Report - www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a

Report Overview

Visited public
2025-02-09 10:17:34
Tags
URL
www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Finishing URL
www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
IP / ASN
192.124.249.7
#30148 SUCURI-SEC
Title
Page not found - Gregg Engineering

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.greggeng.com	unknown	2008-11-10	2014-03-04	2025-02-08	14 kB	1.4 MB	192.124.249.7
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-02-05	534 B	49 kB	142.250.178.99
s3-us-west-2.amazonaws.com	unknown	2005-08-18	2017-01-29	2025-02-06	1.0 kB	2.0 kB	52.92.165.96
www.trustedsite.com	15448	2004-06-07	2017-01-30	2025-02-05	1.1 kB	1.7 kB	52.34.253.176
classify-client.services.mozilla.com	3824	1994-10-18	2019-01-09	2025-02-05	369 B	385 B	35.190.72.216
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-02-05	458 B	7.6 kB	142.250.178.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-02-09 10:17:03	high	Client IP	192.124.249.7	ET PHISHING Generic Phishkit Activity (GET)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135	ScriptElement	7 B	2024-02-06	2025-03-23
Pretty URL www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135 IP 52.34.253.176 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 06:48 Last Seen2025-03-23 02:07 Times Seen156 Hash 940794aa38c23e323e67b7cea2452edf a9246483d4835d33f38e6ab90e20f6b2dc51d4e5 d57dbac41dda3a82ceea920b06ed94de0bb8f5a3a18176fa481350c2389df0e2 Loading...

	www.greggeng.com/wp-includes/js/jquery/jquery.min.js	ScriptElement	88 kB	2023-11-03	2025-03-28
Pretty URL www.greggeng.com/wp-includes/js/jquery/jquery.min.js IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-03-28 06:05 Times Seen82117 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a	ScriptElement	117 B	2025-02-08	2025-02-10
Pretty URL www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-08 11:54 Last Seen2025-02-10 09:10 Times Seen18 Hash 2247ecf3397015da8a3976bd965f5ff3 ee80dd4ab482d2d51f2b53fbbc4a4a0a19c86577 cf2a93ae659b5715576bbbd62805fe239ff955b88524c542ec715ed0ad4af1ab Loading...

	www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a	ScriptElement	2.1 kB	2023-03-09	2025-03-17
Pretty URL www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 12:24 Last Seen2025-03-17 22:03 Times Seen98 Hash 39160fab471bdb1db5087e10e9d93f42 6836c57e2dbf037f8813d3480921d390bf141803 111322d9bd38784078972783b6213f2a7568cfb4a0e8a55b3ba9439baf2a6a12 Loading...

	www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a	ScriptElement	1.5 kB	2023-03-07	2025-03-27
Pretty URL www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:39 Last Seen2025-03-27 08:03 Times Seen462 Hash 72f219410c53265d29384f73ff2987a7 a4126fe45e40655c52b5287471254649391dfc58 3149047035d771f9d0c90fdd09cea27f90319c441aa1c5d2cbb5249d61d164dc Loading...

	www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a	ScriptElement	207 B	2025-02-08	2025-02-10
Pretty URL www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-08 11:54 Last Seen2025-02-10 09:10 Times Seen18 Hash e293a23b0d5151f0989640ca891ed7f9 e2d0d1f877677f6b7434b50a98b8bbeea3cf58f2 8c11b2ed06e72ad8f57f507c396b0e86bc3673ac25ddac93fc83048b61ace525 Loading...

	www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-69fee4dfb0d2f1dae7a4a3f7ba62b6eb.js	ScriptElement	741 kB	2025-02-08	2025-02-10
Pretty URL www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-69fee4dfb0d2f1dae7a4a3f7ba62b6eb.js IP 192.124.249.7 ASN #30148 SUCURI-SEC Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-08 11:54 Last Seen2025-02-10 09:10 Times Seen18 Hash 80ea5ee20e5c2b9073eb8830bd22ca6a 86b82aea02a7198aed556e915132e5ec0b9a3ca1 8989f054484f1d6b06fe4fd6d1fded5fb82d2cb84e9ffdd75f0736198f4a097a Loading...

