Overview

URLmail.glenarbor.capital/debit/No
IP 216.189.149.35 (United States)
ASN#7489 HostUS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-23 09:37:42 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts No alerts detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-23 04:04:38 UTC 93.184.220.29
cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-09-23 05:06:17 UTC 104.17.24.14
code.jquery.com (2) 634 2012-05-21 17:28:02 UTC 2022-09-23 04:34:38 UTC 69.16.175.10
ajax.aspnetcdn.com (1) 693 2012-05-24 13:35:31 UTC 2022-09-23 02:53:37 UTC 152.199.19.160
img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-23 05:12:48 UTC 104.18.11.207
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.115
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:02:41 UTC 143.204.55.110
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mail.glenarbor.capital (26) 0 2022-03-10 02:52:22 UTC 2022-09-23 04:38:06 UTC 216.189.149.35 Unknown ranking
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 54.70.239.215
r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-22 2 mail.glenarbor.capital/debit/No Idaho Central Credit Union

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 mail.glenarbor.capital/debit/No Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/ Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/modules/column/shortcode/assets/actions.js Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/lib/css/dist/library/google-play-badge.svg Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/lib/css/dist/library/app-store-badge.svg Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/lib/css/dist/library/Alkami.woff2 Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/lib/css/dist/library/KFOmCnqEu92Fr1Mu4mxK.woff2 Phishing
2022-09-23 2 mail.glenarbor.capital/debit/No/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 216.189.149.35
Date UQ / IDS / BL URL IP
2022-09-27 18:39:15 +0000 0 - 0 - 1 thewineschoolshop.com/img-sys/powered_by_cpan (...) 216.189.149.35
2022-09-26 20:25:10 +0000 0 - 0 - 3 nikiblaze.com/ 216.189.149.35
2022-09-26 19:37:37 +0000 0 - 0 - 1 mail.ariquipa.co.uk/mtb1/login.php?country=3d (...) 216.189.149.35
2022-09-26 15:02:48 +0000 0 - 0 - 1 mail.ariquipa.co.uk/MTB1/login.php?country=3D (...) 216.189.149.35
2022-09-26 14:15:29 +0000 0 - 0 - 3 ariquipa.co.uk/ 216.189.149.35


Last 5 reports on ASN: HostUS
Date UQ / IDS / BL URL IP
2023-02-06 20:12:12 +0000 0 - 6 - 0 mtbonlinee.otzo.com/ 45.58.52.202
2023-02-05 10:11:46 +0000 0 - 0 - 1 futurevisioncaptial.com/ 45.58.52.147
2023-02-05 08:41:20 +0000 0 - 1 - 0 nsjew.ml/ 104.128.237.58
2023-02-05 03:47:50 +0000 0 - 0 - 29 evarosealexander.com/ 45.58.56.160
2023-02-04 10:14:54 +0000 0 - 1 - 0 abtsc.com/ 45.58.56.133


Last 5 reports on domain: glenarbor.capital
Date UQ / IDS / BL URL IP
2023-01-09 08:07:21 +0000 0 - 0 - 3 glenarbor.capital/ 162.241.121.32
2022-09-23 10:25:58 +0000 0 - 0 - 9 glenarbor.capital/debit/No 216.189.149.35
2022-09-23 09:37:42 +0000 0 - 0 - 9 mail.glenarbor.capital/debit/No 216.189.149.35
2022-09-23 09:16:01 +0000 0 - 0 - 7 mail.glenarbor.capital/debit/No/indexx.html 216.189.149.35
2022-09-23 07:51:53 +0000 0 - 0 - 1 mail.glenarbor.capital/ 216.189.149.35


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-24 20:13:45 +0000 8 - 0 - 7 congresocai.es/wp-content/iccu.com/verify 82.223.120.189
2023-01-24 17:26:55 +0000 8 - 0 - 2 congresocai.es/wp-content/iccu.com/verify 82.223.120.189
2023-01-24 04:22:00 +0000 7 - 0 - 2 congresocai.es/wp-content/iccu.com/verify 82.223.120.189
2023-01-24 01:09:45 +0000 9 - 0 - 2 congresocai.es/wp-content/iccu.com/verify 82.223.120.189
2023-01-23 23:24:57 +0000 8 - 0 - 0 congresocai.es/wp-content/iccu.com/verify/ 82.223.120.189

JavaScript

Executed Scripts (9)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (48)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EpRqAKV7EbkHV3PxJTPo_0b1-xSys6SQDvgGvK4ZicAOXOFtf6pgkA==
Age: 1404


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20209
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 09:37:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dEKZfKYXnh62I2iQw2kiEmB2_chNSBAZpCXzD27-ouKiRh3-ivEAlA==
age: 18137
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 09:37:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 09:19:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3ndpG0ba6W_ix0x6EoGxrps9vBabkOFWK7k30F2R6uA5jODLvAjy-A==
Age: 2049


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5602
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:37:31 GMT
Last-Modified: Fri, 23 Sep 2022 08:04:09 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /debit/No HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         216.189.149.35
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 23 Sep 2022 09:37:32 GMT
Server: Apache
Location: http://mail.glenarbor.capital/debit/No/
Content-Length: 247
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   247
Md5:    fca7c0d6f0a9d949d150b8cdf7945f98
Sha1:   f7beeb9b6414b1eb68277bc0b02fc065802e0b26
Sha256: 09d05b0b386861b36b001b7f5d24ac7d83acf31ed6b1cb5b0da34fb7ab5899f5

Alerts:
  Blocklists:
    - openphish: Idaho Central Credit Union
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dgXdP8d8+uLNhhvL30ZC9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.70.239.215
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jyjfsH0Lg4Hd4XTdgpLUJuP3ark=

                                        
                                            GET /debit/No/ HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Range: bytes=14237-
If-Range: Fri, 11 Mar 2022 17:00:28 GMT

search
                                         216.189.149.35
HTTP/1.1 206 Partial Content
Content-Type: text/html
                                        
Date: Fri, 23 Sep 2022 09:37:32 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 17:00:28 GMT
Accept-Ranges: bytes
Content-Length: 49505
Content-Range: bytes 14237-63741/63742
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15345), with CRLF line terminators
Size:   49505
Md5:    e5006cfb4bff84590245f07c0620877d
Sha1:   8664e4f8dd30f861f9d8c68084211cc0f4ed4894
Sha256: 9013c2e05f5ba5b647a86778f560acd4260e0c98847603f8d06b6bf76b2c25b0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.glenarbor.capital
Connection: keep-alive
Referer: http://mail.glenarbor.capital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:37:32 GMT
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6969099
expires: Wed, 13 Sep 2023 09:37:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OztZpqm5TyXlp5EqlHn4Bczaka8tG3%2Fo4fxpHzJb%2FoFEabQdVQ760c5u8SnpG76aYyeDqefr9bIW68ogvTSPk4PEMPjQEVpHBeg4VgHjhn7S64j2VriEt2CTNci5uWGQbvNVE1wm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f24d6519edb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20322)
Size:   6458
Md5:    df9fe6d48e380554eb0ec9687bed3246
Sha1:   207263d754220200c1916edfbda262f62223ecf5
Sha256: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4400
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:37:32 GMT
Last-Modified: Fri, 23 Sep 2022 08:24:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /jquery-3.2.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.glenarbor.capital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:37:32 GMT
content-encoding: gzip
content-length: 30125
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663925852.dop026.sk1.t,1663925852.cds013.sk1.hn,1663925852.cds222.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   30125
Md5:    148f8d3ffd9cc02048c5f4d1cc83c407
Sha1:   9f2b89cfd151be6a29b4d43ad64d164fb8471046
Sha256: 4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
                                        
                                            GET /jquery-3.3.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.glenarbor.capital
Connection: keep-alive
Referer: http://mail.glenarbor.capital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:37:32 GMT
content-encoding: gzip
content-length: 24038
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663925852.dop218.sk1.t,1663925852.cds013.sk1.hn,1663925852.cds230.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65247)
Size:   24038
Md5:    0f2e7d37e730fdbb1d8a1e8638529ecb
Sha1:   c21d16978a858baa75be15cb7e799ff000929429
Sha256: cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
                                        
