbf8cd7a5f1c8d1f671cc13edb413
b7de75dd763c92bb982d580798033431ec036409
d555c8c204cc633956ff5d338aa3d7ab7a583b911de7addc4a9d4a12bcab7c97
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-homepage-logos-new_merrill_desktop_logo-CSX5347e4ce.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 11
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caoa%2BysE%2BD2Lc5MnnAiWPeonYd7X9yIm3xMxosos%2BtrtT012zQPrgjayReZYl0HMzBHm4ztmJ6fTzDkWUEJWKoVsNM%2FgN6%2Fr5hgy079pnjNGRzeKCrF3oPCIX5L3xl7%2BZf8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca3ad280afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff2
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff2
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff2 HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F6FC)
set-cookie: TS01794157=01b13351547171d1f190cc4b3e3d4803e942439f2428f2a8a497e9a92a77cf5c4a1048cbc1232353634ee60146a43af38011770473; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSIEVyT-4S-9XrvQUGQAAAJo
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-offers-ME_Batch1_Gen_L1_Tile_243x105.webp
192.229.233.230200 OK 728 B URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/images/assets-images-site-hp-assets-offers-ME_Batch1_Gen_L1_Tile_243x105.webp
IP 192.229.233.230:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 243x105, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df9f3bf8aa5865301323a569fe62fbe7
93bb04e936f1a56defb6e7bc88e08d24815f5f39
5314ce08621ae1844b4ef0c672d68effcb3ade4009909fdf835c97166fda7500
GET /homepage/spa-assets/images/assets-images-site-hp-assets-offers-ME_Batch1_Gen_L1_Tile_243x105.webp HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 270163
cache-control: max-age=26920000, public
content-type: application/octet-stream
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "2d8-55f85f12b7740"
expires: Mon, 30 Jan 2023 00:54:33 GMT
last-modified: Mon, 04 Dec 2017 16:09:25 GMT
server: ECS (ska/F710)
strict-transport-security: max-age=31536000
x-boa-requestid: Y9L19VrMJk0N0a32DBldLAAAADY
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 728
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 00:41:41 GMT
age: 771
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.woff HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F71A)
set-cookie: TS01794157=012fb9decc662af0db1e964411833106713509eadd75c8f0ae387e55738ac2a1cf9da7095a4874187d4caca67a813b17ba3778e671; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSLmyWTz_TG5OoSB5KgAAAHc
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png
188.114.97.1200 OK 4.1 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png
IP 188.114.97.1:0
File type PNG image data, 522 x 31, 8-bit/color RGB, non-interlaced\012- data
Hash 8e1041b5b2d8242c565725caf3adc033
96d3d32bc0b0f07acd69046e655ceeb05c5444ea
6d7ac293ab6a5f1f5bddc8d4e59602950fbfa5434d1b50e1a840eab9dd6b4b7c
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-homepage-sign-in-module-hp-url-example-CSX3e076ebf.png HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/png
Content-Length: 4102
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:17:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 11
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WJG8s3h90QpAoU%2BUwPAlJyMcAFCrGK9LhgIz%2Fqbu1GKDR4S2VGsMGqGN0U7MiQOjzUwxb2hc8rCYwiGiE3rNuKd0dVZa9Aacmozs0dptKgdik983BaYaj7DVEQ5TePQtGg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca4cb53b4f7-OSL
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/jdpower.png
188.114.97.1200 OK 20 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/jdpower.png
IP 188.114.97.1:0
File type PNG image data, 100 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 9dc77c0ad5d86af8bc0ce8534df119f9
8f613dafde65e48b79f591abb9cd17f3674488b4
63b36fc2d96a85f37d1b05907fc5274ffc0a4c43224abd457d74ec847d6208e6
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
quad9 Sinkholed
GET /wp-content/SUPPORT/images/jdpower.png HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/png
Content-Length: 19535
Connection: keep-alive
Last-Modified: Fri, 17 Jul 2020 07:25:56 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 11
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xt9uNDlmLFBOVVepUVpNI7Z3P91%2BXuzv2WtU4vN0nuIuBf%2FwzS2rQa5e4BtQe3MJrpDAPePsAk0QzHLyICKNQCzXEefrIzSDr2VtDGBi01OneQrhONlpRK7lGd%2Fwdv4z9xY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca4cd7c0afe-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2187
Expires: Mon, 30 Jan 2023 01:30:59 GMT
Date: Mon, 30 Jan 2023 00:54:32 GMT
Connection: keep-alive
www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-tr2_arllmbb5-e.webp