HTTP Transactions (27)

URL IP Response Size

www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a

192.124.249.7

301 Moved Permanently

461 B

URL User Request GET HTTP/2
www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
HTML document, ASCII text, with very long lines (303)
Size
461 B (461 bytes)
Hash
1d1cfbc612306f6ad0839a142b089817
c41ff6fa6f4bccac118c9320818dd3019d4046e2
bdc440a7e9ec649f32a407b4391976ca31a113268c62ea42b33473d0e5042d4b

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sun, 09 Feb 2025 10:17:03 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 461
Connection: keep-alive
X-Sucuri-ID: 19007
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0301 NC:000000 UP:
Server: Sucuri/Cloudproxy
X-Sucuri-Cache: MISS
Alt-Svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000

192.124.249.7

404 Not Found

16 kB

URL User Request GET HTTP/2
www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
HTML document, ASCII text, with very long lines (17549)
Size
16 kB (15954 bytes)
Hash
6bf4543d05cf0e029bec2f78262322ce
d27ec06935beed104343390684f8df78ff260c04
46788d216e8ebaf457b807c3b09611fdd72cfc4290838c0eb6a805af73bcde0e

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sun, 09 Feb 2025 10:17:02 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-cache-enabled: True
link: <https://www.greggeng.com/wp-json/>; rel="https://api.w.org/"
x-et-api-version: v1
x-et-api-root: https://www.greggeng.com/wp-json/tribe/tickets/v1/
x-et-api-origin: https://www.greggeng.com
x-tec-api-version: v1
x-tec-api-root: https://www.greggeng.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.greggeng.com
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css

192.124.249.7

200 OK

40 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (65358)
Size
40 kB (39647 bytes)
Hash
4c348dcc9f75f14af534ec81462f9d74
ab03af7512bb03004317bc5ba49e3776c52c5402
e97075bd70ab8a70cc576b5d90bd13a3e715313272cec401c9342f4665a4c353

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 06 Jun 2023 20:40:50 GMT
vary: Accept-Encoding
etag: W/"647f99d2-70f6e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/tablepress/css/build/tablepress-default.min.css

192.124.249.7

200 OK

4.4 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/tablepress/css/build/tablepress-default.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (6138), with no line terminators
Size
4.4 kB (4363 bytes)
Hash
149a378eab1c29752ce64e1b35777a6f
f418c7bd266aece0ab6cc699b26710068aae7371
edbaaf6e7fd2789475501d342908182f6d33d55795437cb4b96d0cd629dc7f95

HTTP Headers

GET /wp-content/plugins/tablepress/css/build/tablepress-default.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 17 Jul 2024 02:16:27 GMT
vary: Accept-Encoding
etag: W/"6697297b-17fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/framework/public/css/vendor/font-awesome.min.css

192.124.249.7

200 OK

161 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/framework/public/css/vendor/font-awesome.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (648), with CRLF line terminators
Size
161 kB (160983 bytes)
Hash
9b44bbc6b6531ea7c6aca9b98c355cf7
07d4bf9ae5cad1626c60627e46b40fd97b2b86ea
8d6b157f6513244ac6f8db9af5615c9954f58d6c42dbf742dc9c1ba6d166a1ac

HTTP Headers

GET /wp-content/themes/logistic/framework/public/css/vendor/font-awesome.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
vary: Accept-Encoding
etag: W/"64e62e9e-483f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

192.124.249.7

404 Not Found

68 kB

URL User Request GET HTTP/2
www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
HTML document, ASCII text, with very long lines (17549)
Size
68 kB (67511 bytes)
Hash
6bf4543d05cf0e029bec2f78262322ce
d27ec06935beed104343390684f8df78ff260c04
46788d216e8ebaf457b807c3b09611fdd72cfc4290838c0eb6a805af73bcde0e

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Generic Phishkit Activity (GET)

HTTP Headers

GET /language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Sun, 09 Feb 2025 10:17:03 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-cache-enabled: True
link: <https://www.greggeng.com/wp-json/>; rel="https://api.w.org/"
x-et-api-version: v1
x-et-api-root: https://www.greggeng.com/wp-json/tribe/tickets/v1/
x-et-api-origin: https://www.greggeng.com
x-tec-api-version: v1
x-tec-api-root: https://www.greggeng.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.greggeng.com
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: MISS
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

142.250.178.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:57:FE:D4:36:DB:03:15:19:B1:2C:50:42:64:6E:D7:C2:32:4F:B6
ValidityMon, 20 Jan 2025 08:37:07 GMT - Mon, 14 Apr 2025 08:37:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48336, version 1.0
Size
48 kB (48336 bytes)
Hash
bfe7ad4aa54cff8909b2d7632073cc30
7c2e625bea4d449ca78cde09ab59dc6c9cb4726f
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

HTTP Headers

GET /s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Feb 2025 13:01:54 GMT
expires: Tue, 03 Feb 2026 13:01:54 GMT
cache-control: public, max-age=31536000
age: 508510
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/mailchimp-for-wp/assets/css/mc4wp-form-basic.min.css

192.124.249.7

200 OK

34 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/mailchimp-for-wp/assets/css/mc4wp-form-basic.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (1620), with no line terminators
Size
34 kB (33758 bytes)
Hash
df5776c61614c2df2b8ca2698fcafcb0
6fb320fbcc3ae3f5a76560a6c29d4ddd4f224303
90bed464813fbd721e4991e83fe323e763f91294f98018462c2698d16e60ae5f

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/css/mc4wp-form-basic.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 17 Jul 2024 02:16:25 GMT
vary: Accept-Encoding
etag: W/"66972979-654"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-192x192.png

192.124.249.7

200 OK

12 kB

URL GET HTTP/3
www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-192x192.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
12 kB (12188 bytes)
Hash
1e1e38579456e0d9882ea97deb091b9f
905fa9154d0a5b69c378657f7a2fbeab2670e649
6014ef412e2c2a33d37274cda081cc2fdffcb2fbeb7f251ce7b622737127480e

HTTP Headers

GET /wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-192x192.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: image/png
content-length: 12188
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 22 Sep 2018 14:14:00 GMT
etag: "5ba64e28-2f9c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
accept-ranges: bytes

www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-32x32.png

192.124.249.7

200 OK

946 B

URL GET HTTP/3
www.greggeng.com/wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-32x32.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
946 B (946 bytes)
Hash
9e15330e71041048e816e93744ca23d1
34c82c866e65b8862771cdb49cdf772997903db1
dec425a4b603bb514a4eb3feafc7798149fb58ca590271b460d49673570e8a16

HTTP Headers

GET /wp-content/uploads/2018/09/cropped-Gregg-Engineering-Logo-Extended-Square-1-32x32.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: image/png
content-length: 946
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 22 Sep 2018 14:14:00 GMT
etag: "5ba64e28-3b2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
accept-ranges: bytes

www.greggeng.com/wp-content/themes/logistic/images/assets/gradient.png

192.124.249.7

200 OK

2.6 kB

URL GET HTTP/3
www.greggeng.com/wp-content/themes/logistic/images/assets/gradient.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
PNG image data, 7 x 528, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2632 bytes)
Hash
e307a5ece20d8270bb61c716c7e3d441
97ca8d7d9a96aac40061093b25e1c91ec132a542
e11154fa0d604ef244046d94d890d215d6831e97720e3f55a8ed4294422cf746

HTTP Headers

GET /wp-content/themes/logistic/images/assets/gradient.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: image/png
content-length: 2632
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
etag: "64e62e9e-a48"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
accept-ranges: bytes

s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsmain

52.92.165.96

200 OK

152 B

URL GET HTTP/1.1
s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsmain
IP
52.92.165.96:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerAmazon
Subject*.s3-us-west-2.amazonaws.com
FingerprintB6:E6:3D:EE:A2:8A:3E:69:55:D7:F5:40:CB:BB:9D:A9:DB:F6:4C:F1
ValidityTue, 14 Jan 2025 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT

File type
JSON text data
Size
152 B (152 bytes)
Hash
6dbce1ca74c14acb35b4e8b20c876544
68d1918b601e438b28a5406ccb66219243e9efb6
65d686480f812d18be2fe981089c86a5f401b3d95afbe23d24208a7a19df4fed

HTTP Headers

GET /mfesecure-public/host/greggeng.com/client.json?source=jsmain HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: FDGrF1b1WX62PEupiGf80j+k8DO3qlqeFselJUY5hNWrzMUy1pGELIcTCynRzDFhXuSApAreEdM=
x-amz-request-id: RH6PD94VF6FBR683
Date: Sun, 09 Feb 2025 10:17:05 GMT
Access-Control-Allow-Origin: https://www.greggeng.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 03 Feb 2025 12:01:10 GMT
ETag: "949cd0b74ec673ddd9233f8044bc2a63"
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: BXmcAYq2.1yuz2e0jgOWtGKcvpVvNvXU
Accept-Ranges: bytes
Content-Type: application/json
Content-Length: 152
Server: AmazonS3

www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-69fee4dfb0d2f1dae7a4a3f7ba62b6eb.js

192.124.249.7

200 OK

208 kB

URL GET HTTP/2
www.greggeng.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-69fee4dfb0d2f1dae7a4a3f7ba62b6eb.js
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
JavaScript source, ASCII text, with very long lines (21576), with CRLF, LF line terminators
Size
208 kB (208035 bytes)
Hash
80ea5ee20e5c2b9073eb8830bd22ca6a
86b82aea02a7198aed556e915132e5ec0b9a3ca1
8989f054484f1d6b06fe4fd6d1fded5fb82d2cb84e9ffdd75f0736198f4a097a

HTTP Headers

GET /wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-69fee4dfb0d2f1dae7a4a3f7ba62b6eb.js HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: application/javascript
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 06 Sep 2024 19:40:29 GMT
vary: Accept-Encoding
etag: W/"66db5aad-b4fcc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135

52.34.253.176

302 Found

131 B

URL GET HTTP/2
www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135
IP
52.34.253.176:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerAmazon
Subject*.trustedsite.com
Fingerprint9B:F4:3E:B1:50:DB:BB:F9:F2:81:C7:D2:F9:19:1B:6F:35:93:21:B5
ValidityWed, 11 Dec 2024 00:00:00 GMT - Thu, 08 Jan 2026 23:59:59 GMT

File type
HTML document, ASCII text
Size
131 B (131 bytes)
Hash
7b4c018673c2efa37b96ef3fe9311f1f
062baadfbc1cc8114ca0a15e2b0b9436eb76a0cd
4494d7c8fa2d7ab3167affe22ecf6adcd8d56910dffd3ab5abb033344d84be79

HTTP Headers

GET /rpc/tmjs/greggeng.com/visit?rand=1739096225135 HTTP/1.1
Host: www.trustedsite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 09 Feb 2025 10:17:05 GMT
content-type: text/html; charset=utf-8
content-length: 131
location: https://www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135&hash=1739096225780
set-cookie: AWSALB=S2G3l62ASZ6SUsTyis1fp+vOkBU7MXEBIXJuAEGpZd8VCy2olTluq3EpM+vTq/DwqEknOuTDtm3zSEtL6tavh1J4R/83xKOompZidO5OC9e1OQ24YcKcLx0ZtsM3; Expires=Sun, 16 Feb 2025 10:17:05 GMT; Path=/
AWSALBCORS=S2G3l62ASZ6SUsTyis1fp+vOkBU7MXEBIXJuAEGpZd8VCy2olTluq3EpM+vTq/DwqEknOuTDtm3zSEtL6tavh1J4R/83xKOompZidO5OC9e1OQ24YcKcLx0ZtsM3; Expires=Sun, 16 Feb 2025 10:17:05 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135&hash=1739096225780

52.34.253.176

200 OK

27 B

URL GET HTTP/2
www.trustedsite.com/rpc/tmjs/greggeng.com/visit?rand=1739096225135&hash=1739096225780
IP
52.34.253.176:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerAmazon
Subject*.trustedsite.com
Fingerprint9B:F4:3E:B1:50:DB:BB:F9:F2:81:C7:D2:F9:19:1B:6F:35:93:21:B5
ValidityWed, 11 Dec 2024 00:00:00 GMT - Thu, 08 Jan 2026 23:59:59 GMT

File type
ASCII text
Size
27 B (27 bytes)
Hash
940794aa38c23e323e67b7cea2452edf
a9246483d4835d33f38e6ab90e20f6b2dc51d4e5
d57dbac41dda3a82ceea920b06ed94de0bb8f5a3a18176fa481350c2389df0e2

HTTP Headers

GET /rpc/tmjs/greggeng.com/visit?rand=1739096225135&hash=1739096225780 HTTP/1.1
Host: www.trustedsite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.greggeng.com/
DNT: 1
Connection: keep-alive
Cookie: AWSALBCORS=S2G3l62ASZ6SUsTyis1fp+vOkBU7MXEBIXJuAEGpZd8VCy2olTluq3EpM+vTq/DwqEknOuTDtm3zSEtL6tavh1J4R/83xKOompZidO5OC9e1OQ24YcKcLx0ZtsM3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:05 GMT
content-type: text/javascript; charset=utf-8
content-length: 27
set-cookie: AWSALB=XW+iv98rZsEQqqikx51jm11kWZsS3vGhQSbzCp6FZ2DzJvpCYOnH8jWPHJfMaPlP4m/G7e0SMHpBdjB6pQ6ot7fE7ra7nLTWWd0M00o6QPcDTYI0oh6EcVebeSTA; Expires=Sun, 16 Feb 2025 10:17:05 GMT; Path=/
AWSALBCORS=XW+iv98rZsEQqqikx51jm11kWZsS3vGhQSbzCp6FZ2DzJvpCYOnH8jWPHJfMaPlP4m/G7e0SMHpBdjB6pQ6ot7fE7ra7nLTWWd0M00o6QPcDTYI0oh6EcVebeSTA; Expires=Sun, 16 Feb 2025 10:17:05 GMT; Path=/; SameSite=None; Secure
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/plugins/revslider/public/assets/css/rs6.css

192.124.249.7

200 OK

12 kB

URL GET HTTP/2
www.greggeng.com/wp-content/plugins/revslider/public/assets/css/rs6.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (12602)
Size
12 kB (12454 bytes)
Hash
094ecbb344f63a3ae1bf64fe29d87c7d
4811fbb7511a15d5802978079d8ff4f911484a5e
95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 18 Sep 2023 20:37:17 GMT
vary: Accept-Encoding
etag: W/"6508b4fd-e394"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

classify-client.services.mozilla.com/api/v1/classify_client/

35.190.72.216

200 OK

64 B

URL
classify-client.services.mozilla.com/api/v1/classify_client/
IP
35.190.72.216:0
ASN
#15169 GOOGLE

File type
JSON text data
Size
64 B (64 bytes)
Hash
a17c6e489b81c6d9a33d8e8f0a9851d5
77d0b49ae16743543dbfff591436dbbd32d3aaba
c6b5cc098e078e50f283d7135349222ea6eaa2530c7a5570d68957e28069a4ac

HTTP Headers

GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 09 Feb 2025 10:17:30 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/css/animsition.min.css

192.124.249.7

200 OK

28 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/css/animsition.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (27294), with CRLF line terminators
Size
28 kB (27496 bytes)
Hash
6c2a9082faafdec3ad5941fca8bd2b3d
97154261f50253508bb5c2b8664f68d03e782782
3133b44e84355fbf9bf2231688e6a308ef8020411fb8b35bb4495bd0694921ec

HTTP Headers

GET /wp-content/themes/logistic/css/animsition.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
vary: Accept-Encoding
etag: W/"64e62e9e-6b68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Raleway:300,400,600,700

142.250.178.42

200 OK

6.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Raleway:300,400,600,700
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT

File type
ASCII text, with very long lines (7068), with no line terminators
Size
6.9 kB (6908 bytes)
Hash
0e737f2d47f40b00dc3e0d631ac748ca
21bd137f4995a7f7b4ca05c6b67b5f58da623301
7c1d4ef9cdc0b006dfa2fc89ce89d1e97b67f83c80b6e7330bcb6baefc826d0b

HTTP Headers

GET /css?family=Raleway:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Feb 2025 10:17:04 GMT
date: Sun, 09 Feb 2025 10:17:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsinline

52.92.165.96

200 OK

170 B

URL GET HTTP/1.1
s3-us-west-2.amazonaws.com/mfesecure-public/host/greggeng.com/client.json?source=jsinline
IP
52.92.165.96:443
ASN
#16509 AMAZON-02

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerAmazon
Subject*.s3-us-west-2.amazonaws.com
FingerprintB6:E6:3D:EE:A2:8A:3E:69:55:D7:F5:40:CB:BB:9D:A9:DB:F6:4C:F1
ValidityTue, 14 Jan 2025 00:00:00 GMT - Wed, 07 Jan 2026 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
88e24afcecb20c329d1b29566b824544
0a406d2995f61d160deebfa2ec803c918f95fa5e
5bf5c300d1501debbc333c0a5e6ff40ab247a5ff076502f9622639c6193b3581

HTTP Headers

GET /mfesecure-public/host/greggeng.com/client.json?source=jsinline HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.greggeng.com
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: RUUWEj7W0wlmYCxfW48rIyGfhAkdybccTZMKigurBgE+XkvHXK+acsXMlZFpSgJv43cSPsbUreU=
x-amz-request-id: N80RGRYE1SPFXMPG
Date: Sun, 09 Feb 2025 10:17:06 GMT
Access-Control-Allow-Origin: https://www.greggeng.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 03 Feb 2025 12:01:10 GMT
ETag: "949cd0b74ec673ddd9233f8044bc2a63"
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: BXmcAYq2.1yuz2e0jgOWtGKcvpVvNvXU
Accept-Ranges: bytes
Content-Type: application/json
Content-Length: 152
Server: AmazonS3

www.greggeng.com/wp-content/themes/logistic/scripts/fancybox/fancybox.min.css

192.124.249.7

200 OK

3.2 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/scripts/fancybox/fancybox.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (3237), with no line terminators
Size
3.2 kB (3237 bytes)
Hash
92150a62af03af3e7a1477ee9b08472e
a512c7bde9e968c50f334fdf36c5b118d2c46c7e
db37257af241497ac401a43aec5cd5ebe6fde398a965aee58279c71832abf423

HTTP Headers

GET /wp-content/themes/logistic/scripts/fancybox/fancybox.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
vary: Accept-Encoding
etag: W/"64e62e9e-ca5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/images/assets/trees2.png

192.124.249.7

200 OK

264 kB

URL GET HTTP/3
www.greggeng.com/wp-content/themes/logistic/images/assets/trees2.png
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
PNG image data, 1920 x 457, 8-bit/color RGBA, non-interlaced
Size
264 kB (263686 bytes)
Hash
b717fd4fe5e44d3a27fe6e0b012e00ea
6f2c923b70f654de8e8dc41c78e2b33b9ed23651
a40309268f6a5a990170a0ce819c1c7b87d8c0ff36c84e10c85be7594fdfd32f

HTTP Headers

GET /wp-content/themes/logistic/images/assets/trees2.png HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/wp-content/themes/logistic/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: image/png
content-length: 263686
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
etag: "64e62e9e-40606"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
accept-ranges: bytes

www.greggeng.com/wp-content/themes/logistic/font/ozy/fonts/ozythemes.woff

192.124.249.7

200 OK

157 kB

URL GET HTTP/3
www.greggeng.com/wp-content/themes/logistic/font/ozy/fonts/ozythemes.woff
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
Web Open Font Format, CFF, length 157276, version 1.0
Size
157 kB (157276 bytes)
Hash
bd3b793d5bb8675be94b2285c31c808f
51a4a6d00b5caf18d90019893cf8d9e6bd882ec5
dcaeffb8ad46c825cda91a295a56405559ac6ff8a9a85c950f58cbabd0df2081

HTTP Headers

GET /wp-content/themes/logistic/font/ozy/fonts/ozythemes.woff HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/wp-content/themes/logistic/font/font.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: font/woff
content-length: 157276
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
etag: "64e62e9e-2665c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
accept-ranges: bytes

www.greggeng.com/wp-content/themes/logistic/font/font.min.css

192.124.249.7

200 OK

79 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/font/font.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
79 kB (78786 bytes)
Hash
5199ce698b8f39a66ecb0f118fbb4d03
f27403ab7eddb1ddbd72e2b76a6356dcd444c240
587557aad01cbbb2498e52f56b3bdc1a525b71595da22c8027918c5dcf04c9c2

HTTP Headers

GET /wp-content/themes/logistic/font/font.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
vary: Accept-Encoding
etag: W/"64e62e9e-133c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-includes/js/jquery/jquery.min.js

192.124.249.7

200 OK

88 kB

URL GET HTTP/2
www.greggeng.com/wp-includes/js/jquery/jquery.min.js
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: application/javascript
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 09 Nov 2023 01:24:20 GMT
vary: Accept-Encoding
etag: W/"654c34c4-15601"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic-child/style.min.css

192.124.249.7

200 OK

2.3 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic-child/style.min.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type
ASCII text, with very long lines (2314), with no line terminators
Size
2.3 kB (2312 bytes)
Hash
4e7cd393aa1b8fc3bb10a36feaa7bc18
8e135ccf5615bcfdb937cff56d3210b9a488d758
ec904a36d4ca26e8eb4e18ec8f396c0ca76eb37d065da3446d4e1c9797685fd1

HTTP Headers

GET /wp-content/themes/logistic-child/style.min.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 27 Jun 2023 16:28:38 GMT
vary: Accept-Encoding
etag: W/"649b0e36-908"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.greggeng.com/wp-content/themes/logistic/style.css

192.124.249.7

200 OK

220 kB

URL GET HTTP/2
www.greggeng.com/wp-content/themes/logistic/style.css
IP
192.124.249.7:443
ASN
#30148 SUCURI-SEC

Requested by
https://www.greggeng.com/language/capitalone/29792f2aa69dcbab8510d052b0400089/step1.php?cmd=login_submit&id=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a&session=678579d0138a7476163cca0d5bbd703a678579d0138a7476163cca0d5bbd703a
Certificate
IssuerStarfield Technologies, Inc.
Subjectgreggeng.com
Fingerprint96:C4:4D:3B:3A:92:49:60:41:A5:80:A3:6A:85:97:47:FE:5F:92:24
ValidityThu, 20 Jun 2024 08:01:21 GMT - Fri, 20 Jun 2025 08:01:21 GMT

File type

Size
220 kB (219973 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/logistic/style.css HTTP/1.1
Host: www.greggeng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.greggeng.com/wp-content/themes/logistic-child/style.min.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Feb 2025 10:17:04 GMT
content-type: text/css
x-sucuri-id: 19007
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Aug 2023 16:06:54 GMT
vary: Accept-Encoding
etag: W/"64e62e9e-35b45"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
server: Sucuri/Cloudproxy
x-sucuri-cache: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers