firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 17:04:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fCJtIozyc6oq1V8EpHo4H9NvaNzNtUzF2rlb4cXkwL-Ttgqov7XsXg==
Age: 1907
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16010
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 17:36:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gL6BYFMiQXhffuk5tkTBDOyETBmAaMlZe1LaPa297-n3rpMwPnt8MQ==
age: 58851
X-Firefox-Spdy: h2
pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
200 OK 12 kB URL HTTP/1.1 pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (351), with CRLF line terminators
Hash 3bcbd314ddd89e4056a87e59ce5dca77
17672e7c0b22108bab277d25b96a37c579a708c5
234391e3ecaa96daeb8e4d13348a9cc3b768bba971574125a0dc35cf035ca990
GET /login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso= HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:36:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pidzxxs3.ga/Assets/Styles/Library/Transmit/xmui.css?v=SicNklE1Ktl1QEjtpmgbhUZP0kpreO2AmgaagwSXy6Y
404 Not Found 315 B URL HTTP/1.1 pidzxxs3.ga/Assets/Styles/Library/Transmit/xmui.css?v=SicNklE1Ktl1QEjtpmgbhUZP0kpreO2AmgaagwSXy6Y
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/Styles/Library/Transmit/xmui.css?v=SicNklE1Ktl1QEjtpmgbhUZP0kpreO2AmgaagwSXy6Y HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 17:36:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pidzxxs3.ga/Assets/Styles/Library/Transmit/xmui-no-vars.css?v=27_x0mg1W6CZZnEL--AiaqVsSOXDJ9i9i-DjWZ9cLH4
404 Not Found 315 B URL HTTP/1.1 pidzxxs3.ga/Assets/Styles/Library/Transmit/xmui-no-vars.css?v=27_x0mg1W6CZZnEL--AiaqVsSOXDJ9i9i-DjWZ9cLH4
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Assets/Styles/Library/Transmit/xmui-no-vars.css?v=27_x0mg1W6CZZnEL--AiaqVsSOXDJ9i9i-DjWZ9cLH4 HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 17:36:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 62fbd8c2349bf324520fb92c9af71df9
d0cb7fe4a18861d5184382f73df692a7124d625b
c3f0506860fd8ec459ecd7e4f2dffd735f20ed00bd23f2f305359ed5990d81d9
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:08 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:12:16 GMT
Expires: Sat, 10 Sep 2022 22:12:15 GMT
Etag: "d0cb7fe4a18861d5184382f73df692a7124d625b"
Cache-Control: max-age=600217,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1334
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7468f7154974b509-OSL
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 62fbd8c2349bf324520fb92c9af71df9
d0cb7fe4a18861d5184382f73df692a7124d625b
c3f0506860fd8ec459ecd7e4f2dffd735f20ed00bd23f2f305359ed5990d81d9
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:08 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:12:16 GMT
Expires: Sat, 10 Sep 2022 22:12:15 GMT
Etag: "d0cb7fe4a18861d5184382f73df692a7124d625b"
Cache-Control: max-age=600217,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1334
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7468f7154f6c0afe-OSL
ocsp.usertrust.com/
200 OK 2.2 kB IP
Hash 62fbd8c2349bf324520fb92c9af71df9
d0cb7fe4a18861d5184382f73df692a7124d625b
c3f0506860fd8ec459ecd7e4f2dffd735f20ed00bd23f2f305359ed5990d81d9
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:08 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 22:12:16 GMT
Expires: Sat, 10 Sep 2022 22:12:15 GMT
Etag: "d0cb7fe4a18861d5184382f73df692a7124d625b"
Cache-Control: max-age=600217,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1334
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7468f7154934b4e8-OSL
pidzxxs3.ga/Assets/Scripts/login.min.js?v=h2l4kwjSmFhsosN9YheUZsPHCE_r3xd9N8PjjY8kk9s
404 Not Found 315 B URL HTTP/1.1 pidzxxs3.ga/Assets/Scripts/login.min.js?v=h2l4kwjSmFhsosN9YheUZsPHCE_r3xd9N8PjjY8kk9s
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/Scripts/login.min.js?v=h2l4kwjSmFhsosN9YheUZsPHCE_r3xd9N8PjjY8kk9s HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 17:36:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pidzxxs3.ga/Assets/Styles/Common.css?v=5-dD3SDWyYd6oqbtYnVWMkfQPvL7YH9QTq8oDnvMbK0
404 Not Found 315 B URL HTTP/1.1 pidzxxs3.ga/Assets/Styles/Common.css?v=5-dD3SDWyYd6oqbtYnVWMkfQPvL7YH9QTq8oDnvMbK0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/Styles/Common.css?v=5-dD3SDWyYd6oqbtYnVWMkfQPvL7YH9QTq8oDnvMbK0 HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 17:36:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9339aa3b5548c6d9f7d2af4d38376b6a
1c96a19308a48711f1e4e3ef30ec321a1a68a358
8ebe3576238525f55fa760ece1bfcf55db61fa953979e3b945ec3ad536a63176
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 06:52:53 GMT
Expires: Sun, 11 Sep 2022 06:52:52 GMT
Etag: "1c96a19308a48711f1e4e3ef30ec321a1a68a358"
Cache-Control: max-age=392803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7468f7155ac30b61-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 16:38:18 GMT
Expires: Tue, 06 Sep 2022 17:35:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: goQaeWSPQ98wno1NpGyxksSZMGoK4LpdemSQT7sSBwF8xh4bTiXlNQ==
Age: 3470
ocsp.digicert.com/
200 OK 471 B IP
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:36:08 GMT
Last-Modified: Tue, 06 Sep 2022 16:16:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9339aa3b5548c6d9f7d2af4d38376b6a
1c96a19308a48711f1e4e3ef30ec321a1a68a358
8ebe3576238525f55fa760ece1bfcf55db61fa953979e3b945ec3ad536a63176
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 06:52:53 GMT
Expires: Sun, 11 Sep 2022 06:52:52 GMT
Etag: "1c96a19308a48711f1e4e3ef30ec321a1a68a358"
Cache-Control: max-age=392803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7468f7156b310b31-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9339aa3b5548c6d9f7d2af4d38376b6a
1c96a19308a48711f1e4e3ef30ec321a1a68a358
8ebe3576238525f55fa760ece1bfcf55db61fa953979e3b945ec3ad536a63176
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:36:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 06:52:53 GMT
Expires: Sun, 11 Sep 2022 06:52:52 GMT
Etag: "1c96a19308a48711f1e4e3ef30ec321a1a68a358"
Cache-Control: max-age=392803,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7468f7157e5ab527-OSL
login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
200 OK 52 kB URL HTTP/1.1 login.regions.com/Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8
IP
File type ASCII text, with very long lines (373), with CRLF line terminators
Hash c047c86fc94dd8db3b5b2a54985a6e9a
90229a94339f03aee4b5a24ac7ecbedc8d617550
1c86e92050f0bacffd52b021d6500cbad6840f82232aa5542a4e0289449d0827
GET /Assets/Styles/Library/RegionsBootstrap/com-regions.css?v=x8e3dLnyxkyEVEuSBGXOJRTOWxTEMSxtwzaycyozII8 HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pidzxxs3.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 32794
Date: Tue, 06 Sep 2022 08:29:35 GMT
Cache-Control: max-age= 86400
Content-Length: 51809
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e143303d0de"
Server: nginx
Content-Type: text/css
Cteonnt-Length: 377566
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Content-Encoding: gzip
Strict-Transport-Security: max-age=157680000
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xOeXaMOB7EzP97nGymFdMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m9HYF2y4fp7QVp+W9Yv9BXH5xw8=
login.regions.com/Assets/Styles/olbAuth.min.css
200 OK 928 B URL HTTP/1.1 login.regions.com/Assets/Styles/olbAuth.min.css
IP
File type ASCII text, with very long lines (2230), with no line terminators
Hash 252e3fa4c636b2c75f403bd2085860c9
601cb4429bf458737878ae6af466c03202ac96b9
b3eef33ba7daa155c8efb6339667005b794478453dbee055ac8f8034581f5dd9
GET /Assets/Styles/olbAuth.min.css HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pidzxxs3.ga/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 31309
Date: Tue, 06 Sep 2022 08:54:21 GMT
Cache-Control: max-age= 86400
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e1433061ab6"
Cteonnt-Length: 2230
Content-Type: text/css
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Content-Encoding: gzip
Content-Length: 928
Strict-Transport-Security: max-age=157680000
login.regions.com/Assets/Images/regions-logo-no-r.svg
200 OK 2.3 kB URL HTTP/1.1 login.regions.com/Assets/Images/regions-logo-no-r.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1024), with CRLF line terminators
Hash 09b5b623e8f257f194c1d6178e4276da
89cfeb67179afd19be6ab4b819ece0edb8e5d7c6
c623ecf4b7273233b5401dec704c1004a04457a06d58c49a104dda685082700d
GET /Assets/Images/regions-logo-no-r.svg HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pidzxxs3.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 49501
Date: Tue, 06 Sep 2022 03:51:08 GMT
Cache-Control: max-age= 86400
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e14330607fb"
Server: nginx
Content-Type: image/svg+xml
Content-Length: 2317
Cteonnt-Length: 5627
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Content-Encoding: gzip
Strict-Transport-Security: max-age=157680000
pidzxxs3.ga/Assets/Images/member-fdic.svg
404 Not Found 315 B URL HTTP/1.1 pidzxxs3.ga/Assets/Images/member-fdic.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/Images/member-fdic.svg HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 17:36:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
pidzxxs3.ga/Assets/Images/equal-housing-lender.svg
404 Not Found 315 B URL HTTP/1.1 pidzxxs3.ga/Assets/Images/equal-housing-lender.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /Assets/Images/equal-housing-lender.svg HTTP/1.1
Host: pidzxxs3.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/login.php?online_id=1c8812ff9c2f120c872c0859e&country=&iso=
HTTP/1.1 404 Not Found
Date: Tue, 06 Sep 2022 17:36:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
login.regions.com/Assets/Scripts/regionslib.min.js?v=HtUVOJTWK1iZpw0Gl8w-cTMxKyTuHCjdJolqYBbsuBM
200 OK 501 kB URL HTTP/1.1 login.regions.com/Assets/Scripts/regionslib.min.js?v=HtUVOJTWK1iZpw0Gl8w-cTMxKyTuHCjdJolqYBbsuBM
IP
File type Unicode text, UTF-8 text, with very long lines (52355), with CRLF line terminators
Size 501 kB (500800 bytes)
Hash 43db46afcd459cd9ac345ec49148ac4e
c26ae97672a9569d907c2b2d691606867fceff68
c42d4c42dc0caceb97757c92d1281e82776d636beb44dadb9d973dfec250661d
GET /Assets/Scripts/regionslib.min.js?v=HtUVOJTWK1iZpw0Gl8w-cTMxKyTuHCjdJolqYBbsuBM HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pidzxxs3.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 49502
Date: Tue, 06 Sep 2022 03:51:07 GMT
Cache-Control: max-age= 86400
Content-Length: 500800
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e1433099aa7"
Server: nginx
Content-Type: application/javascript
Cteonnt-Length: 1018023
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Content-Encoding: gzip
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17292
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17292
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17292
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17292
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:36:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 71497
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 70736
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: e408351e-ba6c-4e55-815d-449af808282f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5yMEFBLoAMFtqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313ca4d-13831d8572a3b3cf54a0e747;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:42:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GFM9jerDkTPdhlUTm99E7Lpksw2ZGnV81bNVaZLvWSAiRNDNtkZi4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:39 GMT
age: 71491
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 47108
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 70570
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 1b2ece5c-784c-4c14-a760-c43d697b1abf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSEE2CIAMFvgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f40-2243fc211a76c7e404710c7c;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f2bMA3sdC6qxijseKXb53WMncdjInfvh-lVvr0W69sgaHEHKCNvLMQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:25:52 GMT
age: 36618
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/transmit-prod/Bootstrap.js
200 OK 72 kB URL HTTP/1.1 nexus.ensighten.com/regions/transmit-prod/Bootstrap.js
IP
File type C source, ASCII text, with very long lines (598)
Hash c0e660c965451ab78279563818de2993
80acf752bb03e30a3780433049e9d82ca5897808
c914d9b8f0073795e06652fb44df6766812e0e0a8f636a4bcc8b27c092ca5cea
GET /regions/transmit-prod/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 23 Jul 2022 12:32:00 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 18 Jul 2022 18:22:08 GMT
ETag: W/"0b620041f3d788270001a6343714b325"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=300
x-amz-version-id: qVi_gdbqEdN.v2gUTG1Lwx8p4gl20elc
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FY01-bqFwC_0HdOzI1BXDUnmJRo0Q3XnHK1kn_uH6pThZjtWft0-9g==
Age: 3906251
login.regions.com/Assets/favicon.ico
200 OK 3.3 kB URL HTTP/1.1 login.regions.com/Assets/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel\012- data
Hash 061c115987e92592f3dc2c867de9adf9
3d2d5762c3d47e90fd76470a1c93d0161ea9a2cd
f51d5e6454326b4c4af313f023c469e69e86078b027538b3413326aa77e7a1af
GET /Assets/favicon.ico HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pidzxxs3.ga/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 49480
Date: Tue, 06 Sep 2022 03:51:31 GMT
Cache-Control: max-age= 86400
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e1433061ebe"
Server: nginx
Content-Type: image/x-icon
Content-Length: 3262
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/transmit-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/transmit-prod/code/&publishedOn=Mon%20Jul%2018%2018:22:05%20GMT%202022&ClientID=1202&PageID=http%3A%2F%2Fpidzxxs3.ga%2Flogin.php%3Fonline_id%3D1c8812ff9c2f120c872c0859e%26country%3D%26iso%3D
200 OK 286 B URL HTTP/1.1 nexus.ensighten.com/regions/transmit-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/transmit-prod/code/&publishedOn=Mon%20Jul%2018%2018:22:05%20GMT%202022&ClientID=1202&PageID=http%3A%2F%2Fpidzxxs3.ga%2Flogin.php%3Fonline_id%3D1c8812ff9c2f120c872c0859e%26country%3D%26iso%3D
IP
Hash c77b8e651fc37f54b9381d543dfc7066
dd2474269469eb4ce2507cee0bbc86b3ee3d99e2
13fc516afece8163e16d6769dc89d90a933c3d0057574ea293caf454b1885542
GET /regions/transmit-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/transmit-prod/code/&publishedOn=Mon%20Jul%2018%2018:22:05%20GMT%202022&ClientID=1202&PageID=http%3A%2F%2Fpidzxxs3.ga%2Flogin.php%3Fonline_id%3D1c8812ff9c2f120c872c0859e%26country%3D%26iso%3D HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 286
Connection: keep-alive
Server: nginx
Date: Tue, 06 Sep 2022 17:36:10 GMT
Expires: Tue, 06 Sep 2022 17:36:09 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UbuKKm5tRbHOaxHgehB96ej8-3XsFlkqi_R7vp51n0zSjwbkYesJnQ==
nexus.ensighten.com/regions/transmit-prod/code/58d5327b63e00f1c85018253fedac26c.js?conditionId0=423026
200 OK 3.7 kB URL HTTP/1.1 nexus.ensighten.com/regions/transmit-prod/code/58d5327b63e00f1c85018253fedac26c.js?conditionId0=423026
IP
File type ASCII text, with very long lines (2990)
Hash da98db8a507c052ed9eb7dcd22a7b868
35bf7c9a8da9c0221d5e551654e7d28cee702126
7e9db0c2da9849b725fb58a7b0d59451ca3d11c579cdbab13faa806c9b0d5254
GET /regions/transmit-prod/code/58d5327b63e00f1c85018253fedac26c.js?conditionId0=423026 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 23 Jul 2022 12:32:15 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 02 Feb 2022 22:05:06 GMT
ETag: W/"f5224128e8349e9c9d11c7ec8e21c9ab"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: wfcwXJ4mPt5O6i11mEoQpTmDgLJtaR3D
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eBvVyKHHhZC-gXdsAce1bPOHMsZc7YJdXvlg8AisAxqekn_qebU8zg==
Age: 3906236
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=77fg0a&p=transmit-prod&s=333&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAnY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoidHJhbnNtaXQtcHJvZCIsImluc3RhbmNlMADyTiI3N2ZnMGEiLCJwYWNrZXQiOjAsIm1vZGUiOiJvYnNlcnZlIiwiY29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLkAYCIsInR5cFEA8A9iaWxsaW5nIiwic3RhcnQiOjE2NjI0ODU3NjQ4MjlaAMBkIjotMSwic291cmMyAAIrAGF0dXMiOiJmAEBhc29uZQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpCwHwADY2MjQ4NTc2NDgyOX1dfQ
204 No Content 0 B URL HTTP/1.1 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=77fg0a&p=transmit-prod&s=333&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAnY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoidHJhbnNtaXQtcHJvZCIsImluc3RhbmNlMADyTiI3N2ZnMGEiLCJwYWNrZXQiOjAsIm1vZGUiOiJvYnNlcnZlIiwiY29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLkAYCIsInR5cFEA8A9iaWxsaW5nIiwic3RhcnQiOjE2NjI0ODU3NjQ4MjlaAMBkIjotMSwic291cmMyAAIrAGF0dXMiOiJmAEBhc29uZQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpCwHwADY2MjQ4NTc2NDgyOX1dfQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=0&c=1202&i=77fg0a&p=transmit-prod&s=333&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAnY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoidHJhbnNtaXQtcHJvZCIsImluc3RhbmNlMADyTiI3N2ZnMGEiLCJwYWNrZXQiOjAsIm1vZGUiOiJvYnNlcnZlIiwiY29va2llcyI6e30sImVudmlyb25tZW50Ijoibm9uZSIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLkAYCIsInR5cFEA8A9iaWxsaW5nIiwic3RhcnQiOjE2NjI0ODU3NjQ4MjlaAMBkIjotMSwic291cmMyAAIrAGF0dXMiOiJmAEBhc29uZQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpCwHwADY2MjQ4NTc2NDgyOX1dfQ HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Sep 2022 17:36:10 GMT
Connection: keep-alive
Expires: Tue, 06 Sep 2022 17:36:09 GMT
Cache-Control: no-cache, no-store
nexus.ensighten.com/error/e.gif?msg=can%27t%20access%20property%20%22resolve%22%2C%20Bootstrapper.data%20is%20undefined&lnn=16&fn=http%3A%2F%2Fnexus.ensighten.com%2Fregions%2Ftransmit-prod%2Fcode%2F58d5327b63e00f1c85018253fedac26c.js%3FconditionId0%3D423026&cid=1202&client=regions&publishPath=transmit-prod&rid=-1&did=-1&errorName=TypeError
204 No Content 0 B URL HTTP/1.1 nexus.ensighten.com/error/e.gif?msg=can%27t%20access%20property%20%22resolve%22%2C%20Bootstrapper.data%20is%20undefined&lnn=16&fn=http%3A%2F%2Fnexus.ensighten.com%2Fregions%2Ftransmit-prod%2Fcode%2F58d5327b63e00f1c85018253fedac26c.js%3FconditionId0%3D423026&cid=1202&client=regions&publishPath=transmit-prod&rid=-1&did=-1&errorName=TypeError
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=can%27t%20access%20property%20%22resolve%22%2C%20Bootstrapper.data%20is%20undefined&lnn=16&fn=http%3A%2F%2Fnexus.ensighten.com%2Fregions%2Ftransmit-prod%2Fcode%2F58d5327b63e00f1c85018253fedac26c.js%3FconditionId0%3D423026&cid=1202&client=regions&publishPath=transmit-prod&rid=-1&did=-1&errorName=TypeError HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pidzxxs3.ga/
HTTP/1.1 204 No Content
Content-Length: 0
Connection: keep-alive
Server: CloudFront
Date: Tue, 06 Sep 2022 01:05:17 GMT
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nPSd77QF0f1ZGuUDOvVmeXHdLjugQHhffSV28lDCMhWQuhVNyJ6nKw==
Age: 59453
login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-600-webfont.woff
200 OK 0 B URL HTTP/1.1 login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-600-webfont.woff
IP
GET /Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-600-webfont.woff HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pidzxxs3.ga
Connection: keep-alive
Referer: https://login.regions.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 49503
Date: Tue, 06 Sep 2022 03:51:08 GMT
Cache-Control: max-age= 86400
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e143306586c"
Server: nginx
Content-Type: application/font-woff
Content-Length: 19052
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-regular-webfont.woff
200 OK 0 B URL HTTP/1.1 login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-regular-webfont.woff
IP
GET /Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-regular-webfont.woff HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pidzxxs3.ga
Connection: keep-alive
Referer: https://login.regions.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 49502
Date: Tue, 06 Sep 2022 03:51:07 GMT
Cache-Control: max-age= 86400
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e14330658d4"
Server: nginx
Content-Type: application/font-woff
Content-Length: 19156
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-700-webfont.woff
200 OK 0 B URL HTTP/1.1 login.regions.com/Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-700-webfont.woff
IP
GET /Assets/Styles/Library/RegionsBootstrap/fonts/source-sans-pro-700-webfont.woff HTTP/1.1
Host: login.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pidzxxs3.ga
Connection: keep-alive
Referer: https://login.regions.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 49500
Date: Tue, 06 Sep 2022 03:51:09 GMT
Cache-Control: max-age= 86400
Connection: Keep-Alive
Via: NS-CACHE-12-B
ETag: "1d89e1433065b20"
Server: nginx
Content-Type: application/font-woff
Content-Length: 18720
Last-Modified: Fri, 22 Jul 2022 21:44:20 GMT
Accept-Ranges: bytes
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
142.4.10.233
23.36.76.226
93.184.220.29
63.34.68.24
104.18.32.68