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-tr2_arllmbb5-e.webp
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-tr2_arllmbb5-e.webp HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F713)
set-cookie: TS01794157=013d7705658827ac70dc6cf2b6af82994edda1facd2aac08218a97e8a5349f578f72899f6126b22481df5cbcf96deb1e81624d0d62; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSLWwdEOlGHWFxVzwSAAAAUo
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-cr2_arllmbb5-e.webp
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-cr2_arllmbb5-e.webp
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-cr2_arllmbb5-e.webp HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F70B)
set-cookie: TS01794157=01c9d1a3a058094ca41c7368389337faeff2edfa2b0c11a25869ba59289fdf2beb2c62e2dc16a3f2f099af125fb65a3f29a5545ec1; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSIHmIMQdW_owopC1MwAAATQ
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.woff2
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.woff2
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.woff2 HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F713)
set-cookie: TS01794157=013d7705650d20ccd04a634f598155a1d99ce22d4244a7c575d4b5cc691906ccfbd3426d3f1eea99c092268b62461ee016a879a90b; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSLWwdEOlGHWFxVzwSQAAASU
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-nr2_arllmbb5-e.webp
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-nr2_arllmbb5-e.webp
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-nr2_arllmbb5-e.webp HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F71D)
set-cookie: TS01794157=012ef7d6422ee3ce3f7351dee0c77b3e769813f7dd1a671160cca10baeabfc21341e2f2ea1a0a6582abbd50b971ce8f9a819355ff8; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSG3XRYENqzaGP85DzAAAADs
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-pr2_arllmbb5-e.webp
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-pr2_arllmbb5-e.webp
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /hp-assets/spa-assets/images/assets-images-site-hp-assets-mastheads-consumer-cards-en-4-card-pr2_arllmbb5-e.webp HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F708)
set-cookie: TS01794157=01f400e1124dd5aaee20797f3aabeb17e875a2b00094ffc4b041fe80081870a1bff2c1453d343f71fca22d12f7806225c74b87279b; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSB1USj-g8a-Q_Jbg9wAAAI0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
188.114.97.1200 OK 88 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (63839)
Hash 3f8acdee75d2f6d3e82ade3258393a10
aa8f5127a9dfc7a2e26545cff0fd6f70467db778
cee72b70648da974b6551c561aab1456a1782746ba90bb9e6c21426b5add2612
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017
GET /wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P8m2NifXpjFWd2uXMJzlTnvpnzOFXrQ%2FMqw5JdW3xTU46KOO9d1hc%2FdauiQjpSWpR9NpyF2qYDz0ZmD2AGu9nV6N601BZUQd7Mra6XooVr2xdoiXRwd7P9hDpwjEpjS54k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79163c9e0979b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-hp-assets-highlights-consumer-other-en-hl_ntb-03_icon_arp7dcrm_e.svg
188.114.97.1200 OK 548 B URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-hp-assets-highlights-consumer-other-en-hl_ntb-03_icon_arp7dcrm_e.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (777)
Hash 17936c5d3d0f8035e6b452c5ffc353d3
96d686a6d8ed696f23676f7121c57ba9f7d7fd05
673a4e296673d1a91b593eebde7d3f29e12d00e713fd6962e44624162d46472c
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-hp-assets-highlights-consumer-other-en-hl_ntb-03_icon_arp7dcrm_e.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 17 Jul 2020 07:27:36 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 11
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvMl1wionOqMBbs%2Fh%2BMtblQTtbhxALPANtutmbP%2Bx7j%2F%2BcDEAXa%2BVBi9pkJ%2F76iDuqQ%2FP2GWmcjR9QdjZAthYgZJLoLdUpeuTumbl2S6lSDiA%2B6tY%2BYTYDl7ELUbiS0ZwRk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca59badb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-hp-assets-highlights-consumer-merrill-en-merrill_rebrand_logo1.svg
188.114.97.1200 OK 3.7 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/assets-images-site-hp-assets-highlights-consumer-merrill-en-merrill_rebrand_logo1.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (7267)
Hash 0e12e6f3db32cde706413186a8f20b72
26282a5be57fbda570f18be90da1d5b85ad16fb0
2efeaef5d517c1c2c64c139ac81d48f6d8f9f381e1dcd8e9538ac869dc895fa9
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/assets-images-site-hp-assets-highlights-consumer-merrill-en-merrill_rebrand_logo1.svg HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 07:23:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 11
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBG2VrGVF%2BfiovPEoMZbCSxJ1vALGHT%2BijxZVVYhxd26d0qiDwikax%2F%2B6mAoi0Vc0bGwILYksYnMioLgQegYr6CTnQKR5MevnjuqJakv6tX7hyUlLzRl%2FnA10FSz40pXeH8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca59db50afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.ttf
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.ttf
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-regular/cnx-regular.ttf HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F709)
set-cookie: TS01794157=01c9d1a3a048e8e81e9b8606b7572301f053c2227d7f6a43af07c08cc2f237a2c4ca6f5d19d33bc4ae232efeace93d81d1073b08ac; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSD2s4DHB4BSoamqhtgAAAWQ
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff2
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff2
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff2 HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F71D)
set-cookie: TS01794157=01f400e11254d7009c2792bc2be4e8f7e83203c7f756a8f6525591091f8a1780547170dcf1e93ca638c9042bf82a80f077e76c110e; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSPot9s5k_ZAa-KI4twAAAIo
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.woff
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.woff
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.woff HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F71D)
set-cookie: TS01794157=012fb9decc1713dea01a20479c8eeacf26fe382f2d2331eef81f50470a74e6d4fb266b22ee0a94423caa78c0c37bb5cf5985b1b0d5; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSPTyLSz02Igf2uiyKQAAAAk
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.86.11101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.86.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XNkzPXwo8gpQQTusJfcbvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4MoFqh9u9U/U/RrPvhrQvLOHvjM=
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.woff HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F711)
set-cookie: TS01794157=01c9d1a3a0890da3cbffb4435152eee2af7f660a9fd742dfe9b07c48a73e7b8927eb92812e306fef75ad8f25103bc79eb5441cdd86; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSIHmIMQdW_owopC1NgAAAW0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.ttf
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.ttf
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-light/cnx-light.ttf HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F713)
set-cookie: TS01794157=013d770565272ee9ff594bb070e5b2a8c406b6f4e1b4fe0082838ce6be2765fc7b9dceba644d6098a6d94f5ea09df1936330ca4a4d; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSLWwdEOlGHWFxVzwUwAAAUY
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.ttf
192.229.233.230404 Not Found 5.9 kB URL HTTP/2 www1.bac-assets.com/homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.ttf
IP 192.229.233.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (695)
Hash 6d24258adff1d15be9b869205bdc3103
03d411278bde676bb7132325e61cf8052725e6bf
3619992e8edd7cdcfc5f0326be785065a240f8022a689a905f7abefe7f44b20e
GET /homepage/spa-assets/components/utilities/global/sparta-style-utility/3.1.5/font/cnx-medium/cnx-medium.ttf HTTP/1.1
Host: www1.bac-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ccrsolar.com.br
Connection: keep-alive
Referer: http://ccrsolar.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
cache-control: max-age=31536000, public
content-type: text/html
date: Mon, 30 Jan 2023 00:54:32 GMT
etag: "16fa-5c016c9cca9c0"
expires: Tue, 30 Jan 2024 00:54:32 GMT
last-modified: Fri, 16 Apr 2021 13:16:31 GMT
server: ECS (ska/F718)
set-cookie: TS01794157=012fb9deccff6dc2e44bbf6270925c63159e437cd463349ed9dfa9f14f97b04ee7f69a71d93c208437599e1d9dcb6bd67173225c8f; Path=/; Secure; HTTPOnly
strict-transport-security: max-age=31536000
x-boa-requestid: Y9cVSFFRuNaWDyzq9ycrlgAAAWs
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-length: 5882
X-Firefox-Spdy: h2
ccrsolar.com.br/wp-content/SUPPORT/images/192x192-CSXafb7d716.png
188.114.97.1200 OK 8.4 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/192x192-CSXafb7d716.png
IP 188.114.97.1:0
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced\012- data
Hash 67af3bbd46f9947739538d49395d573d
03a34b0aa432274f88862b27ab109f8e26311e72
b47bfe9d7333188f5b2f8690785ccd966d882c2364a5e4e5ae293e02554ad8d8
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
quad9 Sinkholed
GET /wp-content/SUPPORT/images/192x192-CSXafb7d716.png HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/png
Content-Length: 8354
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:52:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1MeZnbXUzbbNwV1DeR7tms7lPx8wyDdrmE1OUDP2vaivVyvkvQKMBmXrmBX8enzkir8V%2FcWJQkaYtlJLYMWj3dPh4wcxDnoATkPnmvAXkZ1B9ujum0XL6IRgwtqktgEl%2Fo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca81ce7b4f7-OSL
alt-svc: h2=":443"; ma=60
ccrsolar.com.br/wp-content/SUPPORT/images/favicon1.ico
188.114.97.1200 OK 2.3 kB URL HTTP/1.1 ccrsolar.com.br/wp-content/SUPPORT/images/favicon1.ico
IP 188.114.97.1:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 21b7c547097e81b11e9cb7ba132e187a
5ff4b380cdd2ccd8ca07cdb5205489d91ed5d319
24aa9c686a51cadba99967d1a3826fdaa2c351b593dbc445b8e3c9a7a9241c53
Analyzer Verdict Alert urlquery phishing Phishing - Bank of America
urlquery phishing Phishing - Bank of America
fortinet Phishing
quad9 Sinkholed
GET /wp-content/SUPPORT/images/favicon1.ico HTTP/1.1
Host: ccrsolar.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ccrsolar.com.br/wp-content/SUPPORT/loginweb.php?sslmode=true&access_token=Cjwg4ObYqlbxMnJPbsGuBh4erpN42LgF5MVaB791skyeIi3TKKnm2sBuSoyVaPAfCvqdCzf4UOjC6nvR
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:54:32 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 08 Nov 2019 06:54:10 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 9
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgK%2FczVlGwf3KMO7Wy2Qp825A7D%2B%2B2ZlzjrfiddV427HTcH4D5gdHv5UwlaX9sERz%2FtlcJfqi1u8N%2FiaoVIE9ASsOWupJcPVEFptuMuvziSnjYWnBzgCa5EGlGvOababK60%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79163ca81e980afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7412
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7412
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7412
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7412
Expires: Mon, 30 Jan 2023 02:58:06 GMT
Date: Mon, 30 Jan 2023 00:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 9937
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ce4f845d4cdd467b4c82d8fbeb9ae0b
68257cdadb6e13a8f7f5e2354aca225286107a79
243b58df1616fd8b78c11302dbf90c97ecb6a3b289abe5f3439252cdbf304892
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 2b8949c8-5c97-49f5-8784-85daa42adff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4NF1moAMFQ9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e69a-2ab06022306835b013c1e46f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rhWnoHh5bILzb5MAI88JvXr6MGkRKHOT5L10I8VJkjjfN-Iuupva2Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:22 GMT
age: 9312
etag: "68257cdadb6e13a8f7f5e2354aca225286107a79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc62816c-5ae0-4a32-ad19-0aa70ed552c5.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc62816c-5ae0-4a32-ad19-0aa70ed552c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1133381d25a3804d01148f332e4cdd7e
d0d0e9d7e8afbf5a4926c44d9fc9ff94bc276f5a
7dd9a03052e733f3418991f237cae7b9aa5d20c34dd661078199bd85d26a4d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc62816c-5ae0-4a32-ad19-0aa70ed552c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8751
x-amzn-requestid: 28610adf-7206-4dff-9e34-c9441fdaf4b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkGHFixIAMF1jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f3-1de169331c105c35519fd34c;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vpkET9Ym44JpkXbIxIW7hH5afDO2COTnP4_l-65mJeIavP17a2w3FA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 10992
etag: "d0d0e9d7e8afbf5a4926c44d9fc9ff94bc276f5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cd82b56-3d58-4627-91e3-41d3555a724a.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cd82b56-3d58-4627-91e3-41d3555a724a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 753b2e6ed7101000e26612f3f828abc0
14a61823bc47407cde91abc408bbd02ed975e783
fa1f5f03eb56a03e5ccd8f9b3228b6497ddbf889f59cba7b44c258c212165cf7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cd82b56-3d58-4627-91e3-41d3555a724a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5732
x-amzn-requestid: 060af694-0cee-440e-b201-95c1fc663d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhk01Gr2oAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e81e-64563e8b163fbe585ed4e909;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2hvmB3KdFIhxA4JfJoQR700qhvegiGoNVT55iBBycyY3q26L7TxxHQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:39:40 GMT
age: 8094
etag: "14a61823bc47407cde91abc408bbd02ed975e783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 26318
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:52 GMT
age: 10482
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2