                                            GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.glenarbor.capital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:37:32 GMT
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2641038
expires: Wed, 13 Sep 2023 09:37:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vqFvcggKh161542fMjjDxhSE8ZB1q01%2B%2BkiZ7YKCvPIopbTJ7g6Y7BE69NDIw6XOoNJhstwVs2FrZn9C1X1YOvSGoyamUvqOCBSHIMjaUX%2BRnmXub1eQNfD0Zxwm2wkFgXr77FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f24d6518e00b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4517
Md5:    e40e054c5726f042bad463e3774a2777
Sha1:   5c9413b72837a440b327444104830c35ae3b052c
Sha256: fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
                                        
                                            GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1 
Host: ajax.aspnetcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.glenarbor.capital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         152.199.19.160
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 16927348
cache-control: public,max-age=31536000
date: Fri, 23 Sep 2022 09:37:33 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30394
Md5:    a263be51483c81a54aa8c85104a93e55
Sha1:   555a54a73531c553bd2aede6abc25c128b63312e
Sha256: b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4401
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:37:33 GMT
Last-Modified: Fri, 23 Sep 2022 08:24:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /debit/No/lib/css/dist/library/base.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 1832
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1790)
Size:   1832
Md5:    d2b6fc1fe921f745d3790abc456b1841
Sha1:   210dbd69c0c0ff5040e5aede6f465e604e8ba13c
Sha256: afe099dbea10e1d7859cd31a5f54abdf088c3afe1bb814961095689a1cfdcab2
                                        
                                            GET /debit/No/lib/css/dist/library/iris.shim.mobile.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 611
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (557)
Size:   611
Md5:    2b495c471e337eac5d280f5519c6fc53
Sha1:   285689d6b41833ced6b63a3f82892d2901d4039b
Sha256: 06dee56fb4e2677948bc2f6ce7e20e9900e3c7431843ae3d9c9d975ff03889a7
                                        
                                            GET /debit/No/modules/column/shortcode/assets/actions.js HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 13:48:10 GMT
Accept-Ranges: bytes
Content-Length: 1291
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1291
Md5:    baef84e203e58801d16d5d460360570e
Sha1:   fc4e9a602bdb59fc7056cb6e53686ad6a992774e
Sha256: 8bcecbd1eeb6e999bc9583d1e35c12a74d044dba44ee22e185e138f05ca05414

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /debit/No/lib/css/dist/library/iris-components.shim.mobile.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 865
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (637)
Size:   865
Md5:    d4ebbfcbabe59db68a636bbb719ff7d4
Sha1:   1043b791989cbfa4467a4fa9266179476082b7b9
Sha256: 4c7b591f19c35000858633e0610ae0b2b4db8fbfd71bb1864ea4c9bde1958575
                                        
                                            GET /debit/No/lib/css/dist/library/font-icons.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:32 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 117897
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   117897
Md5:    519d30e7c61190de08b836d9ab1eff99
Sha1:   df2a728b7944c25ad17a77594fe6c2e576572b41
Sha256: a861602a90703087154c0d8a128116b0184bf3e1d9f3285f63c4820f162051d0
                                        
                                            GET /debit/No/lib/css/dist/library/iris.android.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 97729
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   97729
Md5:    5d8ed49993cc583d958521060b9d9937
Sha1:   b377d956778bcfc54979f44ba694135ad0315c44
Sha256: b5d26eda18452e19202f5218866799d5351f0ef7c880cf518c96b964292436f3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10544
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:37:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10544
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 09:37:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 41405
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 41167
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 18277
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.glenarbor.capital
Connection: keep-alive
Referer: http://mail.glenarbor.capital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.11.207
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:37:33 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 08/20/2022 03:07:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 3ad4fce292ec5952af22e1a0fc084991
cdn-cache: HIT
cf-cache-status: HIT
age: 1302
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f24d654a1bb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50395)
Size:   22403
Md5:    938f24a21c31fcc90efc34b9ea8e6101
Sha1:   d710eab65e214f800ed1f8f2b44df3ac3ed32862
Sha256: dce78bbc75ebaff04cb82c5bc745df7dbfc6293b872c49f687466856dcf66a63
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:08:25 GMT
age: 8948
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13000
Md5:    634db5bfe2b27e608c3f3518b0c44ebb
Sha1:   06f5f63e681d711bd68626805c5dd2b902ebf9cf
Sha256: 935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4947
x-amzn-requestid: 2d8325c6-7564-4fab-86ad-75bc44451ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzHtOFNXoAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab987-30ba7b1d6088630236d03486;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:13:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3NJdOO87M_on7FBlPCczqwUtjsq75kEXAxq9CcsiHDvuaUDCYhd9LQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:32 GMT
age: 41401
etag: "944c0453511761e101cb9e50ba8af7545e32e357"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4947
Md5:    d22173527a1bc9b264170aaa07491248
Sha1:   944c0453511761e101cb9e50ba8af7545e32e357
Sha256: c04b0975162a54e0afc5ae4a863f8e8393415d455e8f7ff3fc67a47868e09ec0
                                        
