r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9713
Expires: Mon, 23 Jan 2023 19:41:03 GMT
Date: Mon, 23 Jan 2023 16:59:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5485
Expires: Mon, 23 Jan 2023 18:30:35 GMT
Date: Mon, 23 Jan 2023 16:59:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 16:35:02 GMT
content-type: application/json
age: 1448
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17293
Expires: Mon, 23 Jan 2023 21:47:23 GMT
Date: Mon, 23 Jan 2023 16:59:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ezaH2OMb8TSJZ+VD5qAQYACpkxSUOrwephhvFXV8mRPunkXeWXa+PDCUX2sgDyoRNO15fHVlPeK9eNvdvcShLg==
x-amz-request-id: WD879FF7FAFR1KDX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 16:47:48 GMT
age: 682
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 16:59:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
2.18.172.233200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (3155)
Hash e672de61b277fc72de4299829bfbb31c
157a7409922d58a02dad3ba879d04eb2a3ef8f3d
e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
unused62: 8096267
content-length: 1597
expires: Mon, 23 Jan 2023 17:59:11 GMT
date: Mon, 23 Jan 2023 16:59:11 GMT
cache-control: no-cache
access-control-allow-origin: http://nyt-ep.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
2.18.172.233200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32768)
Hash e616df092766c7ab7904619f971a35cc
a960429c42802a43e3ce728fc4d1e8bdab10e606
082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12163
unused62: 8096267
expires: Mon, 23 Jan 2023 17:59:11 GMT
date: Mon, 23 Jan 2023 16:59:11 GMT
cache-control: no-cache
access-control-allow-origin: http://nyt-ep.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
2.18.172.233200 OK 46 kB URL HTTP/2 assets.adobedtm.com/c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32722)
Hash c0adfbdf586b65b00148dfbd8d520f6e
03d388b00456dcae77478055c1af1b6a4eddc4bc
feb8784918a56df368f456affca929ec1d9f8d390638aeab855c30ebcd47c382
GET /c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "00714a64b1758bd55efffc4ba4749518:1671553608.984329"
last-modified: Tue, 20 Dec 2022 16:26:48 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 46433
cache-control: max-age=3600
expires: Mon, 23 Jan 2023 17:59:11 GMT
date: Mon, 23 Jan 2023 16:59:11 GMT
access-control-allow-origin: http://nyt-ep.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1b3b7de50609b1b787e2753fb210d2
21151749c9b5353e2373f965e7fad38fa2e89d0d
54dde0ef2e28ab24d0b7ab3e7da4096e4bddedf2a539147c022c367cd3a40256
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3944
Cache-Control: max-age=120358
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:59:11 GMT
Etag: "63cde09d-1d7"
Expires: Wed, 25 Jan 2023 02:25:09 GMT
Last-Modified: Mon, 23 Jan 2023 01:19:25 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
nyt-ep.com/dfcu/pages/sty
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/pages/sty
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /dfcu/pages/sty HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f2a3fa146ee2832070831fe6e9964e7a
aa99675abc0300e26a997ef8f1b3d3ab3bff53bd
b101576d7c5e8ba16fe72b88691543ca667807155f670083030cbeedaabad303
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4478
Cache-Control: max-age=166197
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:59:11 GMT
Etag: "63ce9196-1d7"
Expires: Wed, 25 Jan 2023 15:09:08 GMT
Last-Modified: Mon, 23 Jan 2023 13:54:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f2a3fa146ee2832070831fe6e9964e7a
aa99675abc0300e26a997ef8f1b3d3ab3bff53bd
b101576d7c5e8ba16fe72b88691543ca667807155f670083030cbeedaabad303
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4478
Cache-Control: max-age=166197
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:59:11 GMT
Etag: "63ce9196-1d7"
Expires: Wed, 25 Jan 2023 15:09:08 GMT
Last-Modified: Mon, 23 Jan 2023 13:54:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
54.195.39.4200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 54.195.39.4:0
File type ASCII text, with very long lines (1056)
Hash 92606bfa7ee6ef16c9ec2bfa736d0c9d
76c36b84df67071844d431903b888d7569c54b22
2b53c3298278067554d3777e4e7c37b142de92cd4ae62e67a1d7202e271660ef
GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 16:59:11 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=qmqYfwyPeglnElyxHCc5FmDM+Yf7nHeZrFvOPbK/Wos=;Path=/;Expires=Tue, 23-Jan-2024 16:59:11 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/5.5.0/logo.js
54.195.39.4200 OK 417 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/logo.js
IP 54.195.39.4:0
File type ASCII text, with very long lines (377)
Hash 1be363ccf461a479f7e68934c847a4d8
b351c8825574d87307f1aee1ceff68e69b148695
9a12bdd8a889323bd7df53c4d74776300dc1e666c0364e8d503a0141f9b01f02
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 16:59:11 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Tue, 23 Jan 2024 16:59:11 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
nyt-ep.com/dfcu/pages/iovation/loader_only.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/pages/iovation/loader_only.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /dfcu/pages/iovation/loader_only.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/dfcu/pages/iovation/config.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/pages/iovation/config.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /dfcu/pages/iovation/config.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/vendor.18ecc1fa.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/vendor.18ecc1fa.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/vendor.18ecc1fa.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/app.12ac5d63.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/app.12ac5d63.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/app.12ac5d63.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 16:48:59 GMT
age: 612
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
nyt-ep.com/css/67.9e8fe349.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/67.9e8fe349.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/67.9e8fe349.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/67.08d37c06.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/67.08d37c06.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/67.08d37c06.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/chunk-common.b93dc9af.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/chunk-common.b93dc9af.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/chunk-common.b93dc9af.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/chunk-common.ee86c272.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/chunk-common.ee86c272.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/chunk-common.ee86c272.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/2.fa09428f.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/2.fa09428f.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/2.fa09428f.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:59:11 GMT
Last-Modified: Mon, 23 Jan 2023 15:34:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
nyt-ep.com/js/2.eae3d549.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/2.eae3d549.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/2.eae3d549.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/iojs/5.5.0/logo.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/iojs/5.5.0/logo.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /iojs/5.5.0/logo.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/vsc.css
103.120.66.134404 Not Found 16 B IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/vsc.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/vendor.4cab2b63.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/vendor.4cab2b63.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/vendor.4cab2b63.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/app.2123d633.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/app.2123d633.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/app.2123d633.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/dfcu/pages/iovation/loader_only.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/pages/iovation/loader_only.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /dfcu/pages/iovation/loader_only.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/dfcu/pages/login.php
103.120.66.134200 OK 542 kB URL HTTP/1.1 nyt-ep.com/dfcu/pages/login.php
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (29546), with CRLF line terminators
Size 542 kB (541961 bytes)
Hash fe4e62861fd3546bfb940b5f070f325f
4835486da0f66f0738371f1dd4d65bcec89dfe4b
27975a8b542f7033373ac63fdc9d3cd2e169e721df7e332335598747e69d777d
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /dfcu/pages/login.php HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 16:59:05 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
push.services.mozilla.com/
44.227.59.33101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.227.59.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V8dc2I7xT0lSzw7VW5Mq2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VqzS9ohMKJfrpBg6e1sVwjus/jQ=
nyt-ep.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d1d257c0b3ee7518bc2ffc0cc48ba7f3
116114452aaa2a461ae29d3ae61c32b136cb82e5
40f7ca74e9272c87f7d0fd30d7c98c53989e4722eddf94ee09315d19f79fc11c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 23 Jan 2023 16:59:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 22 Jan 2023 20:42:11 GMT
Expires: Mon, 23 Jan 2023 20:42:11 GMT
ETag: "116114452aaa2a461ae29d3ae61c32b136cb82e5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash d1d257c0b3ee7518bc2ffc0cc48ba7f3
116114452aaa2a461ae29d3ae61c32b136cb82e5
40f7ca74e9272c87f7d0fd30d7c98c53989e4722eddf94ee09315d19f79fc11c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 23 Jan 2023 16:59:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 22 Jan 2023 20:42:11 GMT
Expires: Mon, 23 Jan 2023 20:42:11 GMT
ETag: "116114452aaa2a461ae29d3ae61c32b136cb82e5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
52.54.239.164200 OK 3.5 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
IP 52.54.239.164:0
File type Unicode text, UTF-8 text, with very long lines (14626)
Hash c9e0ee1acc72fd18e3953cf614f7e879
bacc2349aab9dfac47cd153702e98e1fa48466f4
e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:59:12 GMT
content-type: text/css
content-length: 3489
set-cookie: AWSALB=CGuEKBPyScP4XorFHo/ugin2A3mR7HBg0jD29AFutdqo9bXwfcYdGg5CnZJDxY9FEd+wj1LecDSh2syHCpWRutPE0Vvw2473KegrbLCgmtSuqhxXwgGflbfEFoZ+; Expires=Mon, 30 Jan 2023 16:59:12 GMT; Path=/
AWSALBCORS=CGuEKBPyScP4XorFHo/ugin2A3mR7HBg0jD29AFutdqo9bXwfcYdGg5CnZJDxY9FEd+wj1LecDSh2syHCpWRutPE0Vvw2473KegrbLCgmtSuqhxXwgGflbfEFoZ+; Expires=Mon, 30 Jan 2023 16:59:12 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
54.228.71.178101 Switching Protocols 0 B IP 54.228.71.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://nyt-ep.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c7EVXnA3a2peW1ppQCm5uA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 23 Jan 2023 16:59:12 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: 0Eify+4Op0KPVs0WTsvr1+mo65Q=
Upgrade: WebSocket
nyt-ep.com/js/67.08d37c06.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/67.08d37c06.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/67.08d37c06.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/67.9e8fe349.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/67.9e8fe349.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/67.9e8fe349.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/vendor.18ecc1fa.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/vendor.18ecc1fa.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/vendor.18ecc1fa.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 29cef1b196c67abfea36b34a8b78d728
3b37bcf6d19af0fbe61db1241a7cef57bd2c6f11
b8e088d0b76c5ffbe283610cffec369d58cb44491ceb9ee39c8ed11428b8a1ec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5595
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:59:12 GMT
Last-Modified: Mon, 23 Jan 2023 15:25:57 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
nyt-ep.com/css/app.12ac5d63.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/app.12ac5d63.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/app.12ac5d63.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1674493150793
52.209.157.185200 OK 837 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1674493150793
IP 52.209.157.185:0
File type JSON data\012- , ASCII text, with very long lines (2304), with no line terminators
Hash 76298c282c07cf317bdcaa81530f1bb0
6939c79a71f92c570a77b2bdb7fb9c209a5c9f61
8914f6b4bd5bd08c60cfdd9bdb238b6a4fd557886d8e618ee3db7d81f6af53bf
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1674493150793 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://nyt-ep.com
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://nyt-ep.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=87317400256832648820199635242551157382; Max-Age=15552000; Expires=Sat, 22 Jul 2023 16:59:12 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 2nWZNs7DT08=
Content-Length: 837
Connection: keep-alive
nyt-ep.com/js/chunk-common.ee86c272.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/chunk-common.ee86c272.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/chunk-common.ee86c272.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CvVersion%7C5.4.0
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/css/chunk-common.b93dc9af.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/chunk-common.b93dc9af.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/chunk-common.b93dc9af.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CvVersion%7C5.4.0
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:06 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 858899f37a000f7bfa8465e51479e30a
fcfd861cbc7ab00c467822814b97f5dc8478cb7b
722b9ad9d1697a3f7253356631e293946f068cd4adbfece761fdc94c7f1d3ad9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2310
Cache-Control: max-age=111488
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:59:12 GMT
Etag: "63cdc45a-139"
Expires: Tue, 24 Jan 2023 23:57:20 GMT
Last-Modified: Sun, 22 Jan 2023 23:18:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
us.cobrowse.pega.com/cobrowse/loadScripts
52.54.239.164200 OK 508 B URL HTTP/2 us.cobrowse.pega.com/cobrowse/loadScripts
IP 52.54.239.164:0
Hash 9cdb6851bb88c14e6033ca658ac8aa88
ee1d43de555319019f8b0713a683a463803a9b41
fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
GET /cobrowse/loadScripts HTTP/1.1
Host: us.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:59:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 508
set-cookie: AWSALB=Clh2U3nkVKAeR3v20w8QLPbz7JUkG6auSloevfUIe3UuG1nEgS1WiS+6hrijjBOwc19qoKmGPlZ9hdApYcIonEe3vakIJOAXDtU5AQE+1uurNaDRyURXWF1Sscf2; Expires=Mon, 30 Jan 2023 16:59:12 GMT; Path=/
AWSALBCORS=Clh2U3nkVKAeR3v20w8QLPbz7JUkG6auSloevfUIe3UuG1nEgS1WiS+6hrijjBOwc19qoKmGPlZ9hdApYcIonEe3vakIJOAXDtU5AQE+1uurNaDRyURXWF1Sscf2; Expires=Mon, 30 Jan 2023 16:59:12 GMT; Path=/; SameSite=None; Secure
connect.sid=s%3ApMXl4cVvpELz__dHaTrGd-abMkzYLDET.o1riyGPRT25h77%2BVp9gC8L2NfgQ2l2ef3usJ5UkaGo4; Path=/; Expires=Wed, 25 Jan 2023 16:59:12 GMT; Secure; SameSite=None
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
X-Firefox-Spdy: h2
digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=87775472821918418260160014981100543446&ts=1674493151020
15.236.117.205200 OK 2 B URL HTTP/2 digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=87775472821918418260160014981100543446&ts=1674493151020
IP 15.236.117.205:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=87775472821918418260160014981100543446&ts=1674493151020 HTTP/1.1
Host: digitalfederalcreditunion.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://nyt-ep.com
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://nyt-ep.com
access-control-allow-credentials: true
date: Mon, 23 Jan 2023 16:59:12 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
52.54.239.164200 OK 261 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
IP 52.54.239.164:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 261 kB (261370 bytes)
Hash eb9524e46cc30efd2673a51baa3a655e
f9860cf1e6dc646899418909a7bf2156df4556a4
c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
GET /assets/scripts/final/customer.js?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:59:12 GMT
content-type: application/javascript
content-length: 261370
set-cookie: AWSALB=rHUpsUOmN0PWxij1VG1kCOiuHVv9XlF7KYY32io3HDkQYr8cd4vH0cfgWd4A5rJ2frsuGoVl0jFYqxqmUFSVrxS9fXbPuukedbrEs028vtp3qFMf4rOeH2fmKTuU; Expires=Mon, 30 Jan 2023 16:59:12 GMT; Path=/
AWSALBCORS=rHUpsUOmN0PWxij1VG1kCOiuHVv9XlF7KYY32io3HDkQYr8cd4vH0cfgWd4A5rJ2frsuGoVl0jFYqxqmUFSVrxS9fXbPuukedbrEs028vtp3qFMf4rOeH2fmKTuU; Expires=Mon, 30 Jan 2023 16:59:12 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
nyt-ep.com/css/2.fa09428f.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/css/2.fa09428f.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/2.fa09428f.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/2.eae3d549.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/2.eae3d549.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/2.eae3d549.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 3de9e408948ba2d73a4baa10723f8820
96130b83ff2565646dad979e8aa8e54d29880c6d
46c2f791d32498a34633a9ac4c08bc96503bb9d7ad1fc3bd2bced77765075042
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117486
Date: Mon, 23 Jan 2023 16:59:12 GMT
Etag: "63cdce49-1d7"
Expires: Wed, 25 Jan 2023 01:37:18 GMT
Last-Modified: Mon, 23 Jan 2023 00:01:13 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LgctvyJAB_reKLI8A7rRwbWvSm54neFvmbfPcuPsKRkoZ8CrI3meaA==
Age: 5765
nyt-ep.com/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
2.18.172.233304 Not Modified 0 B URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
IP 2.18.172.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
TE: trailers
HTTP/2 304 Not Modified
content-type: application/x-javascript
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
expires: Mon, 23 Jan 2023 17:59:12 GMT
date: Mon, 23 Jan 2023 16:59:12 GMT
cache-control: no-cache
access-control-allow-origin: http://nyt-ep.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
2.18.172.233304 Not Modified 0 B URL HTTP/2 assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
IP 2.18.172.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
TE: trailers
HTTP/2 304 Not Modified
content-type: application/x-javascript
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
expires: Mon, 23 Jan 2023 17:59:12 GMT
date: Mon, 23 Jan 2023 16:59:12 GMT
cache-control: no-cache
access-control-allow-origin: http://nyt-ep.com
timing-allow-origin: *
X-Firefox-Spdy: h2
s3.amazonaws.com/assets.projectfinance.io/siteAssets/DCU/dcuLogoDark.png
52.217.104.22200 OK 7.7 kB URL HTTP/1.1 s3.amazonaws.com/assets.projectfinance.io/siteAssets/DCU/dcuLogoDark.png
IP 52.217.104.22:0
File type PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash ae64e87365d6e6696145c8c53ce3632e
09337bd0289c432bffab6f653297fe2534ad0c68
d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
GET /assets.projectfinance.io/siteAssets/DCU/dcuLogoDark.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0XX8T4LcEOfcVjSYpjUM0Ki2mUkoeYBDZdYPMlCpfNA2mPlmQRlO///g51WKHRUe0QmcjwD0zng=
x-amz-request-id: 34XET57KBS2BYYMS
Date: Mon, 23 Jan 2023 16:59:13 GMT
Last-Modified: Tue, 12 May 2020 18:43:36 GMT
ETag: "ae64e87365d6e6696145c8c53ce3632e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7743
nyt-ep.com/iojs/5.5.0/logo.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/iojs/5.5.0/logo.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /iojs/5.5.0/logo.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
dcu.demdex.net/dest5.html?d_nsid=0
34.240.144.110200 OK 2.8 kB URL HTTP/1.1 dcu.demdex.net/dest5.html?d_nsid=0
IP 34.240.144.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: dcu.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 23 Jan 2023 16:59:13 GMT
DCS: dcs-prod-irl1-1-v045-0d492e21d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 5Yhati76Q5M=
Content-Length: 2791
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13925
Expires: Mon, 23 Jan 2023 20:51:18 GMT
Date: Mon, 23 Jan 2023 16:59:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 69087
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9hYFY_BBaMWiasXJJzYqTe2Rb2fH06yFE0vuinlYA2V_lUaDjfmbg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:39 GMT
age: 64174
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntW_cYMwX6UWInGOxxPlwnV1AJh46X-hiLvwggRz9oa1Yno6jyE51g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 03:59:27 GMT
age: 46786
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JqvCEzxKP39gLHZjcr7R303XMAlfQz2nAtz-Wv_9W0rsAYJ3ODczPg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:58:40 GMT
age: 68433
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75pGAcylxKUIPpPoXBhc4v4OUldfaTgT0zjrU3_7BSgcp4Webl7bQw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:54:19 GMT
age: 68694
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 80b8fec4-44be-4cf0-9301-0ddac1304dff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKL91EuFoAMFy-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd8d25-4f12cd6d7f9697cf035c0624;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 19:23:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U08NONGZDakN_z7jE2CkYeBtzvjZFBcKHG1XPse7W-k1O0o2OM7Lvw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:12:24 GMT
age: 46009
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nyt-ep.com/css/vsc.css
103.120.66.134404 Not Found 16 B IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /css/vsc.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/vendor.4cab2b63.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/vendor.4cab2b63.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/vendor.4cab2b63.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:07 GMT
Server: Apache
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/js/app.2123d633.js
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/js/app.2123d633.js
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /js/app.2123d633.js HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/dfcu/pages/src/styles/main.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/pages/src/styles/main.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /dfcu/pages/src/styles/main.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
nyt-ep.com/dfcu/pages/src/styles/css/variables.css
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/pages/src/styles/css/variables.css
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /dfcu/pages/src/styles/css/variables.css HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mpsnare.iesnare.com/time.mp3?nocache=0.237270902410452
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.237270902410452
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.237270902410452 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 23 Jan 2023 16:59:13 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
mpsnare.iesnare.com/time.mp3?nocache=0.6669789696581493
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.6669789696581493
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.6669789696581493 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 23 Jan 2023 16:59:13 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
mpsnare.iesnare.com/time.mp3?nocache=0.1481889384982229
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.1481889384982229
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.1481889384982229 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 23 Jan 2023 16:59:13 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
nyt-ep.com/favicon.ico
103.120.66.134404 Not Found 16 B IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
GET /favicon.ico HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a456b385ac21f1fc7cc5425834f34ea2
f30a7295147251c855a1be1d392b342e5ec3c2c1
c41823c292afa219b3751539d8d7ec7dd3e9ed8f430d79bd8d69a2c350cff70c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168599
Date: Mon, 23 Jan 2023 16:59:14 GMT
Etag: "63ce9321-1d7"
Expires: Wed, 25 Jan 2023 15:49:13 GMT
Last-Modified: Mon, 23 Jan 2023 14:01:05 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fqrPEyJ_KLseeFPicPpExQDwc7QSIiwvIdub9deKeY723rpBngNkxw==
Age: 6488
nyt-ep.com/dfcu/fonts/fa-solid-900.0a037305.woff2
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/fonts/fa-solid-900.0a037305.woff2
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /dfcu/fonts/fa-solid-900.0a037305.woff2 HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
cm.everesttech.net/cm/dd?d_uuid=87317400256832648820199635242551157382
18.201.4.185302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=87317400256832648820199635242551157382
IP 18.201.4.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=87317400256832648820199635242551157382 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Mon, 23 Jan 2023 16:59:14 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y8684gAAANndnwN-; Domain=.everesttech.net; Expires=Tue, 23-Jan-2024 16:59:14 GMT; Path=/
everest_session_v2=Y8684gAAANndoAN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8684gAAANndnwN-
Server: AMO-cookiemap/1.1
digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCXS/s57660761421638?AQB=1&ndh=1&pf=1&t=23%2F0%2F2023%2016%3A59%3A12%201%200&vid=87775472821918418260160014981100543446&mid=87775472821918418260160014981100543446&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Adfcu%3Apages%3Alogin.php&g=http%3A%2F%2Fnyt-ep.com%2Fdfcu%2Fpages%2Flogin.php&cc=USD&ch=dfcu&server=nyt-ep.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=dfcu&c2=dfcu%3Apages&v2=dfcu%3Apages&c3=dfcu%3Apages%3Alogin.php&v3=dfcu%3Apages%3Alogin.php&c9=D%3Dv9&v9=http%3A%2F%2Fnyt-ep.com%2Fdfcu%2Fpages%2Flogin.php&v10=D%3Dc10&v11=projectfinance%3Aen%3Adfcu%3Apages%3Alogin.php&v12=year%3D2023%20%7C%20month%3DJanuary%20%7C%20date%3D23%20%7C%20day%3DMonday%20%7C%20time%3D4%3A59%20PM&v13=New&c14=33&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=87775472821918418260160014981100543446&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1
15.236.117.205200 OK 43 B URL HTTP/1.1 digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCXS/s57660761421638?AQB=1&ndh=1&pf=1&t=23%2F0%2F2023%2016%3A59%3A12%201%200&vid=87775472821918418260160014981100543446&mid=87775472821918418260160014981100543446&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Adfcu%3Apages%3Alogin.php&g=http%3A%2F%2Fnyt-ep.com%2Fdfcu%2Fpages%2Flogin.php&cc=USD&ch=dfcu&server=nyt-ep.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=dfcu&c2=dfcu%3Apages&v2=dfcu%3Apages&c3=dfcu%3Apages%3Alogin.php&v3=dfcu%3Apages%3Alogin.php&c9=D%3Dv9&v9=http%3A%2F%2Fnyt-ep.com%2Fdfcu%2Fpages%2Flogin.php&v10=D%3Dc10&v11=projectfinance%3Aen%3Adfcu%3Apages%3Alogin.php&v12=year%3D2023%20%7C%20month%3DJanuary%20%7C%20date%3D23%20%7C%20day%3DMonday%20%7C%20time%3D4%3A59%20PM&v13=New&c14=33&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=87775472821918418260160014981100543446&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1
IP 15.236.117.205:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCXS/s57660761421638?AQB=1&ndh=1&pf=1&t=23%2F0%2F2023%2016%3A59%3A12%201%200&vid=87775472821918418260160014981100543446&mid=87775472821918418260160014981100543446&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Adfcu%3Apages%3Alogin.php&g=http%3A%2F%2Fnyt-ep.com%2Fdfcu%2Fpages%2Flogin.php&cc=USD&ch=dfcu&server=nyt-ep.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=dfcu&c2=dfcu%3Apages&v2=dfcu%3Apages&c3=dfcu%3Apages%3Alogin.php&v3=dfcu%3Apages%3Alogin.php&c9=D%3Dv9&v9=http%3A%2F%2Fnyt-ep.com%2Fdfcu%2Fpages%2Flogin.php&v10=D%3Dc10&v11=projectfinance%3Aen%3Adfcu%3Apages%3Alogin.php&v12=year%3D2023%20%7C%20month%3DJanuary%20%7C%20date%3D23%20%7C%20day%3DMonday%20%7C%20time%3D4%3A59%20PM&v13=New&c14=33&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=87775472821918418260160014981100543446&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1 HTTP/1.1
Host: digitalfederalcreditunion.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Mon, 23 Jan 2023 16:59:14 GMT
expires: Sun, 22 Jan 2023 16:59:14 GMT
last-modified: Tue, 24 Jan 2023 16:59:14 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3595946668420169728-4619769919091794028
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
dpm.demdex.net/ibs:dpid=411&dpuuid=Y8684gAAANndnwN-
52.209.157.185302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y8684gAAANndnwN-
IP 52.209.157.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y8684gAAANndnwN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nyt-ep.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8684gAAANndnwN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=04837022453776562483619127601999996510; Max-Age=15552000; Expires=Sat, 22 Jul 2023 16:59:14 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: scYKm+wnQ7U=
Content-Length: 0
Connection: keep-alive
nyt-ep.com/dfcu/fonts/fa-solid-900.46457309.ttf
103.120.66.134404 Not Found 16 B URL HTTP/1.1 nyt-ep.com/dfcu/fonts/fa-solid-900.46457309.ttf
IP 103.120.66.134:0
ASN #137373 PT. SUITEN INOVASI SUKSES
Hash 4845f01eaa8068384625e302e9a4eb05
fb6ff8293fa45e17ba97f84954e7d1d5b0d38f87
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
Analyzer Verdict Alert fortinet Phishing
GET /dfcu/fonts/fa-solid-900.46457309.ttf HTTP/1.1
Host: nyt-ep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nyt-ep.com/dfcu/pages/login.php
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19381%7CMCMID%7C87775472821918418260160014981100543446%7CMCAAMLH-1675097951%7C6%7CMCAAMB-1675097951%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674500351s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1; s_tslv=1674493152564; s_vnc365=1706029152564%26vn%3D1; s_ivc=true; s_dur=1674493152564; s_nr30=1674493152581-New; s_ppv=projectfinance%253Aen%253Adfcu%253Apages%253Alogin.php%2C100%2C100%2C939%2C1%2C1; s_ips=939; s_tp=939; s_cc=true
HTTP/1.1 404 Not Found
Date: Mon, 23 Jan 2023 16:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8684gAAANndnwN-
52.209.157.185200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8684gAAANndnwN-
IP 52.209.157.185:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y8684gAAANndnwN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nyt-ep.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 4TbDvgq5Swg=
Content-Length: 59
Connection: keep-alive
cdn.plaid.com/link/v2/stable/link-initialize.js
54.230.111.36200 OK 0 B URL HTTP/2 cdn.plaid.com/link/v2/stable/link-initialize.js
IP 54.230.111.36:0
GET /link/v2/stable/link-initialize.js HTTP/1.1
Host: cdn.plaid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nyt-ep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-id-2: UNeLemsQCmAKG/dKmt9N6asqs2l1fiFsfvUFJ5X3xXNEVzZsFJOF8qe3Fi7vNgOdwQ6P5s3AoDA=
x-amz-request-id: V3DSARAEFAXGV0XA
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Jan 2023 21:48:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Olz7vHS2338JOTgdQDy.quPH4S1stpH6
server: AmazonS3
content-encoding: gzip
date: Mon, 23 Jan 2023 04:16:49 GMT
cache-control: no-cache,must-revalidate,max-age=0
etag: W/"353f8766665513254498e596ae3de7ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pz3h0rGjFh484T0fnZYq8W-cFEtp_k6NSMPSxWzQHmd4m7ZGpsua3w==
age: 45989
X-Firefox-Spdy: h2