                                            GET /debit/No/lib/css/dist/library/iris-foundation.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 51310
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (50964)
Size:   51310
Md5:    b8c864cda1f61ea4ffc57ba52f038a41
Sha1:   5c8784412d182c24f931531629a9bcf1455e9e76
Sha256: f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
                                        
                                            GET /debit/No/lib/css/dist/library/isotope.1.5.3.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:04 GMT
Accept-Ranges: bytes
Content-Length: 5057
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2884)
Size:   5057
Md5:    b5560502a47ac17af7a14f280d1fb48d
Sha1:   88b8b2e860c4caa88e0d0b60dc8bc0345b8fec25
Sha256: bcf82308a4a42f5785de42dda6584b42785e242cc336bd5d8e937b6e2d0d816e
                                        
                                            GET /debit/No/lib/css/dist/library/Authentication-Isotope.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:04 GMT
Accept-Ranges: bytes
Content-Length: 2306
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2246)
Size:   2306
Md5:    eb1f4362c3c9376996435fa88d50011b
Sha1:   19bcf35a2cd8df458a33aa8bd6eac9e657bb7d40
Sha256: 0e4d1ad359d7116aab9a7c46316d0aca3d732fc81eecde5df7377b7b9c4c181b
                                        
                                            GET /debit/No/lib/css/dist/library/iris-foundation.min-1.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 51310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (50964)
Size:   51310
Md5:    0160c354e11f9e1f2ffcd720f880dc2e
Sha1:   7c3b5681a9483a0f37110476e04375e7e88d8fcc
Sha256: 037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f
                                        
                                            GET /debit/No/lib/css/dist/library/theme.mobile.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:04 GMT
Accept-Ranges: bytes
Content-Length: 110676
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   110676
Md5:    6a5d83aea45b017f728e94272a522b92
Sha1:   0654308df25779e5cc20a2b56dc2dd3dd1352206
Sha256: a9c592c559f77590dcb4bb20cd5ce43329ba969a2635dc9e59bbd67a046cc9f0
                                        
                                            GET /debit/No/modules/column/shortcode/assets/style.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 14:01:14 GMT
Accept-Ranges: bytes
Content-Length: 414
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   414
Md5:    f9653fbeecf34b04791fee59eb3e253b
Sha1:   fcbbad7c6616682a22a9d0de09d715c61cb17722
Sha256: 7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
                                        
                                            GET /debit/No/lib/css/dist/library/iris-components.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 182484
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65309)
Size:   182484
Md5:    662e8bcd210a3ddef5d0a5bd4da9cfd4
Sha1:   90715ef7583d41cc48be76a049523968386e0603
Sha256: 81f7da9e5ed534c6ac7ad9a0c45927f2c3c716cb15b3480aadb9dbe54f4bcb8a
                                        
                                            GET /debit/No/lib/css/dist/library/css.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 1727
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1727
Md5:    363b2929d52f8ad3f958bf2be1abceca
Sha1:   1916e268dd08780e3c503a1acc17d9631dbfed07
Sha256: b8e1da3f5b2cffe37b94533052d546d2da4663f9ee412a98d7b498db13866e56
                                        
                                            GET /debit/No/lib/css/dist/library/jquery-ui.min.css HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 28101
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (26296)
Size:   28101
Md5:    f04105b66cbe2ab8a11a530bb72088fe
Sha1:   560d97610ab7c27da57cf6a89a55a877fe0ff785
Sha256: 83513c38af08dd2a2232b410ae7406edb223c9bd7ed8bf884e24bf09aca0be88
                                        
                                            GET /debit/No/lib/css/dist/library/google-play-badge.svg HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:08 GMT
Accept-Ranges: bytes
Content-Length: 9332
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   9332
Md5:    5e01637f08de80e8c27c414687738968
Sha1:   2d4fe2500bb550dc45c048e78aa62356fb4cbc2c
Sha256: 2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /debit/No/lib/css/dist/library/app-store-badge.svg HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:08 GMT
Accept-Ranges: bytes
Content-Length: 10850
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356), with CRLF line terminators
Size:   10850
Md5:    1b65926236d951b2af57201b275f595b
Sha1:   1ce3e7bf2853a59f0fc9ad064e1fd48260da0f38
Sha256: 86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /debit/No/modules/column/shortcode/assets/loading.gif HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2018 13:03:52 GMT
Accept-Ranges: bytes
Content-Length: 38636
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   38636
Md5:    d10ef01e81faa2c2d812bdf670b4e072
Sha1:   77d09a57b2091fd7665dff763a5eab23e0ff907e
Sha256: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
                                        
                                            GET /debit/No/lib/css/dist/library/MobileLogo.png HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/lib/css/dist/library/Authentication-Isotope.min.css

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:04 GMT
Accept-Ranges: bytes
Content-Length: 6884
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 285 x 132, 8-bit/color RGBA, non-interlaced\012- data
Size:   6884
Md5:    793de00c2e5c94dfe4d879e33f78ef40
Sha1:   1fbca0c5c7261136ba2dcbf11b98c975d442e8f0
Sha256: 2dc417c13f956f7a5f91634d4629bcc1492ac237ba8839f8513227ae02b510d2
                                        
                                            GET /debit/No/lib/css/dist/library/Alkami.woff2 HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/lib/css/dist/library/font-icons.css

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:04 GMT
Accept-Ranges: bytes
Content-Length: 41968
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 41968, version 1.0\012- data
Size:   41968
Md5:    8d282cf189126ee65e485fafccac5e97
Sha1:   e074f487e8e008ba9bd658712455379a867c9e1a
Sha256: 9460128bedffc7c32dfdd79353d72b1f0d0764a514acc2ffb743e37c9b673290

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /debit/No/lib/css/dist/library/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/lib/css/dist/library/css.css

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 23 Sep 2022 09:37:33 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:04 GMT
Accept-Ranges: bytes
Content-Length: 15688
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Size:   15688
Md5:    aa23b7b4bcf2b8f0e876106bb3de69c6
Sha1:   106ac454ba4e503e0a1cd15e1275130918049182
Sha256: cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /debit/No/lib/css/dist/library/android-chrome-192x192.png HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:37:34 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 1384
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size:   1384
Md5:    617c4058b7a5608d8794cfb57c722d5e
Sha1:   f12b2ca683ad372cc2a27a2fb3ab39d86187d2cd
Sha256: 532ab0216976347b86739466a2366f058dacb5a6741aedd9242d0c898841692e
                                        
                                            GET /debit/No/lib/css/dist/library/favicon-16x16.png HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.glenarbor.capital/debit/No/

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 23 Sep 2022 09:37:34 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 16:07:02 GMT
Accept-Ranges: bytes
Content-Length: 342
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   342
Md5:    553313d2cf760cf8c4bec228a2a34ac0
Sha1:   48609c9c8ec7b062dce1ec1b562e38265dc37a42
Sha256: 251892031689419e0abf81a0a9f215501b8db25a697db488386784447467f815
                                        
                                            GET /debit/No/ HTTP/1.1 
Host: mail.glenarbor.capital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         216.189.149.35
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 23 Sep 2022 09:37:32 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 17:00:28 GMT
Accept-Ranges: bytes
Content-Length: 63742